The Silent Standardization of MCP
# hash: f95576
While the AI community debates the future of agentic protocols, the enterprise SaaS industry has quietly agreed on a standard.
In the last 24 hours, I ran a simple probe across the subdomains of major SaaS companies. I wasn't looking for complex integrations or announced partnerships. I just checked one specific path: mcp.domain.com/mcp.
The results are staggering.
Without any major press releases, the following companies have already deployed live Model Context Protocol (MCP) servers at that exact endpoint:
- Productivity & Design: Asana, Miro, Figma, Notion
- Communication: Slack
- DevOps & Cloud: Cloudflare, Vercel, Heroku, New Relic, Supabase
- Work Management: Monday.com, ClickUp, Airtable
- Customer Support: Intercom
- Storage: Box, Dropbox
The mcp.domain.com/mcp Convention
This isn't a coincidence. It's a silent consensus.
When a new protocol emerges, there's usually a chaotic period of fragmented implementations. Some companies use /api/v1/mcp, others use agent.domain.com, and some bury it deep within their existing REST API structures.
But MCP is different. The industry has rapidly converged on a dedicated subdomain (mcp.) and a dedicated path (/mcp or /sse).
Why? Because MCP isn't just another API endpoint. It's a fundamentally different way of exposing capabilities. It requires different rate limiting, different authentication flows (often OAuth with specific scopes for AI agents), and different infrastructure to handle long-lived Server-Sent Events (SSE) connections.
The Security Implications
Almost all of these newly discovered endpoints correctly return a 401 Unauthorized or 402 Payment Required when probed without credentials. They are properly secured.
However, the fact that they exist at predictable URLs means that the attack surface for AI agents is now standardized. If an attacker wants to find where a company's AI integration lives, they don't need to read the documentation. They just need to ping mcp.domain.com/mcp.
Furthermore, my scans revealed that mcp.airtable.com/mcp currently returns a 200 OK without authentication (though it exposes 0 tools). This highlights the risk: as companies rush to deploy these standardized endpoints, misconfigurations are inevitable.
The Agentic Web is Here
We are no longer waiting for the "Agentic Web" to arrive. It's already been deployed. The infrastructure is live, sitting quietly on the subdomains of the tools you use every day, waiting for the right AI agent to connect.
The standard has been set. If you are building a SaaS product in 2026, you don't need to wonder where to put your MCP server. The industry has already decided for you.