← All writing

LLM, agent, MCP — what they actually mean

Three terms get thrown around in every AI conversation as if everyone already agrees what they mean: LLM, agent, and MCP. They're related, but they are not the same thing — and conflating them is how teams end up buying the wrong thing, or green-lighting a system whose risks nobody actually scoped.

Here's the plain-English version, and why the distinction matters the moment you move from a demo to something you have to run in production.

Your question goes to an agent, which contains the LLM; the agent reaches your systems — CRM, database, email and tools — through MCP, the universal adapter.
The brain (LLM), the brain with hands (agent), and the universal adapter (MCP) — and where your systems sit.

LLM — the brain

A Large Language Model is the core engine. At heart it does one thing, astonishingly well: given some text, it predicts the next token, over and over, to produce fluent, coherent output. That single capability is enough to summarize, draft, translate, classify, and reason across a surprising range of problems.

But notice what it can't do. On its own, an LLM has no memory of your systems, no ability to look anything up, and no way to act in the world. It reasons and it writes — and then it stops. It just talks. Every product you've seen that "does something" with an LLM has wrapped that raw prediction engine in a lot of additional machinery. The model is one box on the diagram, not the whole diagram.

Agent — the brain with hands

An agent is an LLM given a goal and the ability to take actions toward it: look something up, call another system, run a query, send a message, file a record. The model decides what to do next; an agent framework carries out those decisions, feeds the results back, and lets the model decide the step after that — a loop that continues until the goal is met.

That loop is where the power comes from, and also where the risk moves. A question answered wrong is something you can catch on screen. An action taken wrong has already happened — the record was updated, the message was sent. So the interesting design decisions in an agent aren't really about the model at all. They're about scope: what is it allowed to do, how much can it do without a human in the loop, and where are the checkpoints for anything consequential.

MCP — the universal adapter

Model Context Protocol is a standard way to connect an AI to your data and tools. Without a standard, every integration is bespoke: this model wired to that CRM, a different custom connector for the ticketing system, another for the data warehouse — each one built and maintained by hand.

MCP gives them a common language to talk through. The usual analogy is USB: before it, every device needed its own port and cable; after it, you plug in once and connect to many. MCP plays the same role for AI — expose a system through it once, and any MCP-aware model or agent can reach it through the same interface. That matters for governance as much as for convenience: a single, consistent surface is far easier to secure, permission, and audit than a sprawl of one-off integrations.

The shorthand

  • LLM thinks and writes.
  • Agent thinks, then acts.
  • MCP is how it safely reaches your systems.

What to ask before you buy "an AI agent"

Once you can tell these three apart, vendor pitches get a lot easier to evaluate. When someone offers you "an AI agent," the model is the least interesting part of the answer. The questions that actually decide whether it's safe to run are:

  • What is it allowed to do — and on whose authority does it act?
  • What can it reach — which systems and data, and is every action logged and attributable?
  • Where's the human checkpoint for anything consequential or irreversible?

That's where the real design lives — and where the real risk lives too. In a regulated or production setting, "the model gave a good answer in the demo" is the easy part; proving who asked, controlling what it could touch, and keeping the whole thing auditable is the part that decides whether it ships.

None of this requires the jargon. Keep the three straight — the brain, the brain with hands, the universal adapter — and you'll buy, build, and govern AI systems with a lot more clarity about what you're actually getting.

Planning something where these distinctions matter — scoping an agent, or deciding what it should be allowed to touch? Book a Strategy Call or connect on LinkedIn.