By Amir Delgoshaie, Senior Director, Data Science, C3 AI, Ishaan Gupta, Senior Software Engineer, C3 AI, Dylan Ferris, Lead Software Engineer, C3 AI, Jeff Fischer, Senior Director, Platform Products, C3 AI
Why Enterprise AI Agents Need More Than Tools
Across C3 AI, dozens of teams build agents into our products. They use coding agents like Claude Code, Cursor, and GitHub Copilot, all of which can call external tools through MCP, the Model Context Protocol — the open standard for connecting agents to services like Jira, Confluence, and internal platforms. MCP is the closest thing the industry has to HTTP for AI agents, and it’s been a useful unlock.
But MCP only solves half of the problem.
Tools let an agent take action. They don’t tell it what to do. The valuable work in our codebase isn’t writing a database query — frontier models are perfectly good at that. The valuable work is knowing which queries to run for a given diagnostic, what patterns to look for in the result, and how to interpret what comes back the way our senior engineers would. That kind of expertise — the kind that lives in the heads of senior engineers debugging production, finance teams who know procurement logic, anyone whose job is judgment — lives in skills and instructions, not tools. And MCP has no standard for sharing them, no review process for vetting them, and no way to see how they’re being used. The result: every team building agents starts from scratch. Projects that could share 70% of their tooling and instructions reinvent them independently, and the cost compounds. Not just duplicated work, but adoption that never spreads beyond the teams who built the originals.
The C3 AI MCP Gateway is the layer we built on top of MCP to solve those problems.
Three terms the rest of this post leans on: tools are connectors that let an agent take action — pulling logs, running queries, calling APIs. Skills are bundles of expertise that tell an agent how to use those tools well: which queries to run, what to look for, how to interpret what comes back. Instructions are lighter-weight guidance that shape behavior in a given context. A tool connects your agent to your production logs. A skill teaches it how to debug with them. An instruction reminds it not to delete anything along the way.
Where MCP Falls Short for Enterprises
1. MCP Has No Standard for Skills Discovery
MCP standardizes how agents call tools on a server they’re already connected to, but it stops there. It doesn’t help you discover tools that other teams have built on their servers, and it has no standard for skills at all.
For tools, this means capabilities stay siloed. Your DevOps team publishes a log search tool, your data team publishes a schema validator, and neither team knows the other’s tool exists. For skills, it’s worse: beyond the same discovery problem, different agents expect entirely different formats for instructions and skills, making cross-agent sharing impractical. In both cases, teams build in isolation, effort gets duplicated, and valuable capabilities go unused.
2. No Safety Review for External MCP Servers
The internet is flooded with agent skills, instruction sets, and MCP configurations. GitHub repos, blog posts, and community forums offer thousands of ready-made capabilities, with no clear way to tell which ones have been reviewed or are safe for a specific use case. For enterprises handling sensitive code, customer data, and proprietary systems, connecting an unvetted MCP server or installing an unreviewed skill is a real risk. And internally, when any team can publish a tool, there’s no gate to ensure it meets security and quality standards before others start relying on it.
3. No Observability Across Agent Tool Use
Without visibility into how tools and skills are actually being used, you can’t build a meaningful feedback loop. You don’t know which investments are paying off, where gaps exist, or whether agents are leaking sensitive data. And without that data, you can’t take advantage of your own usage patterns to improve your tools and skills over time.
How the C3 AI MCP Gateway Works
The C3 AI MCP Gateway is a centralized service where teams across the company publish, find, and govern AI agent capabilities. It’s the single source of truth for the tools, prompts, instructions, and skills that any team’s agents draw on.
Here’s how each piece works, with examples from teams building on the C3 Agentic AI Platform.
A Centralized Registry for Agent Tools and Skills
Any team in the organization can publish to a shared registry. The registry holds four resource types: tools, skills, instructions, and prompts (reusable prompt templates curated for specific tasks).
A skill might teach an agent how to build data models following your company’s patterns, debug production issues using your infrastructure, or perform code reviews according to your team’s standards. Once it’s in the registry, anyone in the organization with a matching use case can pick it up.
The platform splits this two ways. A central team curates a set of default skills, instructions, and tools that ship to every agent: the baseline knowledge everyone needs. For our coding agents, that’s the standard patterns and conventions every project follows. Beyond that, any team can publish their own capabilities to the registry. Those aren’t pushed to everyone by default. Users and their agents opt in to what’s relevant. The DevOps team’s production debugging toolkit is there for anyone who needs it, but it doesn’t clutter the workflow of someone who doesn’t.
A team member publishing a new tool through the platform, making it available to connected agents.
Skill Discovery for Humans and AI Agents
For people, there’s a searchable UI. Employees can browse every tool, skill, and instruction published across the organization, see detailed descriptions and usage examples, and add what they need to their agents.
For agents, we provide MCP tools and a CLI. An agent describes what it’s working on, and a semantic search tool — one that matches by intent rather than exact keywords — returns the most relevant skills from across the registry. The agent can then use the CLI to pull whatever it needs and install it automatically in the right format for whichever agent is running, whether the team uses C3 Code, Cursor, GitHub Copilot, Claude Code, or Codex.
