From Metadata to Executable Knowledge: Organizing Interoperable AI Ecosystems through the Model Context Protocol

Author
Affiliation

School of Library and Information Studies

Published

July 16, 2026

Abstract

The Model Context Protocol (MCP) is rapidly becoming an interoperability layer through which AI agents discover and invoke external data, tools, and workflows. Digital-library research, however, requires more than protocol conformance: executable services must also be semantically interpretable, procedurally reusable, and institutionally accountable. This study analyzes 16,800 latest-version records from the Official MCP Registry and a deterministic sample of 250 linked GitHub repositories, of which 212 were successfully retrieved. It combines registry analysis, static capability extraction, computational text analysis, network measures, and qualitative validation to examine capability metadata, agent skills, institutional signals, and provenance. The findings show an ecosystem organized more successfully for discovering callable services than for interpreting and governing knowledge work. Tools dominate detected capabilities; retrieval dominates classifiable functions; explicit library, archive, and museum descriptions remain marginal; skill documents are procedurally rich but highly concentrated; and 96.7% of Registry records contain none of six measured provenance cues. The paper develops an executable knowledge ecosystem framework and argues that MCP capability descriptions constitute metadata with operational consequences. It concludes with an institutional roadmap for curating services, governing reusable skills, implementing cross-layer provenance, and preserving meaningful human oversight.

Keywords

Model Context Protocol, digital libraries, knowledge organization, agent skills, provenance, AI interoperability

Introduction

Digital-library research has long described the field as an integration of collections, services, technologies, and communities rather than a repository function alone (Fox and Urs 2002). More recent studies of parliamentary libraries and GLAM collections show that AI can reshape internal processes and public information services while raising institutional questions about responsible implementation (Cifuentes-Silva et al. 2025; Kim et al. 2024). These findings support examining MCP as both technical infrastructure and an institutional knowledge arrangement.

From interoperable records to interoperable action

Digital libraries have long treated interoperability as a condition for making heterogeneous collections discoverable, exchangeable, and reusable. Their infrastructures therefore organize persistent objects through descriptive, structural, administrative, and preservation metadata; map vocabularies across institutional and disciplinary boundaries; and expose records through shared protocols. These arrangements are not neutral technical conveniences. Knowledge organization determines which entities become legible, which relationships can be traversed, and which interpretations are stabilized for retrieval (Hjørland 2007, 2021). Metadata crosswalks likewise embody organizational negotiation because apparent syntactic equivalence can conceal differences in local practice and meaning (Khoo and Hall 2010). Recent work continues to show that standardization improves repository discoverability and interoperability, while also making metadata quality and institutional policy central to system performance (Salauddin 2026).

Generative and agentic AI introduce a consequential extension to this problem. The emerging infrastructure does not merely exchange descriptions of information objects; it makes institutional data, operations, and workflows available for computational selection and execution. The Model Context Protocol (MCP) provides a particularly visible instance of this shift. Its server primitives distinguish user-controlled prompts, application-controlled resources, and model-controlled tools, while capability negotiation communicates which functions a server can expose (Model Context Protocol 2025b, 2025a). A tool definition couples a human-readable description with an input schema and, optionally, an output schema; a resource couples a URI with descriptive and technical metadata (Model Context Protocol 2025d, 2025c). These structures function as capability metadata: they describe not only what an information object is, but what an AI system may do with or through it.

This shift matters strategically for digital libraries. A collection becomes part of an AI knowledge ecosystem when its representations can be discovered, interpreted, invoked, combined, and audited across organizational boundaries. Interoperability consequently expands from record exchange to mediated action. In this environment, the unit of organization may be a callable service, a parameterized workflow, or a procedural document rather than a bibliographic record alone. The design problem is therefore simultaneously semantic, operational, and institutional: machine-actionability must preserve human interpretability, meaningful context, and accountable stewardship (Wilkinson et al. 2016; Vogt 2025).

MCP as an Information Science problem

Most early MCP scholarship has approached the protocol through computer-science concerns. Hou et al. survey the MCP lifecycle and identify security and privacy threats across server creation, operation, and updating (Hou et al. 2025). Comparative work situates MCP among emerging agent-interoperability protocols (Ehtesham et al. 2025), while recent architectural research identifies recurring server patterns, operational anti-patterns, and observability requirements (Rodrigues and Vas 2026). This literature establishes that MCP is consequential infrastructure, but it leaves a distinct Information Science question underdeveloped: what kind of knowledge order is produced when institutional resources, capabilities, and procedures are packaged for AI-mediated discovery and action?

The gap is important because technical interoperability does not guarantee semantic or institutional interoperability. Knowledge organization research has shown that classification and retrieval depend on epistemic commitments, domain assumptions, and communities of practice (Hjørland 2007, 2021). Work on FAIR and cognitively interoperable digital objects similarly warns that machine-actionability can outpace human explorability when representational context is underspecified (Wilkinson et al. 2016; Vogt 2025). MCP sharpens this tension: a concise capability description may be sufficient for model selection, yet insufficient for a curator, auditor, or user to assess provenance, scope, authority, risk, or intended institutional use.

Table 1 states the strategic contrast that motivates this study. It does not posit a replacement of traditional digital-library infrastructure. Rather, it identifies an additional organizational layer in which descriptions become interfaces to action. The central challenge for digital libraries is to connect these layers so that executable services inherit the semantic discipline, provenance practices, and stewardship commitments developed for digital collections.

Table 1: Strategic contrast between record-centered interoperability and AI capability interoperability
Dimension Record-centered infrastructure AI capability infrastructure
Primary unit Digital object or metadata record Tool, resource, prompt, or procedural skill
Core question What is this object and how can it be found? What can this service do, with which inputs and effects?
Mediation Human query and system retrieval Human, model, application, and service coordination
Interoperability target Syntactic and semantic exchange Discovery, invocation, composition, and execution
Provenance burden Origin, custody, version, and transformation Origin plus authorization, execution trace, dependencies, and outcomes
Stewardship risk Misdescription or loss of context Opaque action, capability misuse, and untraceable workflow change

As Table 1 emphasizes, the provenance burden grows when metadata participates in execution. Traditional provenance models establish the importance of tracing entities, activities, agents, and derivations (Moreau et al. 2013). In an interoperable AI environment, equivalent questions must be asked of capability selection and workflow performance: Which organization published the server? Which version and dependencies shaped an action? What resource was accessed? Which model or user authorized the invocation? What outputs and transformations followed? MCP includes logging and evolving task mechanisms, but the existence of protocol primitives does not establish that public implementations expose adequate evidence for institutional audit (Model Context Protocol 2025a, 2025e).

Research objective and questions

This paper investigates publicly registered MCP servers as emerging knowledge organization artifacts. The empirical corpus combines a census of 16,800 latest server records in the official registry with a deterministic repository subsample. Of 250 attempted repository snapshots, 212 were successfully cloned and statically analyzed, yielding 1,238 tool registrations, 102 resources, 78 prompts, 452 SKILL.md documents, and 7,454 procedural-document sections. This design enables a population-level account of registry metadata and a bounded, explicitly qualified account of repository-level capability and procedural representations.

The primary research question is:

What do publicly available MCP servers reveal about the emerging organization of interoperable AI knowledge ecosystems?

Six secondary questions operationalize that inquiry:

  1. RQ1: How are AI capabilities organized and described?
  2. RQ2: What types of knowledge objects dominate interoperable AI ecosystems?
  3. RQ3: How is procedural knowledge represented through SKILL.md documents?
  4. RQ4: How is provenance represented, and what levels of provenance maturity are observable?
  5. RQ5: What patterns of institutional knowledge work emerge across domains and organizations?
  6. RQ6: What empirically grounded taxonomy of interoperable AI knowledge services can be constructed?

The questions deliberately move from description to theory building. They treat server metadata and repository artifacts as representations through which institutional capacities become legible to AI systems. The analytical emphasis is therefore not whether MCP is technically efficient, but how it reorganizes the relationship among knowledge assets, representations, executable capabilities, procedural instructions, provenance, and institutional work.

Strategic contribution to digital library research

The paper makes four intended contributions. First, it reframes AI interoperability as a knowledge organization problem by conceptualizing capability descriptions and schemas as metadata for executable knowledge services. Second, it provides empirical evidence at a scale that complements small architectural samples and security-centered surveys (Hou et al. 2025; Rodrigues and Vas 2026). Third, it analyzes procedural skill documents as a distinct representational form situated between documentation, workflow specification, and machine-actionable instruction. Fourth, it develops a taxonomy and provenance-maturity model intended to help digital libraries evaluate AI-facing services before integrating them into discovery, reference, research-support, preservation, or metadata workflows.

This positioning aligns directly with the ICADL 2026 theme, Empowering Digital Knowledge Ecosystems through Data, AI, and Human Intelligence, and with its emphasis on generative AI, metadata technologies, knowledge organization systems, digital-library infrastructures, and information work (International Conference on Asian Digital Libraries 2026). The strategic implication is that digital libraries should not approach interoperable agents only as downstream users of external technology. They can shape the descriptive standards, procedural representations, provenance expectations, and stewardship arrangements through which institutional knowledge becomes actionable. The remainder of the paper develops the theoretical basis, methods, empirical findings, and governance implications of that claim.

Conceptual Framework

The framework draws additional support from research on registries and package ecosystems. Model registries mediate reuse by organizing versioned artifacts with documentation, metadata, and configuration evidence (Jiang et al. 2023), while long-term package viability depends on explicit maintenance, ownership transfer, and community governance (Zimmermann 2020). These findings support treating representation and stewardship as constitutive layers of executable knowledge infrastructure.

The Executable Knowledge Ecosystem as the Unit of Analysis

This study conceptualizes the publicly available MCP ecosystem as an executable knowledge ecosystem: a sociotechnical arrangement through which institutional knowledge assets are described as discoverable capabilities, operationalized through procedural instructions, enacted by AI agents, and made accountable through provenance. The unit of analysis is therefore broader than an individual server or repository. It includes the representations, relationships, and governance signals that allow heterogeneous actors to discover, interpret, combine, and evaluate knowledge services.

This position builds on knowledge-infrastructure scholarship. Data and information acquire meaning through ecologies of people, practices, technologies, institutions, material objects, and relationships rather than through technical availability alone (Borgman 2015). Classification systems are similarly infrastructural: their categories and standards make some objects and activities visible while rendering others difficult to express (Bowker and Star 1999). Applied to MCP, a registry category, tool name, input schema, or server description does more than document software. It structures how an agent encounters the service, what distinctions it can make among alternatives, and which forms of institutional knowledge become available for action.

The ecosystem perspective also recognizes that interoperability occurs across social worlds. Server developers, model providers, repository managers, librarians, researchers, and end users may interpret the same capability differently. Metadata records and capability descriptions can function as boundary objects when they are stable enough to coordinate exchange yet adaptable enough to retain meaning in different communities (Star and Griesemer 1989). Whether MCP artifacts achieve this function is an empirical question: syntactic compatibility may enable exchange while semantic thinness still impedes responsible institutional use.

A Layered Model of Knowledge Activation

The framework in Figure 1 organizes the ecosystem into eight analytically distinct layers. The layers form a directional chain, but the model is not technologically deterministic. Outcomes feed back into institutional assets, descriptive practices, procedural documentation, and governance rules. Each transition may be strengthened or weakened by metadata completeness, semantic specificity, skill quality, provenance, maintenance, and human oversight.

Figure 1: Conceptual framework for an executable knowledge ecosystem. Institutional assets become actionable through representational, procedural, mediating, and provenance layers, with ecosystem outcomes feeding back into institutional practice.

The first layer, institutional knowledge assets, comprises collections, datasets, records, expertise, policies, computational services, and other resources that institutions steward or use. The second, knowledge representation, covers the metadata, schemas, vocabularies, identifiers, and documentation through which those assets become describable. These layers correspond most closely to traditional digital-library concerns, but their inclusion emphasizes that an agent can act only on the institutional knowledge that has first been rendered legible to a computational environment.

The third layer, capability representation, expresses possible actions through tools, resources, prompts, input schemas, and interface descriptions. MCP formalizes important distinctions among these primitives (Model Context Protocol 2025d, 2025c). In the framework, capability descriptions constitute metadata for executable knowledge services: they identify not only an object but also an action, its expected parameters, and an anticipated result. This layer is the primary locus for analyzing how AI capabilities are classified and at what level of granularity they are exposed.

The fourth layer, procedural knowledge, explains how capabilities should be used in situated tasks. Skills, workflows, examples, constraints, and recovery instructions can convert an inventory of atomic operations into a reusable course of action. Recent research describes agent skills as modules that package procedural knowledge with applicability conditions, execution policies, termination criteria, and reusable interfaces (Xu and Yan 2026; Jiang et al. 2026). The framework therefore treats SKILL.md as a representational form distinct from both descriptive metadata and executable tools.

The fifth layer, AI mediation, covers the discovery, selection, sequencing, transformation, and synthesis performed by an agent. Mediation is not a transparent conduit: an agent interprets descriptions, resolves competing options, composes actions, and presents outputs. The sixth layer, workflow provenance, records the entities, activities, and agents involved in that process. This corresponds to the core structure of W3C PROV, in which entities can be used or generated by activities and responsibility can be associated with human, organizational, or software agents (Moreau et al. 2013). Provenance is positioned after mediation in the directional model because it records enacted workflows, but provenance requirements should also constrain capability selection and execution prospectively.

