MCP Work for W3C Review: Three Complementary Documents from Paola Di Maio on 2026-01-30 (public-webagents@w3.org from January 2026)

From: Paola Di Maio <paola.dimaio@gmail.com>
Date: Sat, 31 Jan 2026 01:20:52 +0800
To: Autonomous Agents on the Web Community Group <public-webagents@w3.org>, W3C AIKR CG <public-aikr@w3.org>
Message-ID: <CAMXe=SrNt07BFD8ZtgFWvYszh7r_jEDaUgn5hEkTrMpRTBNQ2g@mail.gmail.com>
Dear Colleagues,
*Please let me know if something below is missing or unclear!  And feel
free to share with other CG*

Following several related recent meetings, I am sharing here some notes
that I hope can help to clarify how existing agentic standards can be
mapped to each other, using MCP as a reference point, considering it is
currently the standard of reference.

I am requesting that CG members review this work and I will be online at
the next meeting for presentation, feel free to share with WebAICG and any
other community this work may be relevant to

I wanted to clarify the work we've completed  on MCP and share three
complementary documents for your review. These address different but
related needs in the MCP ecosystem: It would be awesome to have a web
standards for MCP and start a collaboration with Anthropic the AAIF and
whosever  may be concerned


------------------------------
1. MCP Server Validator - Requirements Specification

*Purpose*: Technical requirements for building a validation tool
*What it does*: Defines requirements for a tool that TESTS/CHECKS MCP
servers for protocol compliance and security
*Status*: Working draft (already shared:
https://github.com/Starborn/MCP-Server-Generator/blob/main/MCP_Server_Validator_Requirements_v1.0.docx-1.pdf
)
*Analogy*: Blueprint for building a car safety inspector

*Key Content*:

   - Protocol conformance validation (JSON-RPC, message schemas)
   - Security pattern detection (hardcoded credentials, dangerous functions)
   - Tool naming convention enforcement
   - Test case taxonomy
   - CLI interface specifications

*Audience*: Developers building validation tooling
------------------------------
2. MCP Model Card Specification v1.0 (NEW)

*Purpose*: Documentation standard for describing MCP servers
*What it does*: Defines what information should be included when
documenting an MCP server
*Status*: Draft for community review (attached)
*Analogy*: Template for creating a product datasheet

*Key Content*:

   - Server metadata schema (name, version, protocol version, license)
   - Tool documentation requirements (all 8 tools with input/output schemas)
   - Operational characteristics (performance, rate limits, limitations)
   - Security profile (authentication, data handling, known vulnerabilities)
   - Deployment context (use cases, requirements, integration examples)
   - Evaluation results section

*Audience*: MCP server developers documenting their implementations
------------------------------
3. GitHub MCP Server - Example Model Card (NEW)

*Purpose*: Reference implementation showing what a complete model card
looks like
*What it does*: Demonstrates the Model Card specification in practice
*Status*: Reference example (see artifact:
https://claude.ai/public/artifacts/15b7de68-4f20-46f2-b08d-2c53bd5d52d0)
*Format*: Human-readable Markdown

*Key Content*:

   - Complete documentation of a hypothetical GitHub MCP server
   - 8 documented tools including one destructive operation (clearly marked
   ⚠️)
   - Security considerations and best practices
   - Known limitations and out-of-scope scenarios
   - Deployment instructions and integration examples

*Audience*: Anyone wanting to see what a real model card looks like
------------------------------
How These Documents Relate

Think of it this way:

*Official MCP Specification* (from modelcontextprotocol.info) ↓ Defines HOW
to build MCP servers/clients

*MCP Server Validator* (Document #1) ↓ Tests WHETHER servers follow the
specification correctly

*MCP Model Card Specification* (Document #2) ↓ Defines HOW TO DOCUMENT what
a server does

*Example Model Card* (Document #3) ↓ Shows WHAT good documentation looks
like
------------------------------
Why Model Cards Matter for W3C

Currently, the MCP ecosystem has: ✅ Protocol specification (how servers
work) ✅ Validation requirements (how to test servers) ❌ No standardized
documentation format (how to describe servers)

Model cards fill this gap by providing:

   - *Transparency*: Clear documentation of capabilities and limitations
   - *Trust*: Security profiles and known vulnerabilities disclosed upfront
   - *Interoperability*: Standardized metadata enables automated discovery
   - *Accountability*: Documented intended use and out-of-scope scenarios

This aligns with W3C's mission of developing open standards for AI
transparency and responsible deployment.
------------------------------
Proposed Next Steps

   1. *Community Review* (2-4 weeks): Gather feedback on MCP Model Card
   Specification
   2. *Refinement*: Incorporate community input and real-world testing
   3. *Reference Implementations*: Create model cards for existing MCP
   servers
   4. *Standardization Path*: Consider positioning as W3C Community Group
   Note

------------------------------
Documents for Review

*MCP Model Card Specification v1.0* (attached)

   - Full RFC-style specification
   - JSON Schema definition
   - Implementation guidelines
   - References to W3C standards

*Example Model Card* (public artifact)

   - Human-readable Markdown format
   - Complete GitHub MCP server documentation
   - https://claude.ai/public/artifacts/15b7de68-4f20-46f2-b08d-2c53bd5d52d0

*MCP Server Validator Requirements* (already published)

   -
   https://github.com/Starborn/MCP-Server-Generator/blob/main/MCP_Server_Validator_Requirements_v1.0.docx-1.pdf

------------------------------
Request for Feedback

I welcome your thoughts on:

   1. The overall approach to MCP server documentation
   2. Required vs. optional fields in the model card schema
   3. Security documentation requirements
   4. Integration with existing W3C standards
   5. Path toward standardization

Please feel free to comment on the documents or reach out directly. I'm
happy to present this work in more detail at our next meeting if there's
interest.
------------------------------

Best regards, Paola Di Maio Chair, W3C AI Knowledge Representation
Community Group Research Lead, Center for Systems, Knowledge Representation
and Neuroscience Ronin Institute
------------------------------
Quick Reference

*What's a Model Card?* A standardized documentation format that describes
an AI system's capabilities, limitations, security characteristics, and
intended use - adapted here for MCP servers.

*Inspired by:*

   - Mitchell et al. (2019) "Model Cards for Model Reporting"
   - Hugging Face Model Card schema
   - OpenAPI/Swagger documentation patterns

*Key Innovation:* Applies established model card practices to protocol
documentation, creating machine-readable metadata for the MCP ecosystem.
------------------------------

links

   - MCP_Model_Card_Specification_v1.0.md
   - https://claude.ai/chat/8b25ad92-1093-448a-9de6-3197e06316d5
   - JSO
   https://claude.ai/public/artifacts/42d15aa4-36c1-4bbf-9012-01d68d690c5e



   - github-mcp-model-card-READABLE.md (example)

------------------------------

Redacted by Claude with love 💙  without whose help this work could not be
possible, Grateful acknowledgement to Anthorpic
Received on Friday, 30 January 2026 17:21:36 UTC