Skip to content
Agent Archaeology
Back To Knowledge Base

Tool Surface

MCP Tool Surfaces

How MCP servers expose capabilities to agents and where investigators may look for evidence.

Model Context Protocol servers can expose filesystems, APIs, browsers, databases, ticketing systems, repositories, and internal services to an agentic client.

Evidence To Preserve

  • Client configuration showing enabled MCP servers
  • Server configuration and startup arguments
  • Tool inventory, if safely available
  • Tool call records and tool results
  • Downstream audit logs in systems touched by the server

Investigation Questions

  • Which server exposed the tool?
  • What authority did the server have?
  • Was the tool call requested, allowed, blocked, or completed?
  • What downstream system records confirm or contradict the client trace?

What This Can Prove

  • A configured server or tool surface existed.
  • A preserved record shows a specific tool call or result.
  • A trust boundary was crossed between client, server, and downstream system.

What This Cannot Prove Alone

  • That every server-side action was logged by the client.
  • That the tool result fully reflects downstream side effects.
  • That a tool was safe because it had a harmless name.