Open Agentic Protocols: A Deeper Dive

Why Agentic Systems Are Likely to Take Hold

In my view, agentic approaches will start to be adopted more widely because of three core drivers:

• Task Specialisation: Specialist agents can focus on smaller, well-defined tasks reducing system complexity and improving reliability.
• Seamless Data Access (MCP): With protocols like the Model Context Protocol (MCP), enterprise data transformations become less of a bottleneck. Agents can connect directly to structured sources and tools through consistent interfaces.
• Alignment with Cyber and Enterprise Controls: Many of these protocols build on existing network, identity, and access management principles, making integration into corporate architectures more feasible.

These points demonstrate how agentic systems can align with existing enterprise architectures. Rather than relying on a “black box” AI that magically delivers results, agentic design breaks processes into smaller, verifiable and iterative components that can be easily managed, measured and improved over time.

Value vs. Risk Proposition

For every new capability, there’s a balance to strike between value creation and risk management. Key areas to assess include:

• Performance and Reliability: Do agentic systems consistently deliver outcomes that justify their complexity and cost?
• Accountability: Who is responsible when autonomous systems act on behalf of an organisation or customer?
• Bias and Data Integrity: How do we detect and mitigate bias in models, language, and datasets?
• Security Constraints: What are the technical and procedural limits of language models and the data they use?
• The Human Factor: How and when should humans intervene for oversight, validation, or ethical governance?

The Agentic Protocol Landscape

This brings us on to the importance of the agentic protocol stack as each brings new capability ranging from layers for context access (MCP) to agent communication (A2A/ACP), orchestration (AGP), user interaction (AG UI), and emerging financial integrations (A2P). The below table outlines the most commonly occurring open protocols (although there are more that are considered private or proprietary), who made them, their features and limitations.

Table 2. Protocol Features and Limitations

Ecosystem Themes: Benefits and Risks

The table highlights both benefits and risks in the new adoption and in some instances overlap. Like the battle of VHS vs Betamax, we will see which protocols win out. What is apparent though is as we have seen before with AI, although there are incredible advantages to this new architecture, the main challenges are likely on how they are applied operationally and strategically, in a way that balances benefits and risks.

Common Benefits

1. Interoperability Across Frameworks Open standards (e.g. MCP, A2A, ACP) enable agents, tools, and runtimes from different vendors to communicate through shared schemas (JSON RPC, OpenAPI, gRPC).
2. Composability and Modularity Protocols define clear agent interfaces, allowing composable “micro agents” and reusable task pipelines (AConP, LCAP, TAP).
3. Open Governance and Transparency Foundation led projects (Linux Foundation, AGNTCY, Anthropic, LangChain) promote neutrality, shared maintenance, and prevent vendor lock in.
4. Security and Policy Integration Newer protocols embed encryption, authentication, and policy enforcement (A2A, AGP, ANP), improving trust and access control between agents.
5. Layered Scalability The stack (MCP → A2A → AGP/ANP → AG UI → A2P) provides scalable routing, discovery, and identity frameworks suitable for large, multi-tenant agent networks.
6. Event Driven Efficiency Streaming and asynchronous communication (SSE, WebSockets, gRPC) improve performance for real time coordination and multimodal workflows.

Common Risks

1. Fragmentation of Standards Overlapping specs (A2A vs. ACP vs. AConP) create uncertainty and integration friction until consolidation occurs.
2. Ecosystem Immaturity Most protocols are draft or early stage (2024–25), lacking stable reference implementations and full cross vendor adoption.
3. Expanded Attack Surface Cross agent and cross domain messaging introduces new security vectors (prompt injection, impersonation, data leakage) requiring strong sandboxing and identity validation.
4. Governance Bottlenecks Multi stakeholder and foundation-based management can slow iteration and blur specification ownership.
5. Operational Overhead Gateways, registries, and discovery services (AGP, ANP) add complexity and cost, especially for smaller deployments.
6. Data Privacy and Regulatory Exposure Protocols enabling deep tool and data access (MCP, A2P) raise consent, provenance, and compliance challenges across jurisdictions.