The seventh layer, institutional knowledge work, denotes the recognizable practices accomplished through the preceding layers, including retrieval, analysis, metadata enhancement, curation, communication, monitoring, and decision support. The final layer, knowledge ecosystem outcomes, captures consequences such as expanded access, reuse, cross-institutional coordination, service innovation, trust, exclusion, dependency, and risk. Outcomes are deliberately plural: the same interoperability mechanism may improve access while weakening local control or make a workflow more efficient while reducing interpretive transparency.

Four Transformative Mechanisms

Four mechanisms connect the layers in Figure 1. Translation converts locally situated assets into portable representations. It occurs when a collection, expertise domain, or institutional service is expressed through metadata and MCP capability descriptions. Translation necessarily selects and simplifies. Drawing on boundary-object theory, the analysis asks whether these representations preserve enough common structure for coordination without erasing domain-specific meaning (Star and Griesemer 1989).

Activation connects represented capability with procedural knowledge. A capability becomes institutionally actionable when an agent can determine when it applies, which parameters and constraints matter, how outputs should be evaluated, and when to seek human review. Skills may strengthen activation by packaging these judgments, but their effectiveness depends on specificity, currency, portability, and trust (Xu and Yan 2026; Jiang et al. 2026). The empirical analysis will distinguish the mere availability of an operation from the presence of adequate procedural support for its use.

Mediation connects activated capabilities to institutional knowledge work. Here the agent selects and sequences services, combines retrieved objects, and reframes outputs for a user or another system. This extends digital-library mediation beyond the interface between a person and a collection to interactions among people, models, servers, repositories, and organizations. The framework treats the distribution of agency as an empirical issue rather than assuming that either the model or the institution acts alone.

Accountability connects enacted work to provenance and ecosystem outcomes. It concerns whether sources, transformations, versions, responsible agents, and execution histories are sufficiently visible to support audit, explanation, correction, and reuse. PROV supplies a general representational vocabulary (Moreau et al. 2013), but an ecosystem may expose only fragments of the required evidence. Accountability therefore depends on both technical traceability and institutional signals such as stewardship, licensing, maintenance, and authoritative documentation.

Analytical Expectations and Empirical Use

The framework is a sensitizing model rather than a claim that the eight layers are already complete or evenly developed. It guides the empirical analysis through four expectations. First, capability metadata will reveal a shift from organizing information objects toward organizing possible actions on knowledge. Second, procedural skill documents will contain forms of situated instruction that are not reducible to server metadata or conventional documentation. Third, provenance maturity will vary independently of functional sophistication: a technically capable service may remain weakly attributable or auditable. Fourth, institutional domains will differ in how they combine assets, capabilities, procedural guidance, and governance signals.

These expectations connect directly to the research questions. Capability and knowledge-object analyses examine the representation layers (RQ1–RQ2); the separate analysis of SKILL.md examines procedural activation (RQ3); provenance indicators evaluate accountability (RQ4); domain and network analyses identify forms of institutional knowledge work (RQ5); and the empirically derived taxonomy integrates patterns across the layers (RQ6). The results will be used to refine the model, test whether its distinctions are observable in the dataset, and determine where executable knowledge ecosystems remain descriptively or institutionally underdeveloped.

Methodology

The mixed-method design is supported by research that uses qualitative domain knowledge to guide and interpret corpus-scale topic modeling (Singer et al. 2022). The taxonomy procedure likewise follows evidence that systematic content analysis can derive empirical characteristics before they are iteratively refined into a classification (Steininger et al. 2021). These precedents justify using computational models for discovery while reserving substantive category decisions for transparent qualitative validation.

Research Design

The study uses a census-oriented, sequential mixed-method design combining registry analysis, computational text analysis, network analysis, and qualitative interpretation. The quantitative components characterize the scale, composition, and relational structure of the public MCP ecosystem; the qualitative components interpret capability descriptions and procedural documents as knowledge organization artifacts. Integration occurs during taxonomy construction and theoretical interpretation rather than by treating computational outputs as self-explanatory results.

The design distinguishes three populations. The registry population comprises the latest version of every server record exposed by the Official MCP Registry at the time of collection. The repository frame comprises unique GitHub repositories linked from those server records. The retrievable evidence corpus comprises the repository snapshots, capabilities, and procedural documents successfully collected from a deterministic sample of the repository frame. This distinction prevents repository-level or document-level findings from being generalized to all Registry servers without qualification.

Sampling Frame, Collection, and Evidence Preservation

Registry data were collected from the Official MCP Registry v0.1 endpoint on July 15, 2026. Pagination cursors were followed to exhaustion, and versioned responses were archived unchanged with Coordinated Universal Time timestamps. Records were grouped by canonical Registry name, after which the version designated isLatest by the Registry was selected for the cross-sectional server table. Earlier responses remain in the raw archive for possible longitudinal reconstruction.

Repository URLs were canonicalized and deduplicated. Because unauthenticated GitHub API capacity was exhausted during enrichment, repository retrieval used an opt-in direct-clone procedure that did not depend on GitHub REST metadata. A deterministic SHA-256 ranking with seed ICADL-2026 selected 250 repositories from the 12,589-repository frame. This procedure gives every canonical repository the same ex ante selection probability of 0.019859 and makes the attempted sample exactly reproducible. Shallow clones were bounded by a 120-second timeout and checkpointed so that successful snapshots could be reused without repeated requests.

Of the 250 selected repositories, 212 were successfully cloned (84.8%). The remaining 38 were unavailable at their Registry-declared locations or could not be retrieved within the collection constraints. Retrieval failure was retained as an availability and provenance observation rather than silently removed. For every successful snapshot, the pipeline recorded the commit SHA, inventoried relevant files, copied evidence into the raw store, and calculated SHA-256 checksums. Third-party code was never executed.

Table 2 summarizes the resulting analytical units and makes the relevant denominator explicit. Registry-level analyses use the 16,800-server census. Capability, README, and skill analyses describe the 212 successfully retrieved repositories or the smaller set in which a particular artifact was detected. The 250 attempted clones support retrieval-rate analysis, but design weights cannot by themselves correct for the 38 unavailable repositories; content-based generalization therefore remains conditional on retrieval.

Table 2: Analytical units, observed counts, and inferential scope
Analytical unit Observed count Primary inferential scope
Latest Registry server records 16,800 Registry census
Unique linked GitHub repositories 12,589 Repository sampling frame
Deterministically selected repositories 250 Retrieval attempt sample
Successfully cloned snapshots 212 Retrievable repository corpus
Statically detected tools 1,238 in 84 repositories Successful snapshots with detected tools
Statically detected resources 102 in 26 repositories Successful snapshots with detected resources
Statically detected prompts 78 in 22 repositories Successful snapshots with detected prompts
Detected skill documents 452 in 44 repositories Successful snapshots with `SKILL.md` or `Skills.md`
Parsed skill sections 7,454 Detected skill-document corpus
Hashed evidence files 2,158 Successful repository snapshots

Data Model and Operationalization

The normalized data model represents servers, repositories, tools, resources, prompts, skills, skill sections, and inventoried files as linked tables. Stable identifiers preserve one-to-many relations without flattening servers, repositories, and capabilities into a single unit. This is important because 336 server records intentionally share a repository with at least one other server, commonly through monorepository arrangements.

Server-level variables include names, namespaces, descriptions, versions, packaging and transport declarations, authentication and installation metadata, licenses, categories, publisher information, publication dates, text measures, rule-based classifications, and provenance indicators. Metadata completeness is calculated as the proportion of a documented set of registry fields that contain usable values. Text measures include character and token counts, unique-token ratios, and Flesch readability. Knowledge-object, information-function, and institutional-domain labels are initially assigned through transparent dictionaries; their scores indicate the concentration and strength of matching terms and are not interpreted as calibrated probabilities.

Capabilities were identified through static extractors for common Python decorators and JavaScript or TypeScript registration patterns. Each record retains its source file, source line, extraction method, and extraction confidence. Tools include parameter and output information; resources include URI, MIME type, read-only status, and template information; prompts include arguments, workflow text, and examples when statically available. Because the collector does not execute repositories, a missing capability record means not detected by the supported static patterns, not absent at runtime. Same-name capabilities discovered in source and compiled files are marked as within-repository duplicates for sensitivity analysis.

Procedural documents were detected case-insensitively under both singular and plural filenames. This decision is empirically consequential: 450 of the 452 retrieved documents use SKILL.md, whereas only two use Skills.md. Each document was segmented by Markdown headings and parsed for numbered or checklist steps, fenced examples, prerequisites, outputs, and dependency signals. Document- and section-level text, rather than file presence alone, forms the basis for analyzing procedural knowledge.

Descriptive and Corpus Analysis

All analyses are orchestrated in R within the Quarto manuscript and companion scripts. Data are read from the normalized CSV or Parquet tables with readr and arrow, transformed with dplyr, and audited with explicit denominators. Registry analysis reports frequency distributions, robust summaries, missingness patterns, metadata completeness, version counts, duplicate mappings, and the prevalence of provenance indicators. Estimates based on the 250 attempted repositories use the recorded design probability where appropriate. Content estimates based only on successful snapshots are labeled conditional rather than presented as population estimates.

The text corpus combines server descriptions, capability descriptions, README evidence, and skill documents while retaining document type, repository, and source identifiers. Original text is preserved alongside lowercase, lemmatized, and English-stopword-removed forms. Descriptive corpus measures include document length, lexical diversity, readability, term frequency, TF–IDF, and salient unigrams, bigrams, and trigrams. Analyses use quanteda, tidytext, tokenizers, and textstat; URLs, code fences, and schema fragments are either modeled separately or removed in sensitivity variants so that software syntax does not dominate semantic interpretation.

Comparisons are stratified by document type because a short capability description and a long procedural document have different communicative functions. The analysis therefore avoids interpreting raw word counts across genres as direct evidence of quality. Instead, it examines whether documents provide differentiating vocabulary, explicit objects and actions, procedural sequencing, constraints, examples, and provenance cues.

Topic Modeling and Taxonomy Construction

Topic discovery uses three complementary approaches: latent Dirichlet allocation (LDA), BERTopic, and clustering of document embeddings. LDA provides an interpretable probabilistic baseline in which documents are mixtures of latent topics (Blei et al. 2003). BERTopic combines transformer embeddings, density-based clustering, and class-based TF–IDF representations (Grootendorst 2022). The R pipeline fits LDA through topicmodels, performs vector and cluster diagnostics with quanteda, text2vec, and cluster, and invokes a version-pinned BERTopic environment through reticulate so that model comparison remains controlled from the R workflow.

Candidate solutions vary topic count, random seed, minimum document frequency, and short-document preprocessing. Models are compared using semantic coherence, topic diversity, cluster stability, outlier share, and human interpretability; coherence is treated as one diagnostic rather than a definitive selector (Röder et al. 2015). Representative documents, high-probability terms, and contrasting cases are inspected before topics receive substantive names. Separate models are fitted for short server and capability descriptions and for longer README and skill corpora, followed by a cross-corpus comparison.

The taxonomy of interoperable AI knowledge services is developed through alternating empirical-to-conceptual and conceptual-to-empirical iterations. This follows the logic of Nickerson et al. (2013): observable clusters and recurring descriptions propose candidate characteristics, while the conceptual framework supplies dimensions such as knowledge object, information function, procedural depth, mediation role, and provenance. Categories are revised until they are mutually distinguishable, collectively useful for the observed corpus, stable across resamples, and accompanied by definitions, inclusion rules, exclusions, and representative examples. The initially suggested categories in the research agenda are treated as sensitizing possibilities, not predetermined classes.

Network, Institutional, and Provenance Analysis

The relational analysis constructs a heterogeneous network from directly observed or transparently derived links: publisher or namespace to server, server to repository, repository to tool, resource, prompt, and skill, and capabilities to declared resource dependencies where available. No tool-to-prompt or tool-to-resource edge is asserted solely because two artifacts occur in the same repository. One-mode projections are generated only when the underlying bipartite relation and projection rule are stated.

Network summaries include component structure, degree distributions, centralization, and bipartite concentration (Wasserman and Faust 1994). Community structure is explored through modularity optimization using the Louvain method (Blondel et al. 2008), with resolution and random-seed sensitivity reported. The substantive interpretation concerns concentrations of institutional knowledge work, not merely highly connected software projects. Automated domain labels are combined with publisher, namespace, description, and repository evidence to distinguish libraries, archives, education, research, government, health, commercial services, software engineering, and emergent cross-domain forms.

Provenance is measured across five evidence dimensions: source attribution, citation or reference support, version information, execution or audit logging, and workflow transparency. Indicators are coded from registry metadata, capability descriptions, README files, and skills, with technical traceability distinguished from institutional authority. An ordinal maturity model is constructed only after examining the observed combinations of indicators; missing text is not automatically classified as low maturity when the relevant evidence source was unavailable. The model is interpreted using the entity–activity–agent structure of W3C PROV (Moreau et al. 2013) but does not require repositories to implement PROV formally.

