// GLOSSARY -- MCP & TOOL INFRASTRUCTURE

What is an MCP Fleet?

2 min read Updated

An MCP fleet is the complete set of MCP servers, clients and associated credentials in use across an organisation — every server developers have configured, every host application connecting to them, and every token or key those connections carry. It is the unit at which MCP inventory, policy and governance operate.

WHY IT MATTERS

MCP adoption rarely happens through procurement. A developer adds a server to their MCP configuration to solve today's problem; a teammate copies the config; an agent framework ships with defaults. Multiply by every engineer and every host — Claude Code, Cursor, IDE plugins, CI agents — and the organisation is soon running dozens of servers nobody chose deliberately. Fleets sprawl because adding a server is a one-line config edit with no central registration step.

Sprawl has concrete costs. Each server in the fleet is executable code with credentials: API keys in env blocks, OAuth grants to SaaS systems, database connection strings. Unowned entries become shadow MCP — servers security teams don't know exist. Overlapping servers create tool sprawl, where hundreds of tool definitions burn context tokens and confuse models. And when a popular server ships a compromised release, the first incident-response question — who is running it? — is unanswerable without an inventory.

Treating MCP usage as a fleet means applying the disciplines used for device or service fleets:

  • Inventory — a live register of which servers, versions and tools are in use, and by whom.
  • Identity and credentials — per-person scoped access instead of shared keys scattered across laptops.
  • Policy — uniform rules over what tools may be called, enforced centrally rather than per machine.
  • Audit — one record of every tool call across the estate.

See mcp fleet working in your own stack — route your MCP servers through PolicyLayer and every tool call is checked against policy before it runs.

GOVERN YOUR MCP SERVERS →

Enforced before the call runs. Nothing to install.

HOW POLICYLAYER USES THIS

PolicyLayer is a control plane for MCP fleets: teams register their upstream servers once, issue per-person scoped tokens, and route all clients through the gateway. That turns an unobservable scatter of local configs into a managed fleet with an inventory, deterministic per-call policy, and a complete audit trail.

Browse the MCP server catalogue →

IN THE CATALOGUE

PolicyLayer continuously scans the MCP ecosystem and classifies every tool it finds by risk category.

43,000+ MCP servers known to the catalogue
220,000+ tools scanned and risk-classified
9,300+ servers with published scan reports

Browse the MCP server catalogue →

FREQUENTLY ASKED QUESTIONS

Why do MCP fleets sprawl?
Adding a server is a one-line local config change with no registration step, so adoption happens developer by developer. Without a central chokepoint, the organisation accumulates servers and credentials nobody tracks.
What belongs in an MCP fleet inventory?
Every MCP server in use (with version and source), the hosts and people connecting to each, the tools each server exposes, and the credentials or tokens each connection carries.
How is an MCP fleet different from an agent fleet?
An agent fleet is the set of AI agents an organisation runs; the MCP fleet is the tool-and-server infrastructure those agents connect to. They overlap but are governed at different layers.

FURTHER READING

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

GOVERN YOUR MCP SERVERS →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.