The mcpgate blog
Long-form and technical. We write about what we run into building and operating a self-hosted MCP gateway — and the broader shift it sits inside: teams adopting AI agents that actually touch their real tools, not just chat about them.
Posts here are written by the people maintaining mcpgate, not by a marketing team. We name specific products (ours and competitors), publish concrete numbers when we have them, and call our own tradeoffs out. If you spot something off, tell us.
Latest posts
When a tool call takes minutes
Some MCP tool calls genuinely take minutes — a heavy SQL query, a large export, a design-file node dump. Held synchronously they bump into client and proxy timeouts; the work may complete but the answer is lost. mcpgate now speaks the upcoming MCP protocol revision and its Tasks extension: a long call returns a ticket the agent polls instead of holding the connection open. Today's clients are completely unaffected.
Read →The friend who asked for read-only mode
Forty doors out of seventeen thousand: how mcpgate draws the line between writes an AI agent can do alone and writes that need a human first. Eight risk categories, one override level, a queue above the catalog, and the gate the AI cannot self-grant. With the MCP spec, OWASP, and a live action census behind the design.
Read →Best-of-breed vs integrated: when six security tools become one
Best-of-breed security (Okta, Splunk, Netskope, Presidio) assumes a 20-person security-ops team. The math behind that assumption shifted in the last 18 months. Here is what we built instead, what an integrated stack actually collapses, where best-of-breed remains the right call, and the honest trade-off in source-availability (BSL, not OSS) as a security property.
Read →External collaborators without IdP sprawl
An external contractor needs access to one of your tools through Claude for six weeks. The default options — IdP B2B guest, shared account, second gateway — are each wrong in their own way. Here is the third path we built into mcpgate, and the pitfall we shipped, reverted, and learned from.
Read →What flows through, what gets blocked, what gets logged
The compliance surface in mcpgate is four layers stacked on the same audit trail. Audit captures every action. PII sanitization redacts before the LLM sees it. Throughput surfaces the volume so you can see when 50 MB suddenly leaves at 3 am. Policy hooks block before any of that has to fire. Plus the EU AI Act / GDPR / SOC2 / NIST AI RMF mapping for the procurement conversation.
Read →Dynamic action discovery isn't novel. Doing it safely is.
Anthropic shipped Tool Search in November 2025. mcpproxy-go has BM25. Stacklok benchmarks 94% retrieval. The pattern converged across the MCP-gateway market — and the choices that actually matter are retrieval quality, the risk model, and how you roll it out without breaking working setups.
Read →Tooling alone won't make your company AI-native. Here's the other half.
A road trip across Uzbekistan made one thing visceral: individuals shipping software with AI has reached the end of the world. For most mid-market companies, the bottleneck is no longer tooling — it is change management.
Read →MCP explained: How AI agents talk to your company tools
A technical breakdown of the Model Context Protocol — the open standard that lets AI agents connect to Jira, Slack, GitLab, and any enterprise tool through one protocol.
Read →AI coding output is up 59%. Shipping is down 7%. Here's the missing piece.
Everyone knows AI will transform software delivery. Few know how to actually get there. A CTO's perspective on why tool integration — not model capability — is the real bottleneck.
Read →How to connect Claude to Jira, Slack, and GitLab with one MCP endpoint
Connect Claude, ChatGPT, or any AI agent to Jira, Slack, GitLab, Google Workspace and the rest of your daily work stack through a single self-hosted MCP gateway.
Read →Quoted lines from the posts
- “Best-of-breed for security only works at a scale most companies aren’t at. The integrated stack is not better — it is fit for a different operational reality.” — Best-of-breed vs integrated: when six security tools become one
- “When a feature is built around scoped permission, any automation that runs in the direction of ‘remove the scope because the user has another login path now’ is almost always wrong. The scope is the point.” — External collaborators without IdP sprawl
- “The audit log writes byte counts, not payloads, and uses the same pseudonym layer as the LLM. Throughput as DLP and PII risk do not have to trade off against each other.” — What flows through, what gets blocked, what gets logged
- “Stacklok benchmarks 94% retrieval. Anthropic’s first-party Tool Search benchmarks 34% on the same harness. Retrieval quality is the real moat, not the pattern.” — Dynamic action discovery isn’t novel. Doing it safely is.
- “Development activity rose 59% in 2025 while median main-branch throughput fell 7%. The bottleneck moved.” — AI tool integration is the competitive advantage nobody is talking about
- “A fifth of a typical Uzbek monthly salary, recurring, every month, for one tool used by one person.” — Tooling is half the answer. Change management is the other half.
- “Messages, documents, API responses: proxied in memory, never persisted. The source code is public — you can verify every claim yourself.” — How to connect Claude to Jira, Slack, and GitLab through one MCP endpoint
- “MCP reached ubiquity in under 14 months. The Language Server Protocol — the closest comparable standard — took years.” — MCP explained: how AI agents talk to your company tools
Try mcpgate
Want to skip the reading and see what the posts are about in practice? Spin up a self-hosted instance in two minutes, or click through the public demo.