Qualitative Validation, Triangulation, and Sensitivity Analysis

Computational classifications and clusters are validated against source documents through stratified qualitative coding. Strata preserve rare capability types, institutional domains, skill-rich repositories, high- and low-provenance cases, and modeling outliers. The codebook defines the unit of analysis, decision rules, positive and negative examples, and treatment of ambiguous cases. Categorical codebook validation uses independent double-coding and reports Krippendorff’s alpha with uncertainty, consistent with recommendations for content-analysis reliability (Krippendorff 2004). Interpretive theme development is documented reflexively rather than treating inter-coder agreement as a universal quality criterion (Braun and Clarke 2021).

Triangulation compares four forms of evidence: structured registry metadata, statically extracted capabilities, procedural documents, and qualitative source review. A conclusion is classified as convergent when independent evidence types support the same interpretation, complementary when they illuminate different parts of the framework, and discrepant when they conflict. Discrepant cases are retained and analyzed because they may reveal semantic ambiguity, extraction limits, institutional variation, or registry staleness.

Sensitivity analyses compare results with and without within-repository capability duplicates; alternative tokenization and document-frequency thresholds; multiple topic solutions and random seeds; weighted and unweighted repository summaries; and successful versus failed clone attempts using Registry-observable variables. Registry-level results remain separate from retrieval-conditional findings throughout. These procedures address the central inferential risk in the design: confusing a large census of server metadata with a census of repository contents or runtime capabilities.

Reproducibility and Research Ethics

The replication package retains raw Registry responses, request logs, configuration, sampling seed, selection flags and probabilities, commit SHAs, file hashes, normalized CSV and Parquet tables, a machine-readable schema, a data dictionary, and versioned analysis code. Primary- and foreign-key checks, required-field completeness, malformed URLs, duplicate mappings, and extraction evidence were evaluated after normalization. The final validation status was pass_with_warnings; no critical or high-severity failures remained, and the sole low-severity warning concerned the 336 intentionally retained shared-repository mappings.

Only publicly available metadata and public repository files were collected. The workflow avoided executing untrusted code, respected bounded retrieval, and preserved source URLs and collection timestamps. Repository owners and publishers are analyzed as institutional actors represented in public infrastructure, not as human research participants. Nevertheless, the paper reports aggregate patterns and uses representative examples for analytical illustration rather than reputational ranking. Public availability is treated as permission to study observable artifacts, not as evidence that every artifact is equally authoritative, safe, or suitable for automated reuse.

Results

The results are interpreted against two relevant bodies of empirical literature. Registry studies distinguish publication and technical reuse from the richer documentation and trust evidence required for dependable selection (Jiang et al. 2023), while package-ecosystem studies show that concentration and maintainer continuity have consequences for long-term viability (Zimmermann 2020). These sources provide comparative support for interpreting descriptive thinness and concentrated skill production as ecosystem-governance conditions rather than merely document-format differences.

Registry Scale and Descriptive Capacity

The collection contains 16,800 latest-version server records linked to 12,589 unique GitHub repositories. Of these server records, 16,626 (99.0%) were active and 174 (1.0%) were deprecated at collection time. A majority of servers had only one registered version, but 6,428 (38.3%) had more than one and 1,579 (9.4%) had more than five. Versioning is therefore established as a publication mechanism, although, as the provenance results below show, it is rarely described as part of an auditable workflow.

Table 3 reveals a sharp distinction between structural completeness and descriptive richness. The median calculated metadata-completeness score was 1.00, yet the median description contained only 12 words. No normalized server record supplied a value in the license field, and the Registry categories and publisher objects were empty throughout this snapshot. Authentication metadata appeared in 1,601 records (9.5%). These results are consistent with the Registry’s stated role as an unopinionated metadata repository that points to packages or remote services rather than hosting or curating the services themselves (Model Context Protocol 2026). For knowledge organization, however, the consequence is that formally valid records may provide little evidence for semantic differentiation, rights assessment, or institutional selection.

Table 3: Registry scale, lifecycle, and descriptive metadata
Measure Observed result
Latest server records 16,800
Unique linked repositories 12,590
Active server records 16,626 (99.0%)
Records with more than one version 6,428 (38.3%)
Median description length 12 words
Median formal completeness score 1.00
Records with license metadata 0 (0.0%)
Records with authentication metadata 1,601 (9.5%)

The namespace structure was broad but uneven. The 16,800 records used 10,292 namespaces; the largest namespace accounted for 1,217 servers (7.2%), and the ten largest together accounted for 2,510 (14.9%). At the repository layer, 99% of linked repositories implemented no more than two Registry servers, but one repository mapped to 126. This pattern combines a long tail of small contributors with a limited number of bulk-publishing or multi-server projects. The Registry should therefore not be interpreted as 16,800 independent institutional providers.

Capability Representation: Tools Dominate the Executable Layer

Static extraction found 1,238 tool registrations, 102 resources, and 78 prompts. After collapsing records marked as within-repository duplicates, the evidence corpus contained 1,155 tools, 84 resources, and 75 prompts. As Table 4 shows, tools constituted 87.9% of the 1,314 unique capability records and appeared in 84 of the 212 successfully cloned repositories. Resources and prompts were both less prevalent and substantially less likely to include a description.

Table 4: Statically detected MCP capabilities after within-repository duplicate exclusion
Artifact Unique records Repositories represented Share of capabilities Records with descriptions
Tools 1155 84 87.9% 62.2%
Resources 84 26 6.4% 28.6%
Prompts 75 22 5.7% 16.0%

The capability relations reinforce the centrality of tools. Twenty of the 26 repositories with detected resources also had tools, as did 17 of the 22 repositories with prompts. By contrast, only 17 of the 44 repositories containing skills also had a statically detected tool. Skills therefore did not simply duplicate tool documentation; many occurred in repositories where the supported static patterns exposed no MCP capability registration.

Tool portfolios were themselves uneven. Among the 84 repositories with tools, the median was 10 unique tools, the interquartile range was 4–18, and the maximum was 78. The ten largest portfolios accounted for 35.9% of all nonduplicate tools. Description coverage was also incomplete: 37.8% of tools, 71.4% of resources, and 84.0% of prompts lacked a statically extractable description. The executable layer was thus organized primarily as callable action, but the semantic information needed to compare actions or understand contextual resources was much thinner.

Knowledge Objects, Functions, and Service Families

To avoid allowing package configuration text to determine substantive categories, the knowledge-object, function, and institutional-domain sensitivity analysis used only the public server description. This is a demanding test because descriptions were extremely short. Only 5,422 descriptions (32.3%) contained terms sufficient to assign a knowledge object, 5,142 (30.6%) contained a classifiable information function, and 2,227 (13.3%) contained an institutional-domain signal. The unclassified records are retained in Figure 2 because forcing them into a topic or service class would overstate the semantic resolution of Registry metadata.

Figure 2: Information functions detected in public server descriptions. Percentages use all 16,800 Registry server records as the denominator; unclassified descriptions remain visible.

Among the classifiable descriptions, retrieval dominated: 2,745 records, or 53.4% of classified functions, described searching, reading, browsing, finding, or retrieving. Generation followed with 623 (12.1%), storage with 525 (10.2%), analysis with 455 (8.8%), communication with 315 (6.1%), transformation with 189 (3.7%), monitoring with 158 (3.1%), and orchestration with 132 (2.6%). On the object dimension, APIs (1,512), workflows (1,382), and documents (945) jointly represented 70.8% of classified descriptions. The most frequent function–object intersection was document retrieval, followed by API retrieval and workflow retrieval.

A parsimonious synthesis groups the eight action labels into the six service families shown in Table 5. This taxonomy is empirical in its counts but deliberately conservative in scope: it classifies what descriptions explicitly say a service does, not every capability the underlying server may implement. Its most important structural distinction is between access brokerage, which mediates existing knowledge objects, and the smaller families that generate, transform, retain, analyze, communicate, monitor, or coordinate action.

Table 5: Six functional families of interoperable AI knowledge services
Service family Operational signature Classified records Share of classified functions
Access brokerage Searches, reads, browses, finds, or retrieves knowledge objects 2745 53.4%
Content production and transformation Generates, writes, converts, translates, parses, or extracts content 812 15.8%
State and memory services Stores, saves, persists, archives, or remembers state 525 10.2%
Analytic and evaluative services Analyzes, evaluates, calculates, or produces insights 455 8.8%
Communication mediation Exchanges messages, email, chat, or other communications 315 6.1%
Operational control and orchestration Monitors conditions or coordinates and executes multi-step work 290 5.6%

Institutional signals were even sparser. Of the 2,227 classifiable descriptions, software engineering accounted for 879 (39.5%) and finance for 568 (25.5%), followed by science (250), healthcare (242), libraries (174), education (75), archives (30), and museums (9). Libraries, archives, and museums together represented 213 records—9.6% of domain-classified descriptions but only 1.3% of the full Registry census. The result does not show that cultural-heritage functions are absent; it shows that explicit cultural-heritage identity is marginal in the Registry’s current descriptive layer.

Procedural Knowledge Is Rich but Highly Concentrated

The 452 detected skill documents came from only 44 repositories, or 20.8% of successful snapshots. Their internal structure was far richer than the Registry descriptions. The median skill contained 817 tokens, 14 headings, four parsed workflow steps, and three fenced examples. By comparison, the median public server description contained 12 words. Skills therefore supplied a procedural layer of a different order of magnitude rather than a slightly longer version of capability metadata.

Table 6 shows that examples and declared outputs were common, while prerequisites were uncommon. A majority of skills contained at least one workflow step, but only 12 documents (2.7%) combined all five measured procedural signals: steps, examples, prerequisites, outputs, and dependencies. Another 12 contained none. Recurring headings such as “when to use,” “checklist,” “steps,” “inputs,” “anti-patterns,” “constraints,” and “out of scope” demonstrate that many skills encode applicability and boundaries as well as sequences of commands.

Table 6: Structure and concentration of detected procedural skill documents
Measure Observed result
Skill documents 452 across 44 repositories
Median document length 816 tokens
Median headings 14
Documents with workflow steps 274 (60.6%)
Documents with examples 336 (74.3%)
Documents declaring prerequisites 39 (8.6%)
Documents declaring outputs 294 (65.0%)
Documents declaring dependencies 164 (36.3%)
Documents with all five procedural signals 12 (2.7%)
Largest repository share 36.3%
Skill distribution Gini coefficient 0.746

Procedural knowledge was also more concentrated than server publication. One repository contributed 164 skills (36.3% of the skill corpus), the five largest contributed 66.2%, and the ten largest contributed 83.6%; the repository-level Gini coefficient was 0.746. The ecosystem therefore contains substantial procedural articulation, but it is not yet broadly distributed across providers. In the terms of the conceptual framework, capability representation is widespread at the Registry level, whereas explicit procedural activation remains localized in a small number of intensive skill libraries.

Provenance Signals Are Rare and Fragmented

Provenance cues were measured across all Registry-record text using six transparent indicators. As Table 7 shows, no individual indicator appeared in more than 1.2% of records. Execution logging was the most frequent signal, followed by citations and audit-trail language. Explicit source attribution, references, and version-history language were rarer.

Table 7: Provenance and auditability signals in Registry server records
Signal Records Percentage of servers
Execution logging or telemetry 189 1.12%
Citations or DOI support 164 0.98%
Audit trail or provenance 107 0.64%
References or bibliography 56 0.33%
Explicit source attribution 39 0.23%
Version or revision history 15 0.09%

When the six indicators were combined, 16,245 records (96.7%) contained no provenance cue, 540 (3.2%) contained one, and only 15 (0.09%) contained two; none contained three or more. The contrast with lifecycle metadata is revealing: 38.3% of servers had multiple registered versions, but only 15 records explicitly described version or revision history. Registry versioning identifies released states, whereas workflow provenance would explain how sources, activities, transformations, and responsible agents produced a result. The ecosystem exhibited the former far more often than the latter.

Answer to the Primary Research Question

Taken together, the results show an ecosystem organized more successfully for discovering callable services than for interpreting and governing institutional knowledge work. Its dominant representational unit is the tool; its dominant classifiable function is retrieval; and its dominant classifiable objects are APIs, workflows, and documents. Skills demonstrate that reusable procedural knowledge can be represented richly, but this practice is concentrated in a small minority of repositories. Provenance, rights, publisher identity, and domain description remain sparse.

Publicly available MCP servers therefore reveal an emergent knowledge ecosystem in which interoperability has advanced furthest at the level of executable action. Semantic differentiation, procedural portability, and accountable mediation have developed unevenly around that core. This asymmetry provides the empirical basis for the discussion that follows: digital-library expertise is most strategically relevant not in reproducing tool registries, but in strengthening the descriptive, procedural, provenance, and stewardship layers that make executable knowledge institutionally trustworthy.

Discussion

The discussion is consistent with evidence from adjacent technical ecosystems: a registry can lower the cost of discovery and reuse while leaving documentation quality, trustworthiness, ownership, and maintenance unresolved (Jiang et al. 2023; Zimmermann 2020). Institutional studies add that AI adoption in libraries and GLAM organizations involves service design, ethics, and responsible experimentation alongside automation (Cifuentes-Silva et al. 2025; Kim et al. 2024). Together, these literatures support interpreting the findings as a coordination problem across technical and institutional layers.

