Advanced Topics
1 min read
Packaging Patterns
Pattern | Description |
|---|---|
Research Assistant | Outlook plus Confluence search/read tools. No send, delete, or page-write actions. Good for analysts and product teams. |
Compliance Review | Internal policy and document retrieval. Designed for traceable Q&A without external write paths. |
Advisor Workbench | Market data, CRM read context, and email search. Blocks trading, write, or send tools unless separately approved. |
Engineering Helper | Internal docs, runbooks, and tickets for developer assistants such as Cursor. Avoids production mutation tools by default. |
Operational Guarantees
Guarantee | Detail |
|---|---|
Resilient downstream calls | The hub pools downstream connections per user, bounds tool calls with timeouts, and uses circuit breakers to protect against unhealthy origins. |
Fast change propagation | Administrative changes such as disabling a tool, unpublishing a server, or rotating credentials take effect across the running hub quickly. |
Automatic token refresh | When a downstream credential expires, the hub refreshes it transparently before falling back to a full user re-authentication. |
Required OAuth | Customer-facing virtual servers should require OAuth so every tool call is bound to an authenticated user identity. |
Future Product Capabilities
Capability | Detail |
|---|---|
Unique as an MCP origin | Expose Unique capabilities such as internal search, web search, SWOT analysis, deep research, and sub-agents as tools that can be packaged into any virtual server. |
Tool display and packaging | Configurable tool display names, custom virtual server paths, and the ability to edit a virtual server over its lifetime. |
DLP tiers | A default DLP baseline, the customer's own DLP policy, and the ability to plug in a custom DLP module. |
MCP UI passthrough | Pass rich cards, forms, and interactive components from origin servers to clients that render MCP UI, with a text fallback for clients that do not. |
Recommended Practices
Use stable slugs, keep virtual servers narrow rather than broad, require OAuth for customer-facing servers, and document the owner and intended audience for every virtual server.