Loading…
June 14-15, 2026
Mumbai, India
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for MCP Dev Summit Mumbai to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration..

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.


Company: Intermediate clear filter
arrow_back View All Dates
Monday, June 15
 

10:15am IST

Keynote: The Missing Middle: The Shared Infrastructure MCP Needs Before It Hits a Million Servers - Hrittik Roy, vCluster & Aditya Soni, SailPoint
Monday June 15, 2026 10:15am - 10:25am IST
MCP reached infrastructure currency in 13 weeks. CNCF took 13 months. That compression is the problem. The shared plumbing every production MCP deployment now reinvents, because no neutral open implementation exists yet, has to be built in months instead of years.

This talk maps five missing layers of the MCP ecosystem and what each needs before the protocol scales two more orders of magnitude.

1. Discovery federation. One registry lookup does not survive public, private, and vendor registries coexisting.
2. Workload identity for servers. Not user OAuth. Who is this server, who signed it, what is it allowed to do?
3. Observability backbone. OpenTelemetry semantic conventions for MCP are still draft, so every gateway ships its own trace format.
4. Health and reputation signals. When seventeen servers are named github-mcp, which one should an agent trust?
5. Metering and cost attribution. Boring, load bearing, absent from the spec.

For each layer: what exists today, where it breaks at scale, what a minimum viable open implementation needs. Attendees leave with a concrete map of which gaps are urgent, which are deferrable, and which are already being filled.
Speakers
avatar for Aditya Soni

Aditya Soni

CNCF Ambassador, Senior DevOps Engineer, SailPoint
Aditya Soni is a DevOps/SRE tech professional He worked with Product and Service based companies including Red Hat, Forrester Research, Searce, and is currently positioned at SailPoint as a Senior DevOps Engineer. He holds AWS, GCP, Azure, RedHat, and Kubernetes Certifications.He... Read More →
avatar for Hrittik Roy

Hrittik Roy

TPME, vCluster
Hrittik is a Platform Advocate at Loft Labs and a CNCF Ambassador, with expertise in cloud native technologies and open source communities. He has contributed extensively to developer advocacy, technical writing, and community engagement. Hrittik has been a featured speaker at events... Read More →
Monday June 15, 2026 10:15am - 10:25am IST
Lotus 1 (Level 3)
  Keynote Sessions

11:30am IST

The Invincible MCP Server: Building Crash-Proof AI Tools With Durable Execution - Shubham Londhe, Temporal
Monday June 15, 2026 11:30am - 11:55pm IST
We All have been building AI Agents with MCP since it launched in 2024, but there's one thing no one is talking about - "What happens when MCP Fails? (and they fail often). MCP is just a process and it can crash, and so will the AI agent progress, it all can vanish with a crash.

Well, the new Tasks primitive in MCP (SEP-1686) helps a lot, it gives your AI agents a way to hand off long-running tools, but it doesn't solve the real problem. They don't maintain the state when the server crashes.

In this session, I'll do a live demo of a Kubernetes Auto Healing AI Agent with MCP server and walk through how to wrap MCP tool logic in workflows that survive crashes, restarts, and network failures.
I'll cover how to handle human-in-the-loop approvals inside long-running tools, how to retries and state-management, and how to observe what your MCP tools are doing in production.

I'll be breaking a running server on stage and show you the agent recovering without losing a step. Hence "The Invincible MCP Server"
Speakers
avatar for Shubham Londhe

Shubham Londhe

Senior Developer Advocate, Temporal
Hello Dosto, I am Shubham Londhe, a Senior Developer Advocate, passionate about developing and deploying production-ready applications.

Its been more than 9+ years in the IT industry and having worked with AWS, Temporal, gave me a lens of how Production-readiness works.

