MPPDOCS
Contact Us →
OverviewWhy MPP?Getting StartedSecurity & TrustBuild with MPPIntegrate MPPComing from MCPFAQGlossary
Help

Frequently Asked Questions

General

What is MPP?

MPP (Model Package Protocol) is a licensed protocol for packaging, distributing, and securely executing AI agent tools. It ensures that every tool used by an AI agent is verified, sandboxed, and operating only within permissions that a user has explicitly approved.

How is MPP different from MCP?

MCP defines how AI agents and tools communicate. MPP defines how tools are packaged, verified, and safely executed. MPP adds the security and governance layer, signed packages, sandboxed execution, declared permissions, and privacy controls that MCP does not address. See Coming from MCP for a full comparison.

Who is MPP for?

MPP serves three groups: organisations deploying AI agents who need governance and auditability; developers building tools who want a trusted distribution channel; and platform builders who want to offer their users a secure, verified tooling layer.

Is MPP production-ready?

Yes. MPP is production-ready and available under commercial licence. Enterprise deployment is currently in a research and test phase, and we are actively working with selected organisations. Companies are welcome to apply to become part of the test deployment stage. Contact us to discuss your use case.

Is MPP open source?

MPP is a licensed protocol commercialised by Quantum 2x. Certain components are available under open-source licences. The full specification and production runtime are available under commercial licence. Get in touch to discuss terms.

Tools & Permissions

What permissions can a tool request?

A tool can request access to specific file paths, specific external services, specific environment variables, and persistent storage. Every permission is declared in the package before it is published and cannot be changed after signing.

Can a tool access the internet?

Only if it explicitly declares which services it needs to contact, and only after the user approves those declarations. Connections to any undeclared destination are blocked by the runtime.

Can a tool read files on my computer?

Only within paths the tool declares and the user approves. The tool cannot navigate outside its approved scope, regardless of how it is instructed.

Can a tool remember things between uses?

Yes, if the tool declares it needs persistent storage and the user approves it. That storage is scoped to the tool, subject to a size limit, and cleared when the tool is uninstalled.

What happens if a tool asks to do something sensitive?

Tool authors classify their operations by sensitivity. When a sensitive action is triggered, the host application surfaces a confirmation step to the user. The user must explicitly approve it before the action proceeds.

Security

How do I know a tool is genuine?

Every MPP package carries a cryptographic signature from its publisher. The runtime verifies this signature before allowing the package to load. If the package has been modified in any way since it was signed, verification fails and the tool is blocked.

What happens if a package fails verification?

It is rejected entirely. It will not load or execute. The user is informed that the package could not be verified and why.

Can I trust tools from publishers I don't know?

When you install a tool from a new publisher for the first time, the host will ask you to confirm that you trust the publisher. If you confirm, that publisher is added to your trust list. You can revoke this at any time. Tools from publishers you have not approved will not run.

Does MPP protect user data?

MPP includes an optional privacy filtering mechanism. Tool authors can configure their packages to automatically redact personally identifiable information from outputs before they are returned to the AI model. This reduces the risk of sensitive data appearing in model context or logs.

Registry & Distribution

How do I find MPP tools?

MPP tools are published to a signed registry. Depending on your host application, you can browse or search the registry directly. Enterprise customers can also run private registries with curated tool catalogues.

Can I run a private registry?

Yes. Licensed customers can operate their own MPP registry for internal tools. This gives organisations full control over which tools are available to their teams, without depending on the public registry.

How are tool updates handled?

Each published version is immutable. Updates are new versions. Users can choose to update to a new version, which goes through the same verification and approval process as the original install. Publishers can flag old versions as deprecated.

Hosts & Platforms

Which platforms support MPP?

MPP is designed to be host-agnostic. Any platform can integrate the MPP runtime. Current integration work is focused on IDE environments and enterprise agent frameworks. See Integrate MPP for more detail.

How does my platform integrate MPP?

Integration involves embedding the MPP runtime, providing a user interface for permission approval and sensitive-action confirmation, and connecting tool invocations to your agent's communication layer. The runtime handles verification, sandboxing, and enforcement. See the contact page to discuss a host licence.