The USB Moment for AI: Understanding Agent Protocols

AI Fund recently hosted a technical webinar exploring three emerging AI infrastructure protocols that are becoming the “USB connectors” of agentic systems. Moderated by Rishabh Singal (Senior Associate Builder at AI Fund) and featuring Carlos Alzate (CTO at AI Fund) and Lawrence Moroney (Director of AI at Arm and Fellow at AI Fund), the session unpacked MCP, A2A, and ACP—the foundational protocols enabling AI agents to communicate effectively.

The Evolution from Function Calling to Standardized Protocols

The journey to agent protocols began with LLMs’ function calling capabilities—the ability for language models to interact with external tools. As Carlos explained, this advancement allowed LLMs to move beyond text generation to become useful systems that could interact with databases, APIs, and other applications.

Lawrence emphasized the concept of “artificial understanding”—LLMs can comprehend human intent and translate it into actionable commands. Early agent workflows involved chaining multiple LLM interactions together, but the industry quickly realized the need for standardized communication methods between agents and external systems.

The Three Protocol Pillars

Model Context Protocol (MCP)

Developer: Anthropic (November 2024)
Purpose: Connects AI models to external tools, APIs, and data sources
Adoption: OpenAI, Google DeepMind, Microsoft Copilot Studio

MCP serves as the foundational protocol—the first step in any LLM application requiring external tool integration. It enables natural language interfaces to complex systems, dramatically reducing the cognitive load on developers and end users.

Agent-to-Agent Protocol (A2A)

Developer: Google (April 2025)
Purpose: Standardizes communication between AI agents
Key feature: Agent discovery through JSON-based “agent cards”

A2A enables peer-to-peer collaboration between specialized agents, allowing automatic discovery of new agents and their capabilities within a network.

Agent Communication Protocol (ACP)

Developer: IBM
Purpose: Similar to A2A but optimized for lightweight, embedded systems
Advantage: Designed for constrained environments like mobile devices and robots

When to Use Each Protocol

The decision framework is straightforward:

• MCP: Essential for any application where LLMs need to interact with external tools or data sources
• A2A/ACP: Required when designing multi-agent systems with specialized, atomic agents that need to communicate

As Lawrence noted, the best practice is building agents as atomic, single-purpose units rather than monolithic systems that attempt to handle multiple complex tasks.

Security Considerations

The experts highlighted critical security challenges inherent in agent protocols:

Key Vulnerabilities

• Prompt injection: Malicious instructions embedded in tool responses
• Tool poisoning: Compromised external tools feeding bad data to agents
• Context leakage: Sensitive information exposed through inter-agent communication
• Session hygiene: Improper handling of conversational context and memory

Mitigation Strategies

• Whitelisting trusted MCP servers and tools
• Implementing strict tool scoping and sandboxing
• Authentication and secure token management
• Regular context clearing and compression
• Parameter sanitization (similar to SQL injection prevention)

Performance and Design Best Practices

Both speakers emphasized thoughtful system design over enthusiastic adoption:

When NOT to Use Agent Protocols

• Simple tasks better solved with traditional programming (Lawrence’s regex vs. LLM example for screenplay parsing)
• Single-tool integrations with existing APIs
• Performance-critical applications where latency matters more than natural language interfaces

Performance Optimization

• Choose ACP for embedded/constrained environments
• Design atomic agents rather than complex multi-purpose ones
• Consider token costs and latency in multi-agent workflows
• Balance security measures with performance requirements

Real-World Applications

The session highlighted practical implementations across AI Fund’s portfolio:

Successful Use Cases

• Sales enablement: Automated prospect research gathering LinkedIn data, company information, and CRM details to prepare sales teams in minutes instead of hours
• Multi-service integrations: Startups connecting to 3+ external services (databases, Gmail, APIs) using MCP
• Creative workflows: Video generation pipelines breaking screenplays into atomic rendering units

Common Mistakes

• Over-engineering simple problems with agent protocols
• Jumping to buzzword solutions without evaluating alternatives
• Designing monolithic agents instead of specialized, composable ones

Key Takeaways for Founders

• Start with MCP: Most AI applications will need external tool integration—MCP provides the standardized foundation
• Design atomically: Build specialized agents for single tasks, then orchestrate them rather than creating complex multi-purpose agents
• Security first: Assume malicious actors exist and implement proper authentication, sandboxing, and context management
• Evaluate carefully: Not every problem needs an agentic solution—sometimes traditional code is faster, cheaper, and more reliable
• Leverage open source: Major companies (Google, IBM, Anthropic) are contributing these protocols as open source—benefit from their enterprise-grade engineering

The Road Ahead

These protocols represent the early infrastructure layer of the agentic AI ecosystem. As Lawrence noted, we’re witnessing the emergence of an “enterprise service bus” for AI—standardized interfaces that enable complex AI workflows without custom integration code.

For founders building AI applications, understanding and adopting these protocols early provides a competitive advantage in development speed, system reliability, and future scalability. The key is thoughtful implementation that balances the power of artificial understan