--- name: tai-ch111-testing-mcp-integrations description: 'Apply chapter 111 of Testing AI, Testing MCP Integrations, as a workflow for evaluating AI and non-deterministic systems. Use for test planning, eval design, quality review, release evidence, examples, or coaching related to testing mcp integrations.' --- # Testing MCP Integrations Skill name: `tai-ch111-testing-mcp-integrations` Based on **Testing AI: Engineering Confidence in AI Systems** by **Jason Arbon**. ## Purpose MCP turns tools, files, and services into model-accessible capabilities. That makes it a quality and security boundary. ## Use This Workflow - Identify the AI behavior or release decision being evaluated. - Define realistic cases, slices, unacceptable outcomes, and evidence needed for confidence. - Choose measurements that match the risk: rubric scores, samples, intervals, traces, human review, deterministic checks, or production monitors. - Report uncertainty, severe failures, and decision impact instead of only a pass/fail result. ## Key Guidance The Model Context Protocol, or MCP, gives AI systems a standardized way to discover and use tools, resources, prompts, files, and services. That is powerful because it lets LLM-powered products connect to real work. It is risky for the same reason. When a model can call a tool, read a resource, or pass data into an external system, the test surface expands. The quality question is no longer only whether the model wrote a good answer. It is whether the model discovered the right capability, passed valid arguments, respected permissions, handled errors, protected data, and produced a useful result. ## Apply The Approach Create representative cases, score them with explicit criteria, review severe failures separately, report uncertainty, and connect the evidence to a concrete decision. ## Expert Notes At expert level, MCP testing combines API contract tests, authorization tests, prompt-injection tests, trace validation, schema fuzzing, tool-selection evals, and production monitoring. The MCP layer should be boring, observable, and constrained.