Interoperability Has Standardized Invocation Before Interpretation

The central finding is not simply that MCP has produced a large registry. It is that the ecosystem has achieved greater standardization for making services callable than for making them interpretable. The Registry provides stable names, versions, installation declarations, transports, and links to executable artifacts, while MCP distinguishes tools, resources, and prompts as protocol primitives. These are meaningful infrastructural achievements. They reduce the bespoke integration work required for an AI application to locate and connect to external services (Model Context Protocol 2025b, 2026).

The same infrastructure remains semantically thin. Median descriptions were short, most could not be assigned a knowledge object, information function, or institutional domain from their description alone, and rights and publisher fields supplied little usable evidence. Formal completeness therefore measured conformance to the available record structure rather than adequacy for institutional selection. This distinction is familiar in digital-library interoperability: a record can be syntactically valid while its semantics remain too coarse, local, or ambiguous to support reliable cross-system interpretation (Khoo and Hall 2010; Hjørland 2007).

MCP extends this established problem from objects to actions. A bibliographic record helps a user or system decide whether an information object is relevant; a capability description helps an agent decide whether an action is appropriate. If descriptions are generic, the consequences are not limited to poor discovery. The agent may choose the wrong operation, misunderstand its scope, or invoke a service whose institutional authority and output conditions are unclear. Capability metadata should therefore be understood as metadata with operational consequences.

This interpretation also qualifies the apparent scale of the ecosystem. The 16,800 Registry records do not represent 16,800 equivalent or independent knowledge institutions. Namespaces and repositories reveal a long tail combined with bulk-publishing and multi-server projects. The Registry is a publication layer, not an institutional census. Its own documentation describes its metadata as deliberately unopinionated and anticipates downstream curation (Model Context Protocol 2026). The empirical results show why that downstream layer will be necessary: discovery can be centralized while judgments about quality, domain relevance, authority, and risk remain unresolved.

Retrieval Dominance Reconfigures Information Mediation

Retrieval accounted for more than half of the classifiable information functions, and APIs, workflows, and documents dominated the classifiable knowledge objects. This profile suggests that the first phase of interoperable agents is not replacing information retrieval with autonomous action. Rather, it is embedding retrieval inside a broader executable chain. A user no longer interacts only with an index, interface, or collection; the interaction may pass through an agent that discovers a server, interprets a tool description, calls an API, transforms a response, and synthesizes an answer.

This chain reconfigures mediation in three ways. First, selection shifts partly from the user to the agent. The agent chooses among services using metadata that may be invisible in the final response. Second, relevance becomes coupled with actionability. A source may be intellectually relevant but unavailable through the selected capability, while a callable source may be preferred because it is technically convenient. Third, institutional context can be lost between the source system and the generated answer. Traditional digital-library interfaces commonly expose collection identity, record structure, access conditions, and navigable relationships; an agent may compress these distinctions into a fluent response unless the service and workflow preserve them.

The predominance of retrieval is therefore strategically important for digital libraries. It places established LIS concerns—description, relevance, authority, aggregation, and user mediation—inside the control loop of agentic systems. Hjørland (2021) argues that retrieval is shaped by theoretical assumptions about meaning and relevance. In MCP ecosystems, those assumptions can be distributed across a model, a capability description, an API, a skill, and an institutional source. Evaluation must consequently move beyond whether a server returns a result to whether the full mediation chain preserves the evidence needed to interpret that result.

Recent organizational research reinforces this point. Perceived hallucination risk affects willingness to seek knowledge through generative AI, indicating that technically available information access does not automatically become trusted knowledge seeking (Pecher et al. 2026). The present findings identify an infrastructural source of that problem: sparse descriptions and provenance cues leave agents and users with limited evidence for assessing why a service was selected or how its output should be trusted.

Skills Form a Procedural Knowledge Layer, Not Merely Documentation

The contrast between terse Registry descriptions and long, structured skill documents supports treating skills as a distinct procedural layer. Skills commonly included steps, examples, inputs, outputs, applicability statements, anti-patterns, or constraints. These elements do more than describe a capability. They encode how an agent should recognize a situation, sequence actions, judge completion, and avoid inappropriate behavior. This aligns with emerging accounts of agent skills as reusable modules that package procedural knowledge with applicability conditions and execution policies (Xu and Yan 2026; Jiang et al. 2026).

Two qualifications are crucial. First, procedural richness was highly concentrated. Only 44 successfully retrieved repositories contained skills, and a few repositories supplied most of the documents. The ecosystem has therefore demonstrated the feasibility of explicit procedural representation without establishing it as a broadly shared practice. A mature procedural layer would require conventions for scope, prerequisites, outputs, dependencies, version compatibility, and deprecation across providers rather than within isolated skill libraries.

Second, more procedural content does not necessarily mean safer or more authoritative action. Only a small fraction of documents combined all measured procedural signals, and prerequisites were particularly uncommon. A detailed skill can still contain stale assumptions, excessive permissions, embedded prompt injection, or malicious instructions. Large-scale research on community skills reports vulnerabilities involving prompt injection, data exfiltration, privilege escalation, and supply-chain risks (Y. Liu et al. 2026). Architectural analysis similarly identifies risks across skill creation, distribution, deployment, and execution (Li et al. 2026).

The relevant distinction is therefore between procedural availability and procedural trustworthiness. Skills can preserve institutional know-how that would otherwise remain in human-facing manuals, but trustworthy reuse requires provenance, review status, permission boundaries, version constraints, and evidence of testing. For digital libraries, the opportunity is substantial: cataloging procedures, repository deposit workflows, rights review, preservation checks, and reference protocols could become agent-consumable. The risk is equally clear: converting a local procedure into portable instructions can detach it from the professional judgment and policy context that originally governed it.

Lifecycle Metadata Is Not Workflow Provenance

The sharpest governance gap appears in provenance. More than one-third of servers had multiple registered versions, but explicit provenance, attribution, audit, reference, or execution-history cues were rare, and no record exhibited more than two of the six measured signals. The ecosystem is thus better at identifying which released artifact may be invoked than at explaining how a particular knowledge outcome was produced.

These are different provenance problems. Artifact provenance concerns publisher identity, package origin, version, repository, and integrity. Workflow provenance concerns which entities were used, which activities transformed them, which human or software agents were responsible, and how outputs were derived. W3C PROV provides a general vocabulary for the latter relations (Moreau et al. 2013), but Registry metadata alone cannot reconstruct them. Execution logging and source attribution must be carried through the host–client–server chain and associated with the resulting information object.

This gap helps connect the present Information Science analysis with MCP reliability research. Empirical fault taxonomies show that failures arise across configuration, communication, dependencies, implementation, and execution (Taraghi et al. 2026; Owotogbe et al. 2026). Without workflow-level provenance, a user may know which server was configured while remaining unable to determine which source, parameter, transformation, or intermediate failure shaped the response. Provenance is therefore not an optional descriptive enhancement added after execution; it is an operational requirement for diagnosis, correction, and accountable reuse.

Human oversight must likewise be distributed across the workflow. Taş et al. (2026) find that professional control in generative-AI knowledge work is maintained through episodic interventions rather than a single final approval point. The executable knowledge ecosystem requires an analogous design: review may be needed when a capability is selected, before a consequential action, when evidence conflicts, and before an output enters an institutional record. Sparse provenance makes these intervention points harder to identify and audit.

Institutional Knowledge Work Is Visible Unevenly

Software engineering and finance dominated the descriptions with identifiable institutional domains, while explicit library, archive, and museum signals formed a small fraction of the full census. This does not establish that cultural-heritage services are absent. Domain classification was possible for only 13.3% of descriptions, and general-purpose infrastructure may serve many institutional settings without naming them. The result instead demonstrates a problem of institutional legibility: Registry metadata rarely communicates which professional domain, stewardship regime, or community practice gives a service meaning.

Institutional legibility matters because apparently similar actions can have different meanings across settings. “Search” in a code repository, a clinical record, an archival finding aid, and a museum collection entails different units, access rules, relevance assumptions, and evidentiary standards. A generic action label supports technical routing but not responsible domain interpretation. This is precisely where classifications and standards can make consequences invisible: what is omitted from a common schema may disappear from routine system decisions (Bowker and Star 1999).

The low visibility of libraries, archives, and museums should consequently be read as both a representation gap and a strategic opening. These institutions possess expertise in authority control, collection-level context, rights, provenance, preservation, and mediated access. Their contribution to agent ecosystems need not be limited to publishing more servers. They can shape registries and aggregators so that executable services disclose the contextual properties required for informed use.

Refining the Executable Knowledge Ecosystem Framework

The results support the eight-layer framework in Figure 1 but show that its layers are developing at different rates. Institutional assets and knowledge representations are abundant but unevenly described. Capability representation is the most visible and standardized layer, especially for tools. Procedural knowledge is rich where present but highly concentrated. AI mediation is enabled by the protocol but largely opaque in the Registry data. Workflow provenance is the weakest observable layer, limiting the accountability of institutional knowledge work and its outcomes.

This unevenness can be summarized as representational lag: executable capacity expands faster than the metadata, procedural conventions, and provenance needed to interpret and govern it. Representational lag explains how an ecosystem can be simultaneously interoperable and difficult to trust. Servers may communicate successfully at the protocol level while institutions lack adequate evidence about semantic scope, procedural fitness, authority, or derivation.

A second pattern is the institutionalization gap. Skills show that local procedural knowledge can be made agent-consumable, yet concentration and inconsistent prerequisites indicate that this practice has not become a stable ecosystem norm. Institutionalization would require shared expectations for documentation, review, maintenance, portability, and accountability, together with governance mechanisms that distinguish authoritative institutional procedures from merely available instructions.

These refinements preserve the framework’s feedback logic. Ecosystem outcomes—successful reuse, failures, security incidents, user distrust, or institutional adoption—should feed back into capability descriptions, skill revision, provenance requirements, and registry governance. The current ecosystem exposes the components of that loop but not yet a mature mechanism for coordinating them. The theoretical and practical implications of closing these gaps are developed in the following sections.

Theoretical Implications

The theoretical claims extend established digital-library and software-ecosystem findings. Digital libraries integrate information objects with services and communities (Fox and Urs 2002), whereas registries and package ecosystems demonstrate that technical reuse is mediated by descriptions, versions, ownership, and maintenance institutions (Jiang et al. 2023; Zimmermann 2020). The executable knowledge ecosystem framework generalizes these relationships from reusable objects and packages to callable capabilities and procedural skills.

Extending Knowledge Organization from Objects to Actions

The first theoretical contribution is to extend the conventional object-centered scope of knowledge organization. Libraries and digital repositories organize documents, records, datasets, concepts, agents, and relationships so that information objects can be found and interpreted. MCP ecosystems add a consequential second-order object: the executable capability. A capability record represents a possible intervention—searching, retrieving, transforming, generating, communicating, monitoring, or coordinating—rather than only a thing that exists.

This extension does not replace established knowledge organization theory. It makes that theory more important. Classification systems shape what becomes visible and actionable (Bowker and Star 1999), while domain analysis locates meaning in the practices and epistemic commitments of communities (Hjørland 2007). In an agent ecosystem, those effects operate before execution. A tool name, description, and schema delimit which action the agent perceives, which object it believes the action concerns, and which parameters it regards as legitimate. Capability descriptions are therefore not peripheral software documentation; they are elements of a knowledge organization system for possible action.

The empirical dominance of tools supports this shift. The ecosystem represented executable operations much more often than contextual resources or reusable prompts, and access brokerage dominated classifiable service functions. This indicates that interoperable AI ecosystems are initially organizing institutional knowledge by converting it into callable affordances. The relevant theoretical proposition is:

P1 (Executable knowledge organization). As AI ecosystems become interoperable, knowledge organization expands from the description and arrangement of information objects to the description and arrangement of executable actions on those objects.

P1 changes the criterion for metadata adequacy. Object metadata is commonly evaluated by whether it supports discovery, identification, selection, access, and reuse. Capability metadata must additionally support appropriate invocation, parameterization, constraint recognition, and consequence assessment. A semantically weak object record may produce a poor search result; a semantically weak capability record may produce an inappropriate action. The operational stakes of description are therefore higher.

A Three-Part Theory of Agent-Consumable Representation

The second contribution is a distinction among three representational forms that are often collapsed in discussions of agent infrastructure. Descriptive representation states what an asset or service is through metadata, schemas, identifiers, and vocabularies. Capability representation states what operations are available through tools, resources, prompts, parameters, and interfaces. Procedural representation states how, when, and under what conditions capabilities should be assembled into competent action.

The three forms are complementary but not substitutable. Rich descriptive metadata does not specify a workflow. An input schema does not explain whether a capability is appropriate for a sensitive collection. A skill may encode a reliable sequence while depending on poorly identified sources or undocumented service assumptions. The empirical separation among terse Registry records, tool-centered capability evidence, and structurally rich skills shows that these forms can develop independently.

