Two enterprise acquisitions in 90 days upgraded MCP supply chain risk from "emerging" to institutionally confirmed — but mid-session server mutation remains an unmitigated gap.

source-reviewed Feb 25, 2026

PHASE · CONFIGURE PERMISSIONS

1 finding

WHAT TO DO

MCP write tools gated on Authorization header are Claude Code-only — other clients silently fail

The delta

MCP Streamable HTTP spec doesn't mandate Authorization header passthrough, so MCP servers gating write tools on Bearer tokens work only from Claude Code — VS Code Copilot silently drops them with no client diagnostic.

empirical Apr 22, 2026

PHASE · WIRE THE AGENT

1 finding

WHAT TO DO

playwright-mcp works in local testing and silently destroys sessions in cloud deployment

The delta

playwright-mcp sessions are destroyed on every HTTP transport call in containerized environments — teams testing locally via Claude Code see reliable multi-step workflows, then cloud deployment silently resets browser state on every call.

source-verified Apr 19, 2026

PHASE · RUN IN PRODUCTION

1 finding

WHAT TO DO

Deploying your MCP server stateless will silently break sampling and elicitation

The delta

Stateless HTTP mode silently disables sampling and elicitation — a protocol-level constraint, not a library bug, with no spec fix before June 2026.

independently confirmed Feb 24, 2026

FOR AGENTS · ASK BEFORE YOU WIRE

Your agent can pull this hub's findings as structured JSON.

Same content, machine-shaped. Wire your agent to query Theory Delta before it picks an MCP server, gateway, or framework — not after.

$ td query

td query "what breaks when wiring an MCP server into production?"

→ 5 findings · 4 phases · last updated 2026-04-22

→ stream as Theory Delta MCP tool: list_findings(task="mcp-setup")