Need to Define and Govern MCP Servers Not One-to-One
MCP servers that combine multiple APIs into business-oriented capabilities need a standard way to be described and governed.
Take Control Of Your Signals — Become a Naftiko Design Partner Today!
Persona Story:
Laura, the head of AI, needs a standard way to describe MCP servers that combine multiple APIs into business-oriented capabilities, not just one-to-one API wrappers.
Problem Context
- Early MCP guidance was “just add annotations to your API and generate MCP” but this doesn’t solve business problems
- Real MCP use cases require “mashups” of multiple API endpoints orchestrated together
- No standard way to describe these composite MCP servers
Problem Impact
- Teams build MCP servers without consistent documentation or governance
- No way to apply security and compliance review to composite MCP capabilities
- “Wild west” of MCP development creates risk as adoption scales
Naftiko Today
- Executable YAML capability specs are purpose-built for defining composite MCP servers that combine multiple APIs — this is exactly the spec format the problem calls for
- Multi-source consumption with unique namespaces lets a single capability spec explicitly declare and govern multiple upstream API dependencies
- Multi-step orchestration with cross-step data mapping documents how APIs are composed into business-oriented capabilities, making the “mashup” logic reviewable and governable
- JSON Schema validation and Spectral ruleset (15 rules) enforce consistent structure and quality across all capability definitions, providing the governance layer MCP servers currently lack
Naftiko Tomorrow
- MCP auth support (Second Alpha) will bring security governance to composite MCP servers with standardized authentication handling
- Tool annotations for readOnly/destructive/idempotent (Second Alpha) will add behavioral governance metadata that compliance teams can review before deployment
- JSON Schema Store publication (GA) will formalize the Naftiko spec as a recognized standard for describing composite MCP capabilities
- Naftiko Shipyard MVP (Fleet Second Alpha) will provide a governed registry where composite MCP capabilities are cataloged, versioned, and reviewed