This triad advances the concept of semantic units (Vogt et al. 2024) by distinguishing units that carry assertions from units that carry executable possibilities and procedural plans. It also gives greater precision to the emerging literature on skills. Xu and Yan (2026) and Jiang et al. (2026) describe skills as composable packages of instructions, code, and resources. The present framework locates those packages within a wider representational system: skills mediate between atomic capabilities and situated institutional work.

However, explicit procedure is not equivalent to embodied professional competence. Research on practical engagement with LLMs emphasizes that explicit AI-generated knowledge becomes useful only through a user’s prior understanding, situated interpretation, self-monitoring, and practical experience (Gahrn-Andersen 2026). A SKILL.md document can make steps, examples, constraints, and decision points portable, but it cannot exhaust the tacit and normative knowledge through which a librarian, archivist, clinician, or researcher recognizes exceptional cases.

P2 (Representational complementarity). Reliable agentic knowledge work depends on the alignment of descriptive, capability, and procedural representations; strength in one form cannot fully compensate for weakness in another.

P3 (Procedural distinctiveness). Agent skills constitute a distinct form of knowledge organization because they represent applicability, sequence, constraint, and completion rather than only objects, concepts, or isolated functions.

P2 and P3 make procedural completeness a relational property. A skill should not be judged only by its length or internal structure, but by whether its referenced objects and capabilities are identifiable, version-compatible, authorized, and governed within the target institution.

Distributed Mediation and Layered Agency

The third contribution concerns information mediation. Digital-library theory has traditionally examined relationships among users, interfaces, retrieval systems, metadata, collections, and information professionals. Interoperable agents introduce registries, models, hosts, clients, servers, skills, and external services into that chain. Selection and interpretation are distributed across these components: the user frames a goal; the model interprets it; the registry makes alternatives discoverable; a capability description influences selection; a skill may guide sequencing; a server performs an operation; and the agent synthesizes the result.

This is not simply a longer technical pipeline. It redistributes epistemic and operational agency. The agent has operative agency in discovering, selecting, and invoking services, while people and institutions retain evaluative agency in setting objectives, determining acceptable evidence, checking results, and intervening in consequential decisions. Zhu et al. (2026) similarly distinguish operative agency from human evaluative agency, while Taş et al. (2026) show that oversight occurs at multiple episodes in generative-AI workflows rather than at a single final checkpoint.

The ecosystem evidence adds an infrastructural dimension to these accounts. Human evaluation depends on the representations available at the point of intervention. Sparse descriptions impair capability selection; missing prerequisites impair procedural review; weak provenance impairs verification after execution. Human-in-the-loop arrangements can therefore become symbolic when the system does not expose the metadata and records required for meaningful judgment.

P4 (Distributed mediation). In interoperable AI ecosystems, information mediation is distributed across human, model, registry, procedural, server, and source actors; meaningful human oversight depends on representational support at each consequential handoff.

P4 shifts attention from the abstract presence of a human to the design of verification surfaces: descriptions, evidence links, constraints, logs, version relationships, and handover points through which evaluative agency can be exercised. This provides an Information Science account of human–AI agency grounded in the organization and visibility of evidence.

Provenance as a Constitutive Layer of Executable Knowledge

The fourth contribution is to theorize provenance as constitutive of executable knowledge rather than as an optional record appended to an output. A conventional information object may carry authorship, publication, custodial, and derivation metadata. An agent-mediated result can also depend on a selected server version, capability description, skill, parameter set, source response, intermediate transformation, model synthesis, and human intervention. The object cannot be adequately understood apart from this chain.

W3C PROV distinguishes entities, activities, and responsible agents (Moreau et al. 2013). The executable knowledge framework extends that logic by treating capability selection and procedural guidance as provenance-bearing events. A skill is not merely context supplied to a model; it can influence which activities occur. A registry record is not merely a directory entry; it can influence which agent or service becomes involved. Both should therefore be represented in the derivation history of consequential outcomes.

The observed separation between widespread Registry versioning and rare workflow-provenance cues supports this distinction. Artifact identity helps reproduce an installation, but it does not by itself explain the evidentiary path of a generated answer. Likewise, execution logging without source attribution may reveal that an action occurred while leaving its epistemic basis unclear.

P5 (Provenance dependence). The trustworthiness and reusability of agent-mediated knowledge outcomes depend on provenance that connects information objects, capability selection, procedural instructions, execution activities, software and human agents, and resulting transformations.

P5 implies that provenance maturity should be evaluated as coverage across layers, not by the presence of a single citation or log field. It also explains why reliability and security problems are difficult to diagnose when workflow evidence is fragmented (Taraghi et al. 2026; Owotogbe et al. 2026).

Representational Lag and Institutionalization

The fifth contribution is a temporal explanation of ecosystem development. The results show that capability publication, procedural representation, and provenance do not mature together. Tools and Registry records can proliferate rapidly because they are immediately useful to developers and aggregators. Semantic description, shared skill conventions, institutional review, and workflow provenance require coordination across communities and may develop more slowly. This disparity is representational lag.

Representational lag is not simply missing metadata. It is a dynamic condition in which executable capacity outpaces the representations needed to interpret, evaluate, and govern that capacity. The concept builds on knowledge-infrastructure theory, which treats information systems as ecologies of people, practices, technologies, and institutions rather than isolated technical artifacts (Borgman 2015). It predicts that protocol adoption can grow while institutional trust and reuse remain constrained.

A related condition is the institutionalization gap: the distance between local successful practice and a stable ecosystem norm. The skill corpus illustrates this gap. Some repositories encode extensive procedures, yet skills remain concentrated and lack uniformly expressed prerequisites or dependencies. Local procedural innovation has not become a common institutional convention.

P6 (Uneven-layer development). The institutional reliability of an executable knowledge ecosystem decreases as the growth of callable capabilities outpaces the development of semantic description, procedural governance, provenance, and evaluative oversight.

P6 is conditional rather than technologically deterministic. A capability can remain useful with minimal metadata in a tightly controlled local setting where users share tacit context. Representational lag becomes more consequential as services cross organizational and disciplinary boundaries, as agents act with greater autonomy, and as errors impose higher evidentiary, legal, cultural, or safety costs.

Theoretical Boundary Conditions and Research Program

The six propositions apply most directly to heterogeneous ecosystems in which agents dynamically discover or combine services from multiple providers. They are less consequential for a closed workflow with one trusted server, fixed procedures, and stable users. Three boundary conditions should guide future testing: heterogeneity, or the diversity of domains and representational practices; consequence, or the cost of inappropriate action; and autonomy, or the degree to which capability selection and sequencing occur without immediate human direction.

Future research can test the propositions longitudinally. If P1 and P2 hold, ecosystems with richer capability semantics should show more accurate tool selection and lower human correction costs. If P3 holds, well-governed skills should improve workflow consistency beyond what tool schemas or general documentation achieve. P4 and P5 predict that verification surfaces and cross-layer provenance will improve contestability, diagnosis, and justified trust. P6 predicts that rapid capability growth without parallel institutionalization will increase curation burdens, security incidents, and domain-specific adoption barriers.

For Information Science, the broader theoretical claim is that agent interoperability creates a new object of study between metadata and organizational practice: the organized possibility of machine action. Understanding that object requires knowledge organization, information retrieval, provenance, infrastructure studies, and theories of professional mediation to be brought into a common account. The executable knowledge ecosystem framework provides that account while retaining a central role for institutional context and human judgment.

Practical Implications for Digital Libraries

Practice-oriented literature supports an institutionally governed approach. Work on AI in parliamentary libraries and GLAM collections identifies opportunities for process and service transformation while foregrounding responsible exploration (Cifuentes-Silva et al. 2025; Kim et al. 2024). Research on package stewardship further shows that explicit ownership and succession arrangements matter when reusable components outlive their original maintainers (Zimmermann 2020).

Curate Executable Services as Collection and Infrastructure Resources

Digital libraries should treat MCP servers, registries, and skills as resources that require selection and stewardship rather than as neutral connectors that can be enabled solely because they are technically compatible. The official Registry is designed as an unopinionated publication layer (Model Context Protocol 2026); the empirical results show that its metadata is not sufficient for institutional adoption decisions. Libraries therefore need a curated layer between public discovery and operational use.

This layer can extend familiar collection-development questions to executable services. Who is responsible for the service? What knowledge objects and actions are in scope? Which sources does it access? What rights, licenses, privacy terms, and retention policies apply? Which credentials and permissions are required? How is the service maintained, versioned, monitored, and withdrawn? Can its output be traced to authoritative records? What happens when it fails or changes behavior?

The practical output should be an institutional allowlist or service catalog, not an undifferentiated mirror of a public registry. Each approved record should name a service owner, risk tier, permitted use cases, prohibited data, reviewed version or version range, credential scope, evidence sources, review date, and exit procedure. Libraries already make analogous judgments when licensing databases, acquiring digital collections, approving preservation tools, and integrating discovery services. MCP makes those judgments more dynamic because a selected service can act on information rather than merely display it.

Create an AI-Facing Metadata Application Profile

The absence of license and publisher evidence, combined with terse descriptions and low domain-classification coverage, indicates a need for a digital-library application profile for executable services. Such a profile would not replace server.json; it would add locally or cooperatively curated fields needed for institutional interpretation. At minimum, it should cover:

  • persistent service and publisher identifiers;
  • authoritative organization and maintainer relationships;
  • service function, knowledge object, institutional domain, and intended users;
  • declared sources and collection scope;
  • read, write, transform, transmit, and delete permissions;
  • rights, license, privacy, retention, and jurisdictional constraints;
  • supported versions, dependencies, transports, authentication, and deprecation status;
  • accessibility, language, cultural-sensitivity, and community-governance considerations;
  • expected outputs, limitations, failure modes, and human-review requirements; and
  • provenance, logging, citation, and audit capabilities.

Controlled values should be reused where possible rather than invented as isolated local tags. Authority files can identify people and organizations; subject and genre vocabularies can describe domains and knowledge objects; preservation vocabularies can represent events and agents; and W3C PROV can connect entities, activities, and responsibility (Moreau et al. 2013). The goal is not to force every server into a library-specific ontology. It is to supply the contextual layer needed for selection, comparison, and accountable use.

This recommendation extends current library guidance on AI-assisted metadata. The Program for Cooperative Cataloging emphasizes standards compliance, provenance, assessment, error logging, human review, and continuing audits for AI/ML-enhanced metadata workflows (PCC Task Group on AI and Machine Learning in Cataloging and Metadata 2025). The same requirements should apply to metadata that guides agents toward executable services. A capability description that influences tool selection deserves governance comparable to metadata that influences resource discovery.

Govern Skills as Versioned Procedural Assets

The skill findings suggest a practical opportunity for libraries to encode institutional know-how in agent-consumable form. Candidate areas include repository deposit, metadata remediation, authority reconciliation, digitization quality checks, rights review, research-data consultation, preservation assessment, and reference triage. A governed skill could expose the sequence, evidence requirements, escalation points, and expected outputs of these practices while keeping professional judgment visible.

Libraries should not install community skills directly into production environments. Each institutional skill should have an accountable owner, purpose and scope statement, prerequisites, minimum permissions, approved dependencies, referenced policy, example inputs and outputs, error and abstention conditions, human handoff points, review date, version history, and cryptographic hash. Instructions and external content should be treated as separate trust domains, and executable components should undergo code and security review (Li et al. 2026; Y. Liu et al. 2026).

Skill review should also ask what cannot be made explicit. Professional workflows often depend on tacit recognition, cultural competence, and situated judgment that cannot be reduced to a checklist (Gahrn-Andersen 2026). Skills should therefore identify cases that require a cataloger, archivist, curator, subject specialist, privacy officer, or other responsible professional. Their purpose is to make routine knowledge reusable while making exceptional cases more visible—not to conceal professional discretion behind automated procedure.

Implement Provenance and Oversight by Design

Libraries should require provenance at both service and execution levels. A minimum execution record should identify the host and client, server and version, invoked capability, skill and version or hash, timestamp, parameters or parameter digest, source identifiers, transformations, model or synthesis component, output identifier, and human approvals or overrides. Sensitive parameters and credentials should be protected through redaction or cryptographic commitments rather than copied indiscriminately into logs.

This recommendation aligns with NISO’s emerging call for a minimum provenance payload for scholarly content supplied to AI systems (National Information Standards Organization 2026). Digital libraries can extend that idea bidirectionally: provenance should travel from collection content into an agent workflow and from the workflow into any resulting record, derivative, answer, or decision. Where applicable, content-authenticity mechanisms such as C2PA can complement repository and workflow metadata. Murray and Sternfeld (2026) argue that libraries, archives, and museums must extend established authenticity and provenance practices to AI-mediated collections and workflows.

Oversight should be risk-sensitive and distributed. Low-consequence, read-only discovery may permit automated execution with visible citations. Metadata changes may require sampled review or confidence thresholds. Rights decisions, deletions, publication, external communication, or changes to preservation masters should require explicit approval. Zhu et al. (2026) distinguish AI operative agency from human evaluative agency, and Taş et al. (2026) show that oversight is most effective when placed at meaningful points throughout a workflow. Libraries should accordingly define intervention points before deployment and record when control passes between system and professional.