I take this experience and share it with learners across India through my YouTube channel "TrainWithShubham" with over 175000 subscribers. Happy Learning... Read More →
Monday June 15, 2026 11:30am - 11:55pm IST
Lotus 3 (Level 3)
  Building with MCP

11:30am IST

Why Most MCP Tools Fail Silently, and How To Measure It - Om Shree, Shreesozo
Monday June 15, 2026 11:30am - 11:55pm IST
Most MCP servers don't break because of bugs. They break because the tool descriptions are too vague for agents to reliably pick the right tool.
Two research papers put numbers to this. A SAIL Research study of 856 tools across 103 MCP servers found 97% have at least one quality defect, 56% don't clearly state what the tool does, 89% give no guidance on when not to use it. A second study of 10,831 servers found that well-written descriptions get selected 260% more often, and fixing them raises task success rates by roughly 6 points.
Working with the Glama founder, I helped develop the Tool Definition Quality Score (TDQS) - an open source framework that scores every MCP tool across six dimensions: Purpose Clarity, Usage Guidelines, Behavioral Transparency, Parameter Semantics, Conciseness, and Contextual Completeness. Each tool gets a 1–5 per dimension with specific feedback on what's missing and why it matters.
This talk covers how TDQS was built, what scoring thousands of real servers revealed, and how server authors can use it to ship tools agents actually invoke correctly. The framework is open source and already live across Glama-hosted servers.
Speakers
avatar for Om Shree

Om Shree

Founder, MCP Consultant & Content Strategist, Shreesozo
I'm the founder of Shreesozo, an AI content studio focused on MCP and agentic AI. I've written 100+ technical pieces for Glama.ai and Gentoro, covering everything from protocol internals to real-world agent deployments. I run MCP Weekly, published on YouTube (1.2K subscribers) and... Read More →
Monday June 15, 2026 11:30am - 11:55pm IST
Lotus 2 (Level 3)
  MCP Protocol in Depth

12:00pm IST

From Shadow MCP To Sanctioned MCP: Building an Enterprise Agent Governance Program - Navin Pai, StackGen & Archana Rajkumar, SentinelOne
Monday June 15, 2026 12:00pm - 12:25pm IST
MCP has become the de-facto "standard" for exposing the external environment to agents, but security has always been a trailing concern, making a lot of platform teams sweat under the collar. Policy checks and tool-call authentication were tacked on quickly, but are quickly being seen are necessary but not sufficient. This session zooms out from single-agent enforcement to the operational challenge security and platform teams actually face in 2026: dozens of agents, hundreds of MCP server connections, multiple clouds, rogue tool registrations, and no centralized visibility into what's running.

This session presents a multi-stage maturity model for enterprise MCP governance, to help take practitioners from "we have no idea what's running" to "every tool call is governed, audited, and compliant with internal policies", and shows how to build the program incrementally, without boiling the ocean in the process and slowing down developer velocity.
Speakers
avatar for Navin Pai

Navin Pai

Director of Engineering, StackGen
Navin is a Founding Engineer at OpsVerse. You'll often find him on the internet, getting into flamewars about observability, large scale system design, and open source software
avatar for Archana Rajkumar

Archana Rajkumar

Staff Software Engineer, SentinelOne
I am a Staff Software Engineer at SentinenOne, and enjoy working at the intersection of AI, CyberSecurity and DevOps
Monday June 15, 2026 12:00pm - 12:25pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

12:30pm IST

Beyond 1:1 Mapping: Designing MCP for Real Enterprise Systems - Naresh Waswani, Simpplr Inc. & Jyoti Notani, Persistent Systems Ltd
Monday June 15, 2026 12:30pm - 12:55pm IST
Many organizations exploring MCP already operate large microservice ecosystems. A common first instinct is to mirror that architecture directly—one microservice becomes one MCP server, and each API becomes a tool. While simple in theory, this often creates too many servers, overlapping tools, poor discoverability, and unnecessary operational complexity.

This session explores how to design MCP boundaries for real enterprise environments instead of copying existing service boundaries. I’ll walk through practical patterns for grouping capabilities, aggregating multiple services behind task-oriented tools, and exposing interfaces optimized for agents rather than internal architecture diagrams.

We’ll also cover how different agents can safely consume shared MCP services, along with key considerations such as ownership, versioning, permissions, observability, and scaling MCP across many teams.