In practice: the Production Support team has published diagnostic skills and tools, and the DevOps team has published production log search tools. A new engineer asks their coding agent to debug a production issue. The agent finds those capabilities, pulls the relevant skills, and gets the right context immediately, even though the engineer had no idea they existed.
The discovery UI and an agent using the semantic search tool to find and install skills.
Curating Internal Skills and External MCP Servers
Not everything needs to be built in-house. But everything needs to be vetted.
We maintain a library of curated internal skills built by teams across C3 AI. Each skill has been reviewed for security, tested for effectiveness, and documented for ease of use. When an employee downloads a skill, they know it’s safe to use for their use case.
We also curate pre-approved external MCP servers that meet our security and governance requirements. Employees can connect them to their agents without having to evaluate an open-source MCP server’s safety on their own.
The C3 AI MCP Gateway provides admin interfaces to make all of this configuration seamless. Instead of every employee independently evaluating community resources, we centralize that work, so security reviews happen once and the whole organization gets the benefit.
Browsing the catalog of curated skills and pre-approved external MCP servers.
Observability and Analytics Across All Agent Activity
Because every interaction flows through the platform, administrators can see what’s actually happening:
- Active users: daily, weekly, and monthly across the organization.
- Tool usage: call volumes, trends over time, and popularity rankings for every resource.
- Retention: week-over-week retention, to see whether the gateway is actually getting used after the first try.
- Full trace logging: every tool call, prompt invocation, and skill installation.
- Audit trails: complete history for compliance and incident response.
Administrators get a real picture of what’s working, and we get inputs and outputs from every tool invocation — data that feeds back into optimizing our tools and training our LLMs. This creates a flywheel: teams publish, others discover and use what’s been built, usage data reveals what’s valuable, and the whole system gets smarter.
This is institutional knowledge at scale — captured in shared infrastructure instead of living only in people’s heads.
The analytics dashboard showing usage trends, popular resources, and retention metrics.
The Gateway in One Page
Five things the C3 AI MCP Gateway does:
- Centralized publishing — tools, skills, instructions, and prompts, all in one registry, with curated defaults that ship to every agent and opt-in team contributions on top.
- Discovery for humans and agents — a searchable UI for people, plus MCP tools and a CLI that let agents find and install skills automatically.
- Curated safety — vetted internal skills and pre-approved external MCP servers, so teams aren’t evaluating community resources on their own.
- Full observability — usage analytics, full trace logging, and a feedback loop that improves the tools as more teams use them.
- Cross-agent compatibility — skills work across C3 Code, Cursor, GitHub Copilot, Claude Code, Codex, and any other agent that speaks MCP.
We built the MCP Gateway because we needed it ourselves. C3 AI has dozens of teams building agents into our products, and the protocol alone wasn’t enough to keep that work coordinated, safe, and improving. The gateway is the part that makes MCP work at our scale, and it’s the part most enterprises will end up needing too.
For a closer look at how this plays out in practice, see our previous post: From Prompt to Production: Building Enterprise-Grade Applications with C3 AI’s Agentic Development Stack.
If you’re building agents at scale and running into the same problems we did:
Join the C3 Generative AI Accelerator. Live workshops where you’ll build production-ready AI applications using our agentic development stack. Or contact us to discuss piloting Generative AI at enterprise scale with your own teams.
Amir Delgoshaie is a Senior Director of Data Science at C3 AI, where he leads generative AI foundations for developer productivity, including domain-specific LLMs, MCP infrastructure, and coding agents used to build enterprise applications. He previously worked on core components of the C3 Agentic AI Platform and led the development and deployment of large-scale AI applications across energy, utilities, manufacturing, and supply chain.
Ishaan Gupta is a Senior Software Engineer at C3 AI, specializing in large-scale LLM systems, developer tooling, and Enterprise AI workflows. He leads the development of agentic platforms, evaluation frameworks, and next-generation MCP infrastructure, improving engineering productivity and accelerating AI adoption across the organization. Before joining C3 AI, he was a Software Engineer at Meta, where he worked on large-scale recommendation systems. Ishaan holds dual bachelor’s degrees in computer science and electrical & computer engineering from Carnegie Mellon University.
Dylan Ferris is a Lead Software Engineer at C3 AI, where he builds enterprise applications, developer tools, and product prototypes used across the organization. He has led full-stack development efforts, created internal tooling to streamline engineering workflows, and contributed to product demos and innovation initiatives. He focuses on delivering reliable, user-centric software that supports teams and showcases the capabilities of the C3 Agentic AI Platform.
Jeff Fischer is a Senior Director of Platform Products at C3 AI, where he leads ML product strategy and development. With a Ph.D. in Computer Science from UCLA and deep expertise in applied ML and Generative AI, Jeff focuses on building the platforms and integrations that make enterprise AI accessible and composable — including C3 AI’s work with the Model Context Protocol.
Share your thoughts and tag us on LinkedIn and X.