Adopt Through a Staged Institutional Roadmap

The roadmap in Table 8 translates the paper’s layered framework into five institutional phases. The phases are cumulative: a library should not operationalize a service before it can identify its owner, scope, permissions, evidence base, and rollback path. Progress is determined by evidence gates rather than by a fixed calendar.

Table 8: Staged roadmap for institutional adoption of interoperable AI knowledge services
Phase Priority actions Evidence gate
1. Discover Inventory use cases, affected collections, candidate servers and skills; classify consequence and data sensitivity Named service owner, bounded use case, initial risk tier
2. Curate Create local capability records; verify authority, rights, sources, permissions, versions, dependencies and provenance support Approved catalog record and allowlist decision
3. Pilot Use a sandbox and representative collections; test accuracy, bias, security, accessibility, failure handling and human review Documented evaluation against acceptance thresholds
4. Operationalize Pin versions; minimize permissions; enable provenance, monitoring, incident response, rollback, review and preservation Accountable production workflow with auditable controls
5. Cooperate Share profiles, codebooks, governed skills, evaluation results and incidents; participate in standards and communities of practice Reusable sector evidence and maintained shared guidance

The discover phase begins with institutional need, not technology availability. Candidate use cases should be tied to mission outcomes and affected communities. The curate phase creates the descriptive and governance evidence missing from public registry records. The pilot phase tests the complete workflow with representative materials, including multilingual, marginalized, sensitive, and structurally difficult cases. The Library of Congress similarly describes an experiment-before-implementation approach grounded in human-centered assessment, trust, authenticity, accuracy, security, intellectual property, and ethics (Library of Congress 2026).

The operationalize phase turns a successful experiment into a maintained service. It requires ownership, monitoring, incident response, deprecation, and preservation of evidence—not merely a deployment script. Finally, the cooperate phase recognizes that no library can evaluate a rapidly changing ecosystem alone. Shared application profiles, provenance mappings, skill templates, test corpora, risk reports, and deprecation notices can distribute the cost of responsible adoption.

Build New Competencies Around Existing Professional Strengths

The needed workforce development is not generic “AI literacy” alone. Metadata specialists need to understand capability schemas and provenance graphs. Systems librarians need to understand agent permissions, authentication, version pinning, and observability. Digital-preservation staff need to capture AI-mediated events and dependencies. Public-service librarians need to evaluate how agent selection changes relevance, explanation, and user autonomy. Administrators need procurement and governance criteria that cover dynamically invoked services and community-contributed skills.

These competencies should be developed in cross-functional teams rather than assigned to a single AI specialist. A practical review group may include metadata, systems, digital preservation, information security, accessibility, privacy, legal, public service, and domain or community representatives. The PCC report’s recommendation for ongoing communities of practice and training provides an applicable model (PCC Task Group on AI and Machine Learning in Cataloging and Metadata 2025).

Libraries should also preserve a distinction between automation performance and service quality. Precision, recall, completion rate, latency, and cost are useful measures, but they do not capture authority, representational harm, privacy, contestability, sustainability, or whether the workflow respects collection policy. Evaluation dashboards should combine technical measures with professional and community review.

Shape the Ecosystem, Not Only Consume It

The most strategic implication is that libraries, archives, and museums should participate as infrastructure shapers. The sector has a long record of developing identifiers, authority systems, metadata schemas, preservation standards, cooperative catalogs, and shared governance. Those capacities are directly relevant to the representational lag observed in MCP.

Institutions can publish well-described, read-only services for authoritative collections; create domain profiles for capability metadata; define provenance payloads; curate verified skills; contribute test cases for cultural and multilingual materials; and advocate for vendor-neutral logging, export, and deletion mechanisms. NISO’s provenance initiative and the C2PA for G+LAM call to action show that this standards work is already beginning (National Information Standards Organization 2026; Murray and Sternfeld 2026).

The objective should not be to make every collection autonomously actionable. It should be to ensure that when institutional knowledge is exposed to agents, the service preserves authority, context, rights, provenance, and meaningful human responsibility. Digital libraries can thereby move from being downstream users of agent infrastructure to stewards of an executable knowledge commons.

Limitations and Threats to Validity

The validity boundaries are also reflected in the supporting literature. Mixed-method topic-modeling studies use qualitative coding to constrain and interpret computational categories rather than treating topics as self-validating (Singer et al. 2022; Steininger et al. 2021). Task-level research on LLM agents additionally shows that operational reliability and failure modes must be tested empirically and cannot be inferred from documentation or narrow demonstrations (Mandal et al. 2025).

Construct Validity

The study analyzes public representations of MCP services rather than the totality of their runtime behavior. A Registry record indicates how a publisher has made a server discoverable; it does not establish that the server is reachable, safe, semantically adequate, or functionally complete. Likewise, a repository snapshot documents source artifacts at a recorded commit but does not reveal every dynamically generated capability, deployment configuration, remote dependency, or hosted-service behavior.

This distinction is most consequential for capability counts. The static extractors recognize common Python decorators and JavaScript or TypeScript registration patterns without executing third-party code. They can miss dynamically registered tools, generated schemas, wrappers in unsupported languages, unusual frameworks, or capabilities available only after authentication. Conversely, repeated source and compiled registrations can inflate counts if duplicate markers are ignored. The results therefore use the formulation statically detected capability and exclude marked within-repository duplicates in primary summaries. Non-detection is not interpreted as runtime absence.

The metadata-completeness measure is also narrower than semantic quality. It records whether selected fields contain usable values, not whether descriptions are accurate, discriminating, authoritative, current, or appropriate for a domain. The finding that formal completeness coexists with short descriptions and missing rights or publisher evidence illustrates this construct boundary. Future work should develop a capability-metadata quality instrument that separately measures structural completeness, semantic specificity, authority, actionability, and governance evidence.

Knowledge-object, function, institutional-domain, and provenance variables rely initially on transparent dictionaries. This improves auditability but introduces vocabulary dependence, tie-breaking effects, polysemy, and false negatives. “Archive,” for example, may denote an archival institution, a storage action, or a compressed file. Provenance terms may be present without an implemented provenance function, while an implemented audit mechanism may use vocabulary absent from the dictionary. Description-only sensitivity analysis reduces contamination from package configuration, but its low classification coverage demonstrates that the resulting classes capture explicit signals rather than latent institutional identity.

The skill construct is operationalized through case-insensitive detection of SKILL.md and Skills.md. Other repositories may encode procedural knowledge in contributor guides, runbooks, prompt libraries, workflow files, or ordinary documentation. The 452 detected skills therefore represent an explicit skill-document form, not all procedural knowledge in the sampled repositories. Parsed steps, examples, prerequisites, outputs, and dependencies measure textual structure; they do not establish that a procedure is correct, safe, current, or successfully executable.

Internal Validity

The design is observational and cross-sectional. Associations among metadata richness, capability structure, skill presence, institutional domain, or provenance cannot establish causal effects on adoption, reliability, trust, or user outcomes. The theoretical propositions specify relationships for future testing; they are not causal estimates produced by this dataset.

Collection timing creates a further threat. The Official MCP Registry was in preview and could change its schema, validation rules, contents, or availability after the July 15, 2026 snapshot (Model Context Protocol 2026). Server publishers could also update packages or remote endpoints after collection. The study mitigates this threat by archiving raw Registry responses, recording timestamps and commit SHAs, hashing evidence files, and analyzing the Registry-designated latest version at collection time. The claims should nevertheless be read as a dated ecosystem measurement.

The repository-recovery process introduces selection after sampling. The 250 attempted repositories were selected through deterministic SHA-256 ranking, but only 212 were successfully retrieved. The 38 failures were commonly associated with unavailable Registry-declared locations. Unavailability may correlate with maintenance quality, documentation, domain, or provenance, making the retrieved corpus systematically stronger than the attempted sample. Design weights preserve the original selection probability but cannot correct nonrandom retrieval failure without defensible auxiliary assumptions. Content findings are therefore reported as conditional on successful retrieval, and repository disappearance is retained as a substantive availability signal.

Shared repositories create dependence among server records. A single monorepository may implement many servers, so treating all server rows as independent observations would understate clustering and overstate organizational diversity. The analysis retains server-to-repository links, reports concentration, and avoids inferential tests that assume independent server observations. Future models should use repository- or publisher-clustered uncertainty where appropriate.

External Validity

The Official Registry is not the universe of MCP servers. It excludes unpublished services, private organizational registries, local configurations, and public servers listed only in third-party marketplaces or package registries. The census claim applies to latest-version records exposed by the Official Registry endpoint at collection time, not to all MCP deployments.

Repository analysis is narrower still. The frame contains Registry-linked GitHub repositories; projects hosted elsewhere, closed-source services, inaccessible repositories, and remote servers without retrievable source are not represented equivalently. Skills and statically extracted capabilities describe the successful clone subset. Enterprise environments may have stronger identity, logging, policy, and provenance controls than public repositories, or they may expose even less evidence because their practices are private. The observed governance gaps cannot be generalized directly to internal institutional deployments.

The vocabulary and text-processing pipeline are primarily English-oriented. Multilingual descriptions and culturally specific institutional terminology may be underclassified, and the domain dictionary reflects categories selected for this research agenda. The very small museum and archival counts are especially sensitive to terminology and should not be interpreted as precise estimates of sector participation. Multilingual validation, locally developed vocabularies, and community review are necessary before using the taxonomy for international comparison.

The findings are also specific to an early stage of protocol and skill adoption. Tool dominance, sparse provenance, and concentrated skill production may be transitional rather than stable ecosystem properties. Longitudinal replication is required to determine whether representational lag narrows as registries, aggregators, publishers, and institutional adopters develop shared practices.

Conclusion Validity

The strongest conclusions are descriptive: row counts, field presence, version distributions, detected artifact counts, and document-structure measures follow directly from normalized evidence and stated denominators. Interpretive conclusions become less certain as they move from explicit text to institutional meaning. The paper therefore preserves unclassified records rather than assigning every description to a service family and distinguishes the six-family synthesis from a complete runtime taxonomy.

Automated text analysis presents additional instability. Topic solutions can vary with preprocessing, model family, topic count, random seed, document length, and labeling judgment. Methodological reviews find little convergence on a single validation standard and recommend qualitative validation, transparency, and detailed reporting (Bernhard-Harrer et al. 2025). Coherence is consequently treated as one diagnostic rather than proof of substantive validity (Röder et al. 2015). The short Registry descriptions and repository concentration in the skill corpus further increase the risk that topics reflect templates, publishers, or software vocabulary rather than durable forms of institutional knowledge work.

Rule-based classification and topic modeling are therefore used for discovery and structured comparison, not as autonomous arbiters of category truth. Qualitative source review, negative cases, cross-document triangulation, and explicit codebook rules are necessary to substantiate category labels. Categorical agreement can assess consistency of application (Krippendorff 2004), but high agreement would not by itself show that the categories are theoretically adequate or socially inclusive.

Rare categories and sparse provenance indicators limit statistical comparisons. A percentage based on nine museum-classified descriptions or 15 records with two provenance cues is unstable and easily overinterpreted. The paper reports counts and denominators, avoids fine-grained causal modeling, and treats the provenance maturity pattern as an ecosystem diagnostic rather than a validated universal scale.

Multiple analytical choices also create researcher degrees of freedom. Duplicate handling, tokenization, dictionary terms, classification tie-breaking, topic parameters, network projection, and community-detection resolution can change results. The study mitigates this risk through versioned code, documented dictionaries, fixed seeds, raw-to-processed traceability, alternative preprocessing and duplicate sensitivity checks, and retention of discrepant cases. Confirmatory extensions should preregister primary operationalizations and distinguish them from exploratory analyses.

Interpretive and Ethical Validity

Public availability does not remove the possibility of reputational harm. A repository can be unavailable for benign reasons, and missing documentation does not demonstrate unsafe intent or poor professional practice. The study therefore analyzes aggregate patterns and representational conditions rather than ranking individual maintainers. Representative examples should be used only when necessary to explain a category and should preserve the difference between observable evidence and inferred motivation.

Security-related interpretation requires similar restraint. The pipeline did not execute servers, test live authentication, scan for vulnerabilities, or attempt exploitation. Sparse provenance and incomplete descriptions are governance concerns, not direct evidence that a server is malicious or insecure. Runtime security studies address different constructs and require controlled ethical procedures (Hou et al. 2025; Y. Liu et al. 2026).

The institutional categories also risk reproducing a narrow view of knowledge work. Libraries, archives, museums, education, healthcare, finance, science, and software engineering do not exhaust the domains represented in the ecosystem, and organizations may span several. The taxonomy should remain revisable through domain-expert and community participation, particularly where classification affects visibility or institutional investment.

Scope of Defensible Claims

Within these constraints, the study supports four bounded claims. First, the Official Registry snapshot is large, versioned, and structurally oriented toward service discovery. Second, the successfully retrieved repository evidence is dominated by statically detected tools, while resource and prompt descriptions are comparatively sparse. Third, explicit skill documents can encode substantial procedural structure but are concentrated in a small number of repositories. Fourth, provenance cues are rare in public Registry-record text even when artifact versioning is common.