A short demo will show how a well-designed MCP layer can simplify complex multi-service workflows.

If your organization already has dozens or hundreds of services, this session will help you adopt MCP intentionally - without repeating old patterns in a new protocol.
Speakers
avatar for Naresh Waswani

Naresh Waswani

Senior Architect, Simpplr Inc.
Hands-on architect specializing in resilient distributed systems, microservices, event-driven architecture, and cloud-native modernization. AWS User Group Nagpur Leader and 6+ year AWS Community Builder, active in speaking, mentoring, and community building. My recent focus is Generative... Read More →
avatar for Jyoti Notani

Jyoti Notani

Architect, Persistent Systems Ltd
With over 14 years of experience in technology, I have built expertise across solution architecture, cloud platforms, DevOps, Kubernetes, AI-powered platforms, and modern software development practices.Currently, I work as an Architect at Persistent Systems, where I help design and... Read More →
Monday June 15, 2026 12:30pm - 12:55pm IST
Lotus 2 (Level 3)
  Enterprise Adoption + Integration

12:30pm IST

Your AI Chatbot Just Exposed Your CEO’s Salary To an Intern: Securing Enterprise AI Agents - Hasini Samarathunga & Sahan Dilshan, WSO2
Monday June 15, 2026 12:30pm - 12:55pm IST
Have you ever worried that your new AI Agent might be a little too helpful? Imagine an intern asking an HR chatbot, "What is the CEO's salary?" and the bot, designed to be helpful, promptly fetches it.

As we equip LLMs with tools via the MCP to query internal systems, we introduce a significant data privacy risk if the agent cannot distinguish who is making the request.

In this session, we’ll explore the critical intersection of IAM and AI agents. You’ll see how to implement fine-grained access control and “on-behalf-of” user execution in MCP servers. By securely propagating user context, an agent ensures that when the CEO queries salary data, the data is delivered, but when an intern makes the same request, the system restricts it.

We’ll also dive into the “Human-in-the-Loop” (HITL) pattern, a safeguard that pauses high-risk actions for explicit human approval. You’ll learn how to design secure-by-default MCP architectures using standard authentication flows, zero-trust permissioning, and HITL workflows to keep your AI agents aligned, controlled, and trustworthy.
Speakers
avatar for Hasini Samarathunga

Hasini Samarathunga

Senior Software Engineer, WSO2
Hasini Samarathunga is a Senior Software Engineer at WSO2, with 3+ years of experience specializing in IAM and B2B domains. She is currently working on building B2B capabilities for MCP servers and introducing Agent-as-a-Service within WSO2 Identity Server.

She believes great tech talks should cut through the buzzwords and make complex ideas accessible, ensuring everyone, regardless of experience level, can walk away having learned something useful... Read More →
avatar for Sahan Dilshan

Sahan Dilshan

Associate Tech Lead, WSO2
Sahan Dilshan is an Associate Tech Lead at WSO2, where he has spent the past five years designing and building identity and access management features. His current focus sits at the intersection of two complementary areas: IAM for AI securing agentic systems with proper identity... Read More →
Monday June 15, 2026 12:30pm - 12:55pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

2:25pm IST

Stateful AI Agents: Building Consistent Systems With MCP and Distributed SQL - Nasiullha Chaudhari, YugabyteDB & Vanshika Jain, Brudite Private Limited
Monday June 15, 2026 2:25pm - 2:50pm IST
An agent processes a payment, hits a timeout, and retries. Now the payment has been charged twice. The model didn’t hallucinate. The workflow did exactly what it was told. The problem is that nobody designed the agent to be safe under retry.

This is a distributed systems problem.

When agents read data, take actions, and write results back, correctness depends on how state is managed across steps. Under retries or concurrent execution, the same workflow can produce conflicting outcomes.

This talk shows how to build stateful AI agents using the Model Context Protocol with a PostgreSQL-compatible distributed database. Instead of treating memory as embeddings, we treat it as structured, transactional state.

