What is MCP Tool Sprawl?
The uncontrolled proliferation of MCP tools across an organisation, where agents accumulate access to hundreds of tools without centralised inventory, classification, or policy controls.
WHY IT MATTERS
A single MCP server can expose dozens of tools. An enterprise agent connecting to ten servers might have access to 500+ tools with no centralised visibility into what they do or how risky they are.
Tool sprawl is the MCP equivalent of API sprawl — ungoverned growth that creates security blind spots, compliance gaps, and operational complexity.
HOW POLICYLAYER USES THIS
PolicyLayer's catalogue provides centralised inventory and classification for 18,000+ tools. PolicyLayer provides the enforcement layer to govern which tools each agent can actually use.
IN THE CATALOGUE
Measured across 4,526 MCP servers (91,856 tools): connecting a server loads its full tool definitions into the context window on every request.
| Server | Tool definitions | Tokens per request |
|---|---|---|
| GitHub | 86 | 14,406 |
| Linear | 66 | 7,149 |
| Supabase | 29 | 2,561 |
| Filesystem | 14 | 1,642 |