Harden

Make it bulletproof

Connecting Your AI

Integrations, webhooks, and making your AI product talk to the rest of the world via MCP.

Builder's checkYour AI is more useful when it works with the tools people already live in instead of asking them to come to you. I've built MCP servers, so a hard-won piece of advice: the protocol is the easy part. The real work is deciding WHAT to expose and being disciplined about it, because every tool you hand a model is a new way for things to go sideways. Start with the smallest useful surface. Connect to one real workflow your users already have, prove it earns its place, then expand. A model with three reliable tools beats one with twenty flaky ones.

The Model Context Protocol (MCP) is an open standard created by Anthropic that lets AI assistants connect to external data sources and tools. Think of it as a universal adapter: instead of building custom integrations for every AI client, you build one MCP server and it works with Claude, Cursor, and any other MCP-compatible client.

Three primitives

MCP has three concepts that cover everything:

Resources. Read-only data the AI can access. Database records, file contents, API responses. The AI can look at these but not change them.
Tools. Actions the AI can take. CRUD operations, sending messages, triggering workflows. These change state, so they need careful scoping.
Prompts. Reusable prompt templates that can be parameterized. Useful for standardizing common interactions like code reviews or data analysis.

Building an MCP server

The SDK is available in TypeScript and Python. The pattern is straightforward: create a server, register handlers for listing and reading resources, listing and calling tools, then connect via stdio (for local) or SSE (for remote). The protocol uses JSON-RPC 2.0 under the hood, but the SDK abstracts that away.

Start with the simplest useful thing. If your product has a database, build an MCP server that exposes read-only access to the data your users care about. That single integration lets Claude answer questions about their data directly. Prove that's valuable before you add write operations.

Security for MCP

Every tool you expose to a model is a new attack surface. The principles from the Security section apply double here:

Least privilege. Don't build a generic "execute SQL" tool. Build specific, scoped tools: "get user orders," "search products." The model should only be able to do things you've explicitly decided are safe.
Input validation. The model generates the arguments for your tools. Validate everything. Never trust data from the AI.
Rate limiting. A model in an agent loop can call your tools hundreds of times. Limit it.
Audit logging. Log every tool call. You need to see what the AI did and why.

Real-world use cases

Internal knowledge base. Connect Claude to your company wiki, docs, and Slack history.
Database assistant. Query production data safely with read-only access.
Customer support. Give the AI access to CRM data, order history, and support tickets.
DevOps. Check logs, view deployments, manage infrastructure through natural language.

This is the last section of the guide. If you've read this far, you have everything you need: validation, shipping, growth, and the technical depth to level up when your product demands it. But knowledge isn't the goal. Shipping is. If you haven't already, go back to Before You Build and make sure you're building something someone wants. Then get it live. Everything else follows from that.

Want the full technical deep dive? I built the AI Engineering Masterclass as a learning resource for myself while studying AI engineering. It's rougher than what's on this site, but it goes deeper: 18 interactive chapters with quizzes, flashcards, code examples, a glossary, and interview prep. Everything in this playbook was distilled from it. If you want the unfiltered version with all the technical detail, it's there and it's free.

What to do next

You have the playbook. Now pick the one thing that matches where you are right now.

Haven't validated yet? Go back to Before You Build and do the hard part first.
Ready to ship? Run the numbers with the Cost Calculator and the Readiness Assessment before you commit.
Want reusable prompts? Grab the copy-paste skills for validation, shipping, outreach, and more.
Want to go deeper on the craft? The AI Engineering Masterclass has 18 chapters with everything I distilled this playbook from.
Want to talk through your specific situation? Book a free 30-minute call.

Local & Edge AI

All stages