You will learn how to design MCP tools for database operations, manage multi-step workflows, and handle failure modes such as retries and idempotency. We will also explore consistency tradeoffs in distributed systems.

The session ends with concrete patterns for building reliable agents, including idempotent tools and safe retry design.
Speakers
avatar for Vanshika Jain

Vanshika Jain

Software Engineer, Brudite Private Lmited
Software Engineer turned Trainer and Public Speaker. I love talking about Cloud, DevOps, and the power of community to make tech more approachable. Through mentoring, training sessions, and talks, I try to help others grow in their tech journey.
Being in a startup, I didn’t just... Read More →
avatar for Nasiullha Chaudhari

Nasiullha Chaudhari

Developer Engagement Manager, YugabyteDB
Nasiullha Chaudhari works as a Developer Engagement Manager at YugabyteDB, focusing on AI systems, distributed databases, and cloud-native architectures. He works on real-world AI agent systems and focuses on what it takes to run them reliably in production.

He is a Docker Captain and an international speaker who has spoken at developer and infrastructure conferences globally. He shares practical insights through his YouTube channel with 180K+ subscribers and with 70K+ followers on LinkedIn... Read More →
Monday June 15, 2026 2:25pm - 2:50pm IST
Lotus 1 (Level 3)
  Building with MCP

2:25pm IST

Your MCP Server Is an Attacker's Dream: A Security Playbook From Real-World Assessments - Akash Mahajan, KLOUDLE Inc.
Monday June 15, 2026 2:25pm - 2:50pm IST
MCP servers are quickly becoming the default interface between AI agents and production systems.

This speed has a cost. Most teams shipping MCP servers today are repeating the same security mistakes like overprivileged tool definitions, missing input validation, no transport-layer auth, and blind trust in what the LLM sends downstream.

This talk presents a practical security assessment playbook for MCP servers, built from hands-on penetration testing and security assessments of real MCP deployments.

We'll walk through the three-five most common vulnerability patterns seen in the wild.

- tool poisoning
- permission escalation
- transport misconfiguration
- server-side request forgery through tool arguments

For each vulnerability class, you'll see how the attack works, why it slips past code review, and what the fix looks like in practice.

Attendees will walk away with a repeatable methodology for assessing the security posture of any MCP server before it hits prod. Whether they built it or adopted it.
Speakers
avatar for Akash Mahajan

Akash Mahajan

Founder CEO, KLOUDLE Inc.
Akash Mahajan is the founder and CEO of Kloudle, the security posture layer for the AI software factory. Kloudle helps teams find, prove, and gate security issues across cloud infrastructure, MCP servers, apps, and APIs before agents ship them to production.

Akash has spent 20+ ye... Read More →
Monday June 15, 2026 2:25pm - 2:50pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

2:55pm IST

MCP Elicitation in the Wild: When Agents Ask for Too Much - Kaiwalya Koparkar, Gravitee.io
Monday June 15, 2026 2:55pm - 3:20pm IST
Elicitation is one of MCP's most powerful and least governed features. It lets servers request additional input from users at runtime, enabling richer, more dynamic agent interactions. But in production environments, elicitation also opens a surface for agents to request sensitive data they shouldn't need, bypass approval flows, or trigger unintended actions under the guise of a helpful prompt. This session examines elicitation as a runtime governance problem: what it is at the protocol level, where the security boundary sits between server and client, and how to enforce limits on what agents can elicit without neutering the feature entirely. Drawing on real implementation experience, the talk covers policy patterns for elicitation scope control, audit logging of elicitation events, and the UX tradeoffs of locking it down. Attendees will leave with a clear framework for deciding when elicitation is safe, when it needs guardrails, and how to implement those guardrails in a running MCP deployment.
Speakers
avatar for Kaiwalya Koparkar

Kaiwalya Koparkar

Platform Advocate, Gravitee
Monday June 15, 2026 2:55pm - 3:20pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

3:25pm IST

100 Agents in 100 Days: Patterns and Anti-Patterns for MCP-Based Multi-Agent Systems - Harish Kotra, Forge Alumnus
Monday June 15, 2026 3:25pm - 3:50pm IST
Multi-agent systems on MCP are where most of the interesting architectural questions live: routing, state, retries, coordination, and what happens when any one of N tool calls misbehaves. Most talks on the topic are theoretical. This one is not.

