Skip to content
Dashboard

Addressing security and quality issues with MCP tools in AI Agent

Copy link to headingCurrent MCP security issues

Copy link to headingPrompt injection

Copy link to headingUnexpected capability introduction

Copy link to headingCurrent MCP cost and latency issues

Copy link to headingUnneeded context usage

Copy link to headingLow tool-call accuracy

Copy link to headingA new approach: Static tool generation

Copy link to headingHow mcp-to-ai-sdk works

npx mcp-to-ai-sdk https://mcp.grep.app

import { tool } from "ai";
import { type Client } from "@modelcontextprotocol/sdk/client/index.js";
import { z } from "zod";
// Auto-generated wrapper for MCP tool: searchGitHub
// Source: https://mcp.grep.app
export const searchGitHubToolWithClient = (
getClient: () => Promise<Client> | Client,
) =>
tool({
description: "Find real-world code examples from GitHub repositories",
inputSchema: z.object({
query: z.string().describe("Code pattern to search for"),
language: z
.array(z.string())
.optional()
.describe("Programming languages"),
}),
execute: async (args): Promise<string> => {
const client = await getClient();
const result = await client.callTool({
name: "searchGitHub",
arguments: args,
});
// Handle different content types from MCP
if (Array.isArray(result.content)) {
return result.content
.map((item: unknown) =>
typeof item === "string" ? item : JSON.stringify(item),
)
.join("\n");
} else if (typeof result.content === "string") {
return result.content;
} else {
return JSON.stringify(result.content);
}
},
});

Copy link to headingBenefits of vendored AI tools

Copy link to headingGetting started with mcp-to-ai-sdk

import { generateText } from "ai";
import { openai } from "@ai-sdk/openai";
import { mcpGrepTools } from "./mcps/mcp.grep.app"; // Domain-based export name
const result = await generateText({
model: openai("gpt-5"),
tools: mcpGrepTools, // Use all tools from the MCP server
prompt: "Find examples of React hooks usage",
});

Copy link to headingConclusion

Ready to deploy?