Skip to main content

MCP Integration

AI agents are only as smart as the tools they have access to. While the A2A (Agent-to-Agent) Protocol handles how our agents talk to each other, the Model Context Protocol (MCP) handles how our agents talk to your infrastructure.

MCP acts as the secure, standardized bridge between our sub-agents and your external tools like Terraform, Helm, and ArgoCD.

How It Fits Together​

To understand MCP, you have to look at the whole stack.

The Supervisor Agent orchestrates the high-level plan. It hands a specific task down to a specialized sub-agent. But that sub-agent doesn't blindly run shell scripts. Instead, it connects to an MCP Server which exposes specific, secure tools for it to use.

The simple rule of thumb: A2A connects agents to agents. MCP connects agents to tools.

Security First: Task-Scoped Tokens​

Giving an AI agent raw API keys to your production AWS account is terrifying. That's why TalkOps doesn't do it.

When a sub-agent needs to run a Terraform plan, it doesn't hold long-lived credentials. Instead, the MCP Server issues an ephemeral, task-scoped token.

This token is heavily restricted. It is only valid for the exact specific tool required, it enforces the constraints of the active task, and it expires entirely within 30 minutes. Even if an agent goes rogue or suffers a prompt-injection attack, the token physically limits the blast radius to the exact resources it was explicitly authorized to touch.

Expanding the Ecosystem​

The beauty of standardizing on MCP is that it makes extending TalkOps incredibly easy. You can build your own custom MCP server for your internal, proprietary tools.

Once your custom MCP server exposes its tool schemas, TalkOps sub-agents can immediately discover them, learn how to use them, and securely request permission to execute them—all without writing new integration code.