From Ideation to Enterprise

Enterprise adoption depends on a robust, iterative bridge from experimentation to production. Tools like LangChain make it easy to prototype agents and workflows, but scaling to enterprise environments requires the discipline of protocol driven orchestration as provided by Google’s A2A and AGP.

This iterative process ensures that innovations proven in small, creative environments evolve under the same governance, observability and compliance frameworks that enterprises require.

The Rise of Agentic Commerce

This is especially important as new protocols are now connecting directly to payment and merchant systems. Emerging protocols such as AP2 (Agent Payments Protocol), Agentic Commerce Protocol (ACP), and Trusted Agent Protocol (Visa) extend beyond coordination into the financial transaction layer introducing payment flows, KYC, and settlement logic directly into the agent network.

Integrating these capabilities requires a disciplined transition from sandboxed prototypes (e.g. LangChain Agent Protocol, AConP), to enterprise grade deployments built on secure frameworks like A2A and AGP. Without structured validation and compliance integration, organisations risk exposing untested agent behaviours to real world financial systems.

Ultimately, adoption must include effective governance as a first-class concern, ensuring that technical interoperability is matched by assurance and operational accountability and controls.

Assurance Through Continuous Evaluation and Verification

The first step is creating environments that allow organisations to model and stress test agentic systems, identifying both high risk behaviours and points where human oversight adds value. To achieve this, automated testing, validation and evaluation pipelines must be embedded directly into development and deployment workflows.

Linking these evaluation processes to the core protocols MCP, A2A, AGP, and A2P enables proactive detection of compliance issues, performance drift, and emergent risks before large scale deployment. This structured approach ensures that agentic systems remain verifiable, auditable, and governable, establishing the foundations for trusted, enterprise ready autonomy. Assurance, validation, and governance are not afterthoughts they are the control systems that make agentic AI safe, scalable and worthy of trust.

Appendix: Protocols identified as part of this articles research:

If you want to dig into these protocols in more detail the below table links to providers and sources.

Protocol, Who Produced It, Docs / Research Source

Model Context Protocol (MCP),Anthropic + open community contributors,GitHub – modelcontextprotocol,

Agent-to-Agent Protocol (A2A), Google (with >50 partner organizations; Linux Foundation collaboration), Agent2Agent (A2A) Project

Agent Communication Protocol (ACP / AComP), IBM Research, i-am-bee/acp: Open protocol for communication between AI agents, applications, and humans.

Agent Connect Protocol (AConP), AGNTCY collective (Cisco Outshift, LangChain, others), agntcy/acp-spec: Agent Connect Protocol Specification

LangChain Agent Protocol (LCAP), LangChain Inc., LangChain GitHub – agent-protocol,

Agent Gateway Protocol (AGP), AGNTCY (Cisco-led consortium), a2a-samples/extensions/agp/spec.md at main · a2aproject/a2a-samples

Agent Network Protocol (ANP), Independent OSS community / research collaboration, agent-network-protocol/AgentNetworkProtocol

Tool Abstraction, LangChain (internal open abstraction), Tools | 🦜️🔗 LangChain

Function Calling, OpenAI, Anthropic, Major LLM providers, Function Calling - AIProtocolsHub

AG-UI (Agent–User Interaction Protocol), AG-UI Working Group (CopilotKit + LangGraph + CrewAI), AG-UI Overview - Agent User Interaction Protocol

Agent Payments Protocol (AP2), Google + partner ecosystem, AP2 - Agent Payments Protocol Documentation

Agentic Commerce Protocol (Commerce ACP), Stripe (in partnership with OpenAI), Agentic Commerce Protocol - Open Standard for AI Commerce | Agentic Commerce Protocol

Trusted Agent Protocol, Visa (with Cloudflare, Microsoft, Shopify, Adyen), visa/trusted-agent-protocol

Robot Context Protocol (RCP), Academic / open robotics research (2025), [2506.11650] Robot Context Protocol (RCP): A Runtime-Agnostic Interface for Agent-Aware Robot Control