Most MCP servers fail for the same handful of reasons. Here are the five that cost the most.
1. Passing files through the protocol
Stuffing a 5MB base64 blob into an MCP call torches your token budget and welds the protocol to your storage.
Pass a reference instead. Send a URL or an ID, and fetch or stream the file server-side.
2. Polling when you could stay synchronous
Naive polling loops add latency, waste calls, and create brittle error paths.
Keep common operations synchronous and return the result in one hop. Reserve async tasks for genuinely long jobs, like a multi-minute batch, and hand back a task handle the agent can check.
3. IDs the agent can guess
Expose id=124 to an agent and you have invited enumeration and leaked your scale.
Use UUIDs for anything agent-facing. Keep the pretty, human-friendly slugs for your own UI.
4. The kitchen-sink server
One giant server that does email and billing and files is a permissions nightmare and a single blast radius.
Build one server per domain, like a Unix tool that does one thing well. Compose them at the orchestrator.
5. Shipping without security
A demo server with no auth becomes a production liability fast.
Bake it in from day one: authentication and authorization per tool, schema validation on every input, rate limits, and structured logs you can actually audit.
The one-line version
| Donโt | Do |
|---|---|
| Pass file blobs | Pass URLs or IDs, fetch server-side |
| Poll for everything | Stay synchronous, async only for long jobs |
| Use sequential IDs | UUIDs for agent-facing identifiers |
| Build one kitchen-sink server | One domain per server, then compose |
| Skip auth and validation | Auth, validation, rate limits, logs from day one |
Design for constraints, not heroics. Keep the protocol light, the tools specific, the IDs opaque, and the security boring. That is how an MCP server survives contact with production.
Building agents that need to touch your real systems? Book a free Gap Assessment and we will design the MCP layer with you.