Since early 2026 I've published one new AI agent every day at dailybuild.xyz. Many of them are multi-agent: price-war simulations, research pipelines, a local agent orchestration studio, a recursive research loop, human-in-the-loop travel planners, and a "swarm CFO" with policy-gated spend. Dozens of them plug into MCP servers.

In this session I'll pull out the ten orchestration patterns I now use by default when MCP is in the mix, and the ten I've thrown out. Topics include: why single-agent-with-many-tools usually beats a team of agents until it suddenly doesn't; how to design a router that survives tool-name collisions across multiple MCP servers; state strategies that don't rot; retry and compensation patterns for idempotent vs non-idempotent tools;

Every pattern in the talk is tied to a specific public build with working code, so attendees can go verify, fork, or challenge anything I claim.
Speakers
avatar for Harish Kotra

Harish Kotra

DevX Lead, xo.builders
Harish is a Fractional CTO and AI agent builder based in India. He previously led Developer Relations at Gaia and spent over a decade at AngelHack organizing 200+ hackathons. Since 2026 he's published one new open-source AI agent every day at dailybuild.xyz, 100+ builds spanning MCP... Read More →
Monday June 15, 2026 3:25pm - 3:50pm IST
Lotus 2 (Level 3)

3:25pm IST

Starling: Building a Pay-as-you-go MCP Server for Live Kubernetes Ops - Avinash Patil, Warble Cloud
Monday June 15, 2026 3:25pm - 3:50pm IST
Most MCP demos stop at "hello world over stdio." Shipping a production MCP server means answering harder questions: How do you authenticate callers? How do you meter usage? How do you safely hand an LLM a live Kubernetes cluster without giving it the keys to prod?

This talk walks through Starling, a production MCP server that exposes 17 Kubernetes tools — from list_pods to scan_cluster — to Claude, Cursor, and VS Code. It runs live on GKE at ops-mcp.warblecloud.com, charges credits per tool call, and handles ephemeral kubeconfigs without ever persisting them.

We'll cover concrete design decisions: dual-transport architecture (stdio for desktop agents, HTTP for remote), a Firestore-backed credit ledger with atomic per-tool debits, mode-gated write tools (scale_deployment only when --mode=readwrite), and the security model for handing an LLM temporary cluster access.

Attendees leave with a working mental model for turning an MCP prototype into a billable, multi-tenant service — plus the exact auth, transport, and RBAC patterns they can lift into their own servers.
Speakers
avatar for Avinash Patil

Avinash Patil

Chief Flow Office, CHIRPSTACK LLP
Avinash Patil is the founder of warblecloud.com (Chirpstack LLP Entity ), building MCP-native Kubernetes tooling. He leads the Starling project, a production MCP server for cluster intelligence. Previously, he spent over 12 years leading cloud-native platform engineering at global... Read More →
Monday June 15, 2026 3:25pm - 3:50pm IST
Lotus 1 (Level 3)
  MCP Protocol in Depth

3:25pm IST

Securing MCP Servers for the Enterprise: OAuth 2.0, Keycloak, and Spring Boot in Production - Vishal Singh, Quest2travel
Monday June 15, 2026 3:25pm - 3:50pm IST
The MCP spec mandates OAuth 2.0 for HTTP-exposed servers, but most tutorials stop at "add a Bearer token." Enterprise deployments demand more: dynamic client registration, tool-level authorization, token introspection under load, and audit trails for compliance.

This session builds a production-grade MCP server with Spring Boot and the MCP Java SDK, secured by Keycloak. We cover: mapping OAuth scopes to MCP tool permissions, rate limiting per client credential with Bucket4j, wiring OpenTelemetry traces through the MCP request lifecycle, and handling edge cases at scale — token clock skew across distributed agents, graceful degradation when the IdP is unreachable, and preventing prompt injection from leaking privileged tool responses.

Attendees leave with a working architecture adaptable to any identity provider and a clear mental model of where MCP security ends and application security begins.

Breakdown: threat model (3 min), OAuth 2.0 + Keycloak layer (7 min), hardened Spring Boot server (8 min), edge cases from the field (5 min), architecture takeaway (2 min).
Speakers
avatar for Vishal Singh

Vishal Singh

Cloud Infrastructure Operations Engineer, Siemens Healthineers
Senior Software Developer at Quest2travel by MakeMyTrip, building Java/Spring Boot backend systems for B2B corporate travel at scale. Previously at Comviva (Tech Mahindra) on fintech platforms handling 3.5M+ API requests/day. Active open-source contributor to Keycloak (OIDC claim... Read More →
Monday June 15, 2026 3:25pm - 3:50pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust

3:55pm IST

What a Database Team Discovers Building an MCP Server - Sfurti Sarah, Yugabyte & Heather Downing, YugabyteDB
Monday June 15, 2026 3:55pm - 4:20pm IST
Most MCP servers in production were built by AI teams. Meko's was built by a distributed SQL database team, and the view from this side of the stack is different.

Coming from storage, some decisions were obvious from day one. Memory, knowledge, conversation history, and structured data belong on one cluster, not four. Tenant isolation is a schema problem. The datapack, our per-agent namespace, fell out of the same instinct that builds any multi-tenant database.

Other decisions we only got right the second time. We started with a deployment model that gave every user their own MCP server, and pivoted to a shared fleet once we saw how real usage patterns played out. We shipped tools for capabilities that turned out to belong in skills. We learned where the language model needed a tight, opinionated surface and where it needed more room.

This talk is the story of what we brought to MCP from the database side, what we discovered once real agents started using it, and the pivots we made, including the ones still in flight.
Speakers
avatar for HEATHER DOWNING

HEATHER DOWNING

Developer Advocate, YugabyteDB
Heather Downing is a Senior Developer Advocate at YugabyteDB and a Microsoft MVP focused on agentic AI, MCP, and secure software engineering.
7x MSFT MVP and fan of data in general.
avatar for Sfurti Sarah

Sfurti Sarah

Senior Software Engineer, Yugabyte
Sfurti Sarah is a Senior Software Engineer at YugabyteDB working on Meko’s MCP server. Her work sits at the intersection of databases and LLMs, focusing on how these systems behave in real-world production environments.
Monday June 15, 2026 3:55pm - 4:20pm IST
Lotus 1 (Level 3)
  Building with MCP

3:55pm IST

The AI-First Device Farm: Exposing Remote Hardware Infrastructure Via MCP - Kalyan Kolachala, SymphonyAI Group India & Vaishali Shetty, GetWell Network (SAI Group)
Monday June 15, 2026 3:55pm - 4:20pm IST
For a geographically distributed Dev and QA team, accessing physical Set-Top Boxes for debugging is a constant bottleneck. By deploying Remote MCP, we transformed our physical STB testing lab into a shared, AI-accessible platform. This talk covers the infrastructure needed to host Remote MCP servers that interface with a fleet of physical devices. We will explore how developers can now use their local AI assistants (like Claude) to securely connect to, setup, and debug remote STBs as if they were sitting on their desks.
Speakers
avatar for Kalyan Kolachala

Kalyan Kolachala

Managing Director and Head of AI, SymphonyAI Group India
Kalyan is a senior engineering leader with experience in delivering world class, enterprise products and platforms involving SaaS, AI/ML, GenAI, Kubernetes, Cloud, and big data. He is currently India MD at SAI Group, a global enterprise AI leader. Worked previously at Intuit and Hitachi... Read More →
avatar for Vaishali Shetty

Vaishali Shetty

Architect - QA, Performance and Observability, GetWell Network (SAI Group)
Vaishali Shetty is a Principal Engineer at GetWell Network (SAI Group) and a Architect specializing in qa, performance, observability, and generative AI. She has held architect roles at Mycom and Hitachi Vantara, and leadership roles at Altisource Labs and Oracle. She designs testing... Read More →
Monday June 15, 2026 3:55pm - 4:20pm IST
Lotus 2 (Level 3)
  Ecosystem, Registries + Platform Infrastructure

3:55pm IST

Stop the Wild Goose Chase: Enterprise Agents With Goose - Ram Iyengar, OpenSSF
Monday June 15, 2026 3:55pm - 4:20pm IST
The promise of autonomous AI agents has sent engineering teams on a wild goose chase—juggling vendor lock-in, unpredictable costs, & security nightmares all for an agent to execute a simple workflow.

Stop chasing and start building!

Enter goose: the open-source, general-purpose framework, designed to run natively on your machine. It connects to any LLM. goose shifts the paradigm from fragile and remote to robust and local.

In this talk, we shall explore how to successfully architect and deploy goose within an enterprise environment. Chop through hype to demonstrate how goose leverages MCP to integrate with your choice of tools. More importantly, we will tackle the critical enterprise realities of deploying autonomous agents: establishing strict token budgets, implementing robust security guardrails to prevent destructive terminal commands, and building "Custom Distros" to standardize AI workflows across your entire engineering organization.

Automate mundane research, streamline CI/CD, or safely vibecode ― you will leave this session with a practical blueprint for making open-source agents work for your enterprise, thanks to goose.
Speakers
avatar for Ram Iyengar

Ram Iyengar

Chief Evangelist, CF
Ram Iyengar is an engineer by practice and an educator at heart. He was (cf) pushed into technology evangelism along his journey as a developer and hasn’t looked back since! He enjoys helping engineering teams around the world discover new and creative ways to work. He is a proponent... Read More →
Monday June 15, 2026 3:55pm - 4:20pm IST
Lotus 3 (Level 3)

4:50pm IST

Beyond Tool Calls: Unlocking Interactive, Token-Smart Agents With MCP Apps - Suraj B, HDFC Bank
Monday June 15, 2026 4:50pm - 5:15pm IST
MCP Apps are reshaping what a Model Context Protocol server can do — turning text-only tool exchanges into rich, interactive experiences embedded directly in the host. This session takes a builder's tour of the MCP Apps extension: core concepts, target use cases (dashboards, multi-step workflows, human-in-the-loop confirmations), the security model, and current limitations worth knowing before adoption.
A central theme is the visibility paradigm — letting UI carry state the model doesn't need to see, unlocking meaningful token savings on data-heavy flows. We'll cover iframe sandbox constraints, postMessage patterns, session-bound identity, and prompt-injection defenses for sensitive actions. We will also cover existing protocol limitations and work going on to address the same in exp-apps working group.
We close with a live Go-based demo executing a fund transfer flow end-to-end.
Speakers
avatar for Suraj B

Suraj B

Lead Engineer, HDFC Bank
Suraj is a contributor to the MCP Go SDK and member of the MCP Financial Services Interest Group. He is a Lead Backend and AI Engineer at HDFC Bank, building agentic AI platforms with a focus on MCP server architecture and token optimization. A Go developer with ~10 years of experience... Read More →
Monday June 15, 2026 4:50pm - 5:15pm IST
Lotus 1 (Level 3)
  Building with MCP

4:50pm IST

Building Interactive Tools With MCP Elicitation - Ashwin Hariharan, Redis
Monday June 15, 2026 4:50pm - 5:15pm IST
Most of us think of agent tools as vending machines - you put in the right input, you get the right output. Put in the wrong input, and you either get the wrong output or nothing at all.

This breaks for complex workflows where context is incomplete or intent is ambiguous. The tool either guesses wrong or fails outright. No back-and-forth, no clarification. Good AI tools built for conversation should explain what they need, what they'll do, and provide clear options.

In this session, we’ll look at how MCP elicitation works in practice across different workflows: covering ambiguous input, missing context, risky operations, and auth flows. Attendees will leave with concrete patterns for designing tools that go beyond transactional APIs to collaborative multi-turn interactions.
Speakers
avatar for Ashwin Hariharan

Ashwin Hariharan

Developer Advocate, Redis
Ashwin Hariharan is a Developer Advocate at Redis, with over eight years of experience as a full-stack software engineer. He's passionate about making complex ideas simple, helping developers build faster, more reliable systems, and understand the "why" behind the tools they use.
... Read More →
Monday June 15, 2026 4:50pm - 5:15pm IST
Lotus 2 (Level 3)
  Building with MCP

5:20pm IST

Building an MCP Marketplace: Lessons in Discovery, Versioning, and Trust - Saurabh Mishra, Optum/UnitedHealthGroup
Monday June 15, 2026 5:20pm - 5:45pm IST
This talk shares practical lessons from building a marketplace for MCP servers covering how to design a discovery layer that goes beyond a simple registry, handle versioning without breaking agent workflows, and establish trust signals (author verification, schema validation, sandboxed execution scores) that developers can actually rely on.
Attendees will walk away with concrete patterns for publishing and consuming MCP servers at scale, and an honest look at what breaks when you try to standardize a fast-moving ecosystem.
Speakers
avatar for Saurabh Mishra

Saurabh Mishra

Lead DevOps Engineer, Optum (UnitedHealthGroup)
Saurabh Mishra is a Cloud Evangelist and architect dedicated to high-level automation and DevOps excellence. He actively engages with the global tech community, sharing insights on cloud-native technologies, security best practices and multi-cloud strategies.As an experienced speaker and mentor... Read More →
Monday June 15, 2026 5:20pm - 5:45pm IST
Lotus 1 (Level 3)
  Building with MCP

5:20pm IST

Who Do You Trust? Securing Multi-Agent MCP Systems in Healthcare - Yuvraj Pradhan, MIT ADT University & Archana Kumari, MIT ADT University
Monday June 15, 2026 5:20pm - 5:45pm IST
An LLM caught my friend’s condition that doctors took two months to confirm. We asked: what happens when multiple specialised models review the same case together?

We built ConsensusMed on MCP. Each specialist model for a medical domain runs as an independent MCP server, and an orchestrator coordinates their outputs and decides what to trust when models disagree.

Multi-agent clinical systems face real attack surfaces:

- A malicious MCP server can exfiltrate OAuth tokens and impersonate legitimate users
- Prompt injection in clinical reports silently shifts outputs before consensus
- Tampered model weights corrupt findings with no OAuth scope catching it

So we built a trust layer directly into MCP:

- An MCP interceptor proxy redacts PHI using NER before any tool call reaches a specialist server
- The chairman verifies SHA-256 hashes of model weights against Ed25519-signed manifests before spawning
- Specialists run as stdio subprocesses. They never bind to a port. Network access is structurally impossible.

For regulated environments, we built an air-gapped MCP registry that operates entirely offline with cryptographic verification before execution.
Speakers
avatar for Yuvraj Pradhan

Yuvraj Pradhan

AI Systems Engineer, MIT-ADT UNIVERSITY
Yuvraj Pradhan is an AI Systems Engineer specialising in cost-efficient GenAI and secure multi-agent architectures. He is the first author of research published in Springer Nature on architecting a 125M-parameter NanoLLM for STEM tasks that outperforms significantly larger models... Read More →
avatar for Archana Kumari

Archana Kumari

Ai Systems Developer, MIT ADT University
Archana Kumari is an AI Systems Developer building practical machine learning systems and edge AI applications. Her work spans LLMs, computer vision on embedded devices, and full-stack tooling with Python and Java. She has developed multi-agent reasoning frameworks and voice-assisted... Read More →
Monday June 15, 2026 5:20pm - 5:45pm IST
Lotus 3 (Level 3)
  Security, Identity + Trust
 
  • Filter By Date
  • Filter By Venue
  • Filter By Type
  • Audience Experience Level
  • Session Slides
  • Timezone

Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date -