The broader concepts—executable knowledge organization, representational lag, the institutionalization gap, and cross-layer provenance—are theoretical interpretations grounded in these patterns. They are intended to organize further inquiry, not to imply that every MCP server or institutional deployment exhibits the same configuration. This calibrated scope preserves the strategic contribution while keeping the empirical claims traceable to what the dataset can actually show.

Future Research

The agenda is supported by evidence that ecosystem maintenance and runtime evaluation require distinct research designs. Package research highlights maintainer succession and community ownership as longitudinal governance variables (Zimmermann 2020), while task-level agent evaluation demonstrates the value of repeated trials and explicit failure-mode analysis (Mandal et al. 2025). Future MCP research should combine those ecosystem and runtime perspectives with sustained studies in libraries and GLAM institutions (Cifuentes-Silva et al. 2025; Kim et al. 2024).

The findings and propositions in this study define a research program rather than a closed account of the MCP ecosystem. The immediate priority is to move from a cross-sectional map of declared capabilities toward longitudinal, runtime, and institutional evidence. Recent work similarly frames agent skills as lifecycle-managed objects whose value depends on evaluation, evolution, and governance rather than availability alone (Ding et al. 2026; H. Liu et al. 2026). For digital libraries, this shift is consequential: an infrastructure can be technically interoperable while remaining semantically thin, operationally fragile, or institutionally unaccountable.

Longitudinal Ecosystem Measurement

Future studies should repeat registry snapshots at regular intervals and treat additions, updates, deprecations, namespace transfers, and repository disappearance as distinct events. Cohort analysis could estimate server survival, update cadence, publisher concentration, and the persistence of library-relevant capability gaps. Such work should distinguish ecosystem stock from ecosystem flow: a large registry may be expanding while its reusable or maintained core is contracting. It should also compare the official registry with downstream catalogs, private registries, package indexes, and organizational inventories because registry visibility is only one layer of adoption.

Longitudinal designs would permit direct tests of Propositions 1 and 4. If capability maturity precedes documentation maturity, richer runtime surfaces should systematically appear before stable skills, examples, and maintenance signals. If representational lag is persistent, the proportion of servers that expose technically useful capabilities without adequate discovery metadata should remain high even as protocol adoption grows. Event-history and panel models could then identify whether governance signals, organizational sponsorship, or domain-specific metadata predict persistence and reuse.

Runtime Validation and Capability Semantics

Static manifests and repositories should be paired with sandboxed MCP sessions. A validation harness could negotiate protocol versions, enumerate tools, resources, and prompts, exercise authentication and error paths, and record latency, determinism, side effects, and recovery behavior. Comparing these observations with static classifications would quantify both false-positive capability claims and capabilities that are invisible to repository analysis. This extension is necessary because protocol conformance does not establish that a server performs a knowledge task accurately, safely, or consistently.

Digital-library benchmark tasks should therefore assess semantic performance as well as connectivity. Candidate tasks include entity reconciliation, metadata crosswalks, authority lookup, rights-status investigation, collection discovery, citation verification, and provenance reconstruction. Evaluation should report task completion, source coverage, factual error, tool-selection accuracy, correction cost, and the traceability of intermediate decisions. Controlled experiments could then test Proposition 1 by comparing baseline descriptions with richer capability metadata and measuring whether agents select more appropriate servers with fewer retries and less human correction.

Skill Quality, Portability, and Lifecycle Governance

The presence of a skill should not be treated as evidence that it improves performance. Skill evaluation needs paired trials—with and without the skill—across models, MCP servers, protocol versions, and domain tasks. Measures should include success rate, error recovery, token and latency costs, unsafe actions, provenance completeness, and professional review effort. The emerging literature already calls for benchmark categories that separate skill discovery, execution, composition, adaptation, and lifecycle evolution (Ding et al. 2026). These distinctions should be adapted to knowledge institutions, where an instruction can be operationally successful yet violate descriptive policy, rights constraints, or evidentiary norms.

Longitudinal skill studies should also record ownership, review status, dependencies, version compatibility, provenance, retirement criteria, and observed failure modes. H. Liu et al. (2026) proposes lifecycle governance spanning collection, recommendation, and evolution; digital-library research can extend this approach by examining who has authority to approve or revise a skill and how local policy is encoded. These studies would test Propositions 2 and 3: whether skill scarcity reflects an institutionalization gap and whether skills become dependable boundary objects only when they carry explicit context, accountability, and maintenance arrangements. Co-design with catalogers, archivists, reference librarians, repository managers, and research-data specialists would be essential for identifying the tacit exceptions that generic benchmarks miss.

Cross-Layer Provenance and Trust

Future prototypes should implement provenance across the complete chain from registry record and server version to invoked tool, selected skill, consulted source, generated assertion, and human intervention. A minimum application profile could map these events to established provenance concepts (Moreau et al. 2013) while retaining MCP-specific identifiers, parameters, timestamps, and responsibility statements. Artifact provenance, workflow provenance, and epistemic provenance should be evaluated separately: knowing which file was used is not the same as knowing why it supported a claim.

Controlled user studies could compare no-provenance, summary-provenance, and inspectable-provenance interfaces. Outcomes should include trust calibration, error diagnosis, reproducibility, contestability, and time to verify a result—not trust alone. This would provide a direct test of Proposition 5 and connect MCP research with current scholarly communication work on AI-use disclosure and provenance (National Information Standards Organization 2026). Research should also examine when detailed traces overwhelm users, disclose sensitive information, or create false assurance, and which provenance elements must remain machine-actionable for audit and preservation.

Human and Institutional Knowledge Work

Field research is needed in libraries, archives, museums, repositories, and research offices rather than only in laboratory environments. Comparative case studies could follow MCP-mediated workflows in cataloging, reference, digital preservation, rights review, and research-data management. The central outcomes should include changes in professional judgment, division of labor, escalation practices, documentation burden, and accountability. These studies would clarify whether agentic infrastructure augments expertise, displaces decision points, or merely relocates invisible work.

Institutional comparisons should include organizations with different staffing, technical capacity, legal mandates, and collection communities. Particular attention should be given to episodic oversight: the moments when a professional must intervene because a workflow encounters ambiguity, cultural sensitivity, or policy conflict. This agenda directly tests Proposition 6 by examining whether the value of reusable skills depends on preserving contextual judgment rather than automating it away. Participatory methods can also ensure that evaluation criteria reflect community obligations and public-service values, not only throughput and cost.

Equity, Multilingualism, and Global Knowledge Infrastructures

The ecosystem should be studied beyond English-language descriptions, public GitHub repositories, and highly resourced institutions. Multilingual capability dictionaries, locally validated task sets, and sampling from regional or private infrastructures would reveal capabilities obscured by the present design. Researchers should examine whether registry categories and ranking mechanisms systematically privilege widely used platforms, dominant languages, or well-funded publishers. Because classifications shape what becomes discoverable (Bowker and Star 1999), representational choices are themselves an infrastructure-governance question.

Work with institutions in the Global South and with Indigenous and minoritized knowledge communities should be organized as research partnership rather than data extraction. Relevant questions include who controls capability descriptions, which knowledge may be exposed to agents, how consent and community authority are represented, and whether interoperability requirements reproduce external metadata norms. Comparative research can then distinguish genuinely shared standards from defaults that conceal unequal capacity or incompatible knowledge practices.

Standards and Shared Evaluation Infrastructure

A community testbed could convert this agenda into cumulative evidence. It should include versioned MCP fixtures, digital-library task corpora, intentionally faulty servers, skill variants, provenance validators, and evaluation scripts with documented expected behavior. Public benchmark reports should separate protocol conformance, semantic task quality, operational resilience, safety, and institutional fitness. This layered approach would prevent a single performance score from obscuring the different ways an integration may succeed or fail.

Standards work should proceed iteratively with empirical testing. Candidate outputs include a digital-library capability application profile, minimum skill documentation fields, cross-layer provenance requirements, and conformance tests for registry claims. Each proposal should be evaluated for implementation burden across institutions of different sizes. The objective is not to freeze a rapidly developing ecosystem, but to create stable points of comparison through which maintainers, institutions, and researchers can detect drift and coordinate improvement.

An Integrative Research Program

Taken together, the agenda suggests three overlapping phases. The first is observational: maintain longitudinal maps of servers, skills, governance signals, and domain coverage. The second is experimental: evaluate runtime behavior, metadata interventions, skill portability, and provenance interfaces against realistic knowledge tasks. The third is institutional: study adoption, labor, policy, equity, and stewardship through sustained partnerships. Results should circulate across phases so that field failures reshape benchmarks and benchmark evidence informs standards.

This program would turn the six propositions into falsifiable, cumulative claims while preserving the strategic insight of the present study: MCP-based knowledge infrastructure must be evaluated as a coupled sociotechnical system. The decisive question is not simply whether more servers or skills become available, but whether the ecosystem becomes more discoverable, semantically adequate, maintainable, auditable, and answerable to the communities whose knowledge it mediates.

Conclusion

The Scite-supported literature strengthens the paper’s final synthesis. Digital libraries have historically joined collections and technologies to services and communities (Fox and Urs 2002); current GLAM research frames AI as an object of responsible institutional experimentation (Kim et al. 2024); and registry studies show that reusable artifacts require metadata, documentation, version, and trust evidence (Jiang et al. 2023). MCP therefore becomes strategically valuable only when technical connectivity is joined to these descriptive and stewardship commitments.

Strategic Synthesis

This study examined the emerging Model Context Protocol ecosystem as an infrastructure for digital-library and knowledge work rather than merely as a collection of software integrations. Its central finding is that ecosystem growth and institutional readiness are not equivalent. MCP establishes a common technical interface through which hosts can discover and invoke server capabilities (Model Context Protocol 2025b), while the official registry supplies standardized publication and discovery mechanisms (Model Context Protocol 2026). Yet the analysis shows that technical availability alone does not guarantee that capabilities are discoverable in domain terms, reusable as dependable skills, supported by adequate governance, or traceable across the resulting knowledge workflow.

The observed ecosystem is therefore best understood as a layered sociotechnical infrastructure. Servers expose operational capabilities; registry metadata makes some of those capabilities visible; skills organize them into reusable procedures; and institutional arrangements determine whether the procedures are legitimate, maintained, and accountable. Weakness at any layer constrains the value of the others. A functioning server with generic metadata may remain effectively invisible to a library use case. A well-described skill may still be unsafe or brittle if its dependencies and permissions are unclear. A successful output may remain unsuitable for scholarly or cultural-heritage work if its sources and transformations cannot be reconstructed.

Contributions to Digital-Library Research

The paper makes four related contributions. First, it provides an empirical map of an ecosystem that is developing faster than established domain classifications can easily capture. Second, it introduces a layered framework connecting protocol capabilities, registry representation, reusable skills, provenance, and institutional governance. Third, it advances six propositions that make the framework testable across longitudinal, experimental, and field settings. Fourth, it translates the analysis into a strategic agenda for digital-library institutions, standards bodies, maintainers, and researchers.

These contributions reposition interoperability as more than successful message exchange. For digital libraries, meaningful interoperability also requires semantic adequacy, preservation of context, explicit responsibility, and the ability to inspect how evidence moved through a workflow. The demand for provenance and attribution in AI-mediated scholarly communication reinforces this conclusion (National Information Standards Organization 2026). Likewise, research on portable agent skills emphasizes that modular capability extension creates lifecycle, security, and governance obligations alongside technical benefits (Xu and Yan 2026). Digital-library scholarship is well placed to address these obligations because it has long treated description, classification, stewardship, and access as institutional and ethical practices rather than neutral technical operations.

Strategic Priorities

Three priorities follow from the study. The first is to improve representation: capability descriptions should use controlled, domain-relevant, and machine-actionable terms that allow agents and people to distinguish superficially similar services. The second is to institutionalize reuse: skills should carry scope, assumptions, tests, provenance, permissions, ownership, and maintenance status so that procedural knowledge can travel without losing its accountability. The third is to preserve an evidentiary chain: registry records, server versions, tool calls, sources, transformations, outputs, and human interventions should be connected through interoperable provenance.

These priorities should be pursued together. Better discovery without runtime validation can amplify unreliable services; reusable skills without lifecycle governance can accumulate hidden technical and policy debt; and detailed provenance without usable interfaces can burden rather than support professional judgment. Strategic adoption should therefore proceed through bounded pilots, shared evaluation infrastructure, cross-functional governance, and explicit exit criteria. Institutions should ask not only whether an MCP integration completes a task, but whether the task can be explained, reviewed, corrected, preserved, and contested.

Closing Perspective

MCP creates a plausible connective layer for a more modular agentic knowledge environment, but its significance for digital libraries will be determined by what is built around the protocol. The opportunity is to make distributed data, tools, and procedural expertise more discoverable and reusable across systems. The corresponding risk is that thin descriptions, opaque execution, uneven maintenance, and concentrated platform visibility become embedded before knowledge institutions articulate their requirements.

