ARCS/Crosswalks/ARCS / MCP Crosswalk
ARCS / Model Context Protocol (MCP)
Interpretive status
This document provides an informative mapping between the published Model Context Protocol specification and ARCS control themes at the level of protocol boundary, retained artifact status, and lifecycle governance. It does not restate the MCP specification or assess protocol conformance.
Protocol scope
MCP standardizes how hosts, clients, and servers communicate through JSON-RPC messages, negotiate capabilities, and expose resources, prompts, and tools. The specification describes stateful connections, initialization and shutdown behavior, and an OAuth 2.1 authorization framework for HTTP-based transports.
ARCS relevance
ARCS becomes relevant when interaction artifacts created or handled through MCP are retained, exported, logged, replicated, preserved, or published as records subject to custody, deletion, preservation, verification, or disclosure obligations. MCP governs runtime coordination. ARCS governs what happens to the records those runtimes create.
Lifecycle boundary conditions
Resources may expose material that is cached, exported, or logged. Tools generate invocation records and execution traces. Sampling and elicitation generate prompts, approvals, and user-supplied information. Logging creates a distinct observability layer. The governance question is whether MCP-mediated activity remains transient or becomes a retained record surface.
Selected mappings
Table A maps selected MCP protocol surfaces to ARCS control families at a category and theme level. It does not claim one-to-one equivalence between MCP requirements and ARCS controls. MCP is a protocol specification; ARCS is a record-custody and lifecycle-governance standard. The mapping is therefore interpretive and boundary-focused.
| MCP protocol surface | ARCS families | Interpretive note |
|---|---|---|
| Connection lifecycle and session state | ARCS-LIF, ARCS-CUS, ARCS-PV, ARCS-VER | MCP defines initialization, operation, and shutdown behavior. ARCS becomes relevant when session metadata, traces, or state transitions persist as governed records. |
| Capability negotiation | ARCS-OPB, ARCS-CUS, ARCS-VER | Negotiated capabilities may become audit, evidence, or governance artifacts when stored in logs, receipts, or operational records. |
| Resources | ARCS-TAX, ARCS-CUS, ARCS-PUB, ARCS-PV | The issue is not resource access alone, but retained copies, derived artifacts, metadata, and disclosure boundaries once contextual material is cached, logged, or exported. |
| Tools | ARCS-OPB, ARCS-CUS, ARCS-NCR, ARCS-VER | Tool invocations can generate action logs, approval records, outputs, and execution traces requiring lifecycle controls once they become durable artifacts. |
| Prompts | ARCS-TAX, ARCS-CUS, ARCS-PUB, ARCS-PV | Prompt templates and instantiated prompt content may become governed records if stored, synced, reviewed, or disclosed. |
| Sampling | ARCS-OPB, ARCS-CUS, ARCS-PV, ARCS-VER | Server-initiated model interaction can produce approval artifacts, prompts, and outputs with downstream record consequences. |
| Elicitation | ARCS-TAX, ARCS-CUS, ARCS-PUB | Additional user-supplied information can alter both record taxonomy and disclosure posture once persisted. |
| Logging and progress utilities | ARCS-OPB, ARCS-TAX, ARCS-CUS, ARCS-PV | Observability surfaces can become independent record layers distinct from substantive interaction content. |
| Authorization artifacts | ARCS-OPB, ARCS-VER, ARCS-CUS | Tokens, approvals, consent events, and related metadata can generate operational records with preservation and review implications. |
Outside scope
This crosswalk does not assess whether a given MCP implementation is secure, compliant, or operationally appropriate. It addresses a narrower question: when MCP-mediated interactions produce retained artifacts, what record-custody and lifecycle-governance considerations become relevant under ARCS. MCP is not a records-governance standard for retention, preservation, deletion, verification, or compelled-production posture once artifacts persist beyond session scope. The following domains identify ARCS controls relevant to record-lifecycle questions that MCP does not address.
Deletion verifiability for tool and session logs
ARCS-LIF (LIF-12, LIF-13), ARCS-VER (VER-01 to VER-03)
MCP does not govern deletion of tool invocation logs, session traces, or cached resource content after connection shutdown. ARCS requires deletion claims for those artifacts to be verifiable and requires retention that persists beyond session scope to be documented.
Preservation and legal hold for cached resources
ARCS-PV (PV-01 to PV-07)
MCP does not define preservation triggers. When cached resources, tool outputs, or session logs become subject to legal, regulatory, or investigative hold, ARCS governs suspension of deletion and coordinated preservation across host, client, and server infrastructure.
Multi-vendor custody across MCP server boundaries
ARCS-CUS (CUS-01 to CUS-12)
MCP connections may span organizational boundaries when hosts connect to servers operated by different vendors. ARCS requires documentation of possession, control, access, and deletion authority at each custodian in the resulting record chain, including cases where a single session produces records on infrastructure controlled by multiple organizations.
Non-creation claim verification for transient sessions
ARCS-NCR (NCR-01 to NCR-06)
MCP does not specify how claims of non-retention are established after session termination. Where an operator asserts that MCP-mediated interactions do not yield governed records, ARCS requires architectural verification of that assertion, including evidence that session state, tool logs, and cached content were not persisted.
Disclosure posture for tool invocation records
ARCS-PUB (PUB-01 to PUB-06)
MCP tool invocations produce request-response records that may document what was queried, what was returned, and when. ARCS governs disclosure classification, production readiness, and privilege assessment for those records when they persist on reachable infrastructure.