Digital libraries should therefore participate as infrastructure designers, evaluators, and stewards—not simply as adopters. Their distinctive contribution is the capacity to connect technical interoperability with durable description, provenance, rights, professional judgment, and public accountability. If those commitments shape the ecosystem early, MCP and reusable skills may support knowledge services that are not only more capable, but also more intelligible, maintainable, and trustworthy. That is the strategic threshold on which the ecosystem’s value to digital libraries ultimately depends.

References

Bernhard-Harrer, Jana, Randa Ashour, Jakob-Moritz Eberl, Petro Tolochko, and Hajo Boomgaarden. 2025. “Beyond Standardization: A Comprehensive Review of Topic Modeling Validation Methods for Computational Social Science Research.” Political Science Research and Methods, 1–19. https://doi.org/10.1017/psrm.2025.10008.
Blei, David M., Andrew Y. Ng, and Michael I. Jordan. 2003. “Latent Dirichlet Allocation.” Journal of Machine Learning Research 3: 993–1022. https://www.jmlr.org/papers/v3/blei03a.html.
Blondel, Vincent D., Jean-Loup Guillaume, Renaud Lambiotte, and Etienne Lefebvre. 2008. “Fast Unfolding of Communities in Large Networks.” Journal of Statistical Mechanics: Theory and Experiment 2008 (10): P10008. https://doi.org/10.1088/1742-5468/2008/10/P10008.
Borgman, Christine L. 2015. Big Data, Little Data, No Data: Scholarship in the Networked World. MIT Press.
Bowker, Geoffrey C., and Susan Leigh Star. 1999. Sorting Things Out: Classification and Its Consequences. MIT Press.
Braun, Virginia, and Victoria Clarke. 2021. “One Size Fits All? What Counts as Quality Practice in (Reflexive) Thematic Analysis?” Qualitative Research in Psychology 18 (3): 328–52. https://doi.org/10.1080/14780887.2020.1769238.
Carrasco, R. C., Gustavo Candela, and Manuel Marco-Such. 2025. “Measuring the Diversity of Data and Metadata in Digital Libraries.” International Journal on Digital Libraries 26: 5. https://doi.org/10.1007/s00799-025-00411-1.
Cifuentes-Silva, Francisco, Hernán Astudillo, and José Emilio Labra Gayo. 2025. “Transforming Parliamentary Libraries: Enhancing Processes Delivering New Services with Artificial Intelligence.” IFLA Journal 51 (3): 814–35. https://doi.org/10.1177/03400352251315844.
Ding, Kexin, Yang Zhou, Can Jin, Feng Tong, Mu Zhou, and Dimitris N. Metaxas. 2026. “Agent Skill Evaluation and Evolution: Frameworks and Benchmarks.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2606.11435.
Ehtesham, Abul, Aditi Singh, Gaurav Kumar Gupta, and Saket Kumar. 2025. “A Survey of Agent Interoperability Protocols: Model Context Protocol (MCP), Agent Communication Protocol (ACP), Agent-to-Agent Protocol (A2A), and Agent Network Protocol (ANP).” arXiv Preprint arXiv:2505.02279, ahead of print. https://doi.org/10.48550/arXiv.2505.02279.
Fox, Edward A., and Shalini R. Urs. 2002. “Digital Libraries.” Annual Review of Information Science and Technology 36 (1): 502–89. https://doi.org/10.1002/aris.1440360113.
Gahrn-Andersen, Rasmus. 2026. “From Explicit Prompts to Tacit Engagements: Understanding in Practice with LLMs.” AI & Society 41: 4899–911. https://doi.org/10.1007/s00146-026-02904-2.
Gaire, Shiva, Srijan Gyawali, Saroj Mishra, Suman Niroula, Dilip Thakur, and Umesh Yadav. 2025. “Systematization of Knowledge: Security and Safety in the Model Context Protocol Ecosystem.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2512.08290.
Grootendorst, Maarten. 2022. BERTopic: Neural Topic Modeling with a Class-Based TF–IDF Procedure.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2203.05794.
Hjørland, Birger. 2007. “Semantics and Knowledge Organization.” Annual Review of Information Science and Technology 41 (1): 187–249. https://doi.org/10.1002/aris.2007.1440410115.
Hjørland, Birger. 2021. “Information Retrieval and Knowledge Organization: A Perspective from the Philosophy of Science.” Information 12 (3): 135. https://doi.org/10.3390/info12030135.
Hou, Xinyi, Yanjie Zhao, Shenao Wang, and Haoyu Wang. 2025. “Model Context Protocol (MCP): Landscape, Security Threats, and Future Research Directions.” arXiv Preprint arXiv:2503.23278, ahead of print. https://doi.org/10.48550/arXiv.2503.23278.
International Conference on Asian Digital Libraries. 2026. ICADL 2026: Empowering Digital Knowledge Ecosystems Through Data, AI, and Human Intelligence. https://icadl.net/icadl2026/.
Jiang, Wenxin, Nicholas Synovic, Matt Hyatt, et al. 2023. “An Empirical Study of Pre-Trained Model Reuse in the Hugging Face Deep Learning Model Registry.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2303.02552.
Jiang, Yanna, Delong Li, Haiyu Deng, et al. 2026. SoK: Agentic Skills—Beyond Tool Use in LLM Agents.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2602.20867.
Khoo, Michael, and Catherine Hall. 2010. “Merging Metadata: A Sociotechnical Study of Crosswalking and Interoperability.” Proceedings of the 10th Annual Joint Conference on Digital Libraries, 361–64. https://doi.org/10.1145/1816123.1816180.
Kim, Jeonghyun, Haihua Chen, and Le Yang. 2024. “Exploring the Application of Artificial Intelligence and Machine Learning in GLAM Collections.” Proceedings of the Association for Information Science and Technology 61 (1): 782–85. https://doi.org/10.1002/pra2.1101.
Krippendorff, Klaus. 2004. “Reliability in Content Analysis: Some Common Misconceptions and Recommendations.” Human Communication Research 30 (3): 411–33. https://doi.org/10.1111/j.1468-2958.2004.tb00738.x.
Li, Zhiyuan, Jingzheng Wu, Xiang Ling, Xing Cui, and Tianyue Luo. 2026. “Towards Secure Agent Skills: Architecture, Threat Taxonomy, and Security Analysis.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2604.02837.
Library of Congress. 2026. Artificial Intelligence at the Library of Congress. Digital Strategy. https://www.loc.gov/digital-strategy/artificial-intelligence/.
Liu, Hongyi, Haoyan Yang, Tao Jiang, Bo Tang, Feiyu Xiong, and Zhiyu Li. 2026. SkillsVote: Lifecycle Governance of Agent Skills from Collection, Recommendation to Evolution.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2605.18401.
Liu, Yi, Weizhe Wang, Ruitao Feng, et al. 2026. “Agent Skills in the Wild: An Empirical Study of Security Vulnerabilities at Scale.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2601.10338.
Mandal, Indrajeet, Jitendra Soni, Mohd Zaki, et al. 2025. “Evaluating Large Language Model Agents for Automation of Atomic Force Microscopy.” Nature Communications 16 (1). https://doi.org/10.1038/s41467-025-64105-7.
Model Context Protocol. 2025a. Lifecycle and Capability Negotiation. https://modelcontextprotocol.io/specification/2025-11-25/basic/lifecycle.
Model Context Protocol. 2025b. Server Features: Overview. https://modelcontextprotocol.io/specification/2025-11-25/server/index.
Model Context Protocol. 2025c. Server Resources. https://modelcontextprotocol.io/specification/2025-11-25/server/resources.
Model Context Protocol. 2025d. Server Tools. https://modelcontextprotocol.io/specification/2025-11-25/server/tools.
Model Context Protocol. 2025e. Tasks. https://modelcontextprotocol.io/specification/2025-11-25/basic/utilities/tasks.
Model Context Protocol. 2026. The MCP Registry. Official documentation. https://modelcontextprotocol.io/registry/about.
Moreau, Luc, Paolo Missier, et al. 2013. PROV-DM: The PROV Data Model. W3C Recommendation. World Wide Web Consortium. https://www.w3.org/TR/prov-dm/.
Murray, Kate, and Joshua Sternfeld. 2026. Content Authenticity and Provenance in the Age of Artificial Intelligence: A Call-to-Action for the LAMs Community. C2PA for G+LAM Community of Practice. https://blogs.loc.gov/thesignal/files/2026/04/Call-to-Action-CAP-for-LAMs.pdf.
National Information Standards Organization. 2026. Workshops Highlight Standards Needed for Tracking Provenance, Attribution, and Usage in the AI Ecosystem. NISO I/O. https://www.niso.org/niso-io/2026/06/workshops-highlight-standards-needed-for-AI-ecosystem.
Nickerson, Robert C., Upkar Varshney, and Jan Muntermann. 2013. “A Method for Taxonomy Development and Its Application in Information Systems.” European Journal of Information Systems 22 (3): 336–59. https://doi.org/10.1057/ejis.2012.26.
Owotogbe, Joshua, Indika Kumara, Willem-Jan van den Heuvel, Damian Andrew Tamburri, Antonio Ken Iannillo, and Roberto Natella. 2026. “A Taxonomy of Runtime Faults in Model Context Protocol Servers.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2606.05339.
PCC Task Group on AI and Machine Learning in Cataloging and Metadata. 2025. Final Report. Program for Cooperative Cataloging, Library of Congress. https://www.loc.gov/aba/pcc/taskgroup/AI-and-Machine-Learning-TG-final-report.pdf.
Pecher, Philipp, Felix Kegel, and Lutz M. Kolbe. 2026. “Effects of Hallucination Risk and Algorithm Aversion on Organizational Knowledge Seeking with Generative AI.” Information Systems Frontiers, ahead of print. https://doi.org/10.1007/s10796-026-10790-8.
Röder, Michael, Andreas Both, and Alexander Hinneburg. 2015. “Exploring the Space of Topic Coherence Measures.” Proceedings of the Eighth ACM International Conference on Web Search and Data Mining, 399–408. https://doi.org/10.1145/2684822.2685324.
Rodrigues, Carson, and Oysturn Vas. 2026. MCP Server Architecture Patterns for LLM-Integrated Applications.” arXiv Preprint arXiv:2606.30317, ahead of print. https://doi.org/10.48550/arXiv.2606.30317.
Salauddin, N. 2026. “Evaluating the Role of Metadata Standards in Enhancing Data Discoverability and Interoperability in Academic Digital Repositories.” Digital Library Perspectives 42 (2): 367–95. https://doi.org/10.1108/DLP-07-2025-0111.
Singer, Johannes, Vadim Kufenko, Andrea Wöhr, et al. 2022. “How Do Gambling Providers Use the Social Network Twitter in Germany? An Explorative Mixed-Methods Topic Modeling Approach.” Journal of Gambling Studies 39 (3): 1371–98. https://doi.org/10.1007/s10899-022-10158-y.
Star, Susan Leigh, and James R. Griesemer. 1989. “Institutional Ecology, ‘Translations’ and Boundary Objects: Amateurs and Professionals in Berkeley’s Museum of Vertebrate Zoology, 1907–39.” Social Studies of Science 19 (3): 387–420. https://doi.org/10.1177/030631289019003001.
Steininger, Dennis M., Manuel Trenz, and Daniel Veit. 2021. “Taxonomy Development for Business Research: A Hands-on Guideline.” In Theories in Business and Information Systems Engineering. Springer International Publishing. https://doi.org/10.1007/978-3-030-66661-3_4.
Taraghi, Mina, Mohammad Mehdi Morovati, and Foutse Khomh. 2026. “Real Faults in Model Context Protocol (MCP) Software: A Comprehensive Taxonomy.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2603.05637.
Taş, Eylem, Lucas Memmert, and Eva Bittner. 2026. “Episodic Oversight in Generative AI Workflows: A Nine-Step Protocol for Preserving Human Agency (OP-9).” Electronic Markets 36: 58. https://doi.org/10.1007/s12525-026-00915-x.
Vogt, Lars. 2025. “The CLEAR Principle: Organizing Data and Metadata into Semantically Meaningful Types of FAIR Digital Objects to Increase Their Human Explorability and Cognitive Interoperability.” Journal of Biomedical Semantics 16 (1): 18. https://doi.org/10.1186/s13326-025-00340-7.
Vogt, Lars, Tobias Kuhn, and Robert Hoehndorf. 2024. “Semantic Units: Organizing Knowledge Graphs into Semantically Meaningful Units of Representation.” Journal of Biomedical Semantics 15: 7. https://doi.org/10.1186/s13326-024-00310-5.
Wasserman, Stanley, and Katherine Faust. 1994. Social Network Analysis: Methods and Applications. Vol. 8. Structural Analysis in the Social Sciences. Cambridge University Press. https://doi.org/10.1017/CBO9780511815478.
White, Ryen W., and Chirag Shah, eds. 2025. Information Access in the Era of Generative AI. Springer. https://doi.org/10.1007/978-3-031-73147-1.
Wilkinson, Mark D., Michel Dumontier, IJsbrand Jan Aalbersberg, et al. 2016. “The FAIR Guiding Principles for Scientific Data Management and Stewardship.” Scientific Data 3: 160018. https://doi.org/10.1038/sdata.2016.18.
Xu, Renjun, and Yang Yan. 2026. “Agent Skills for Large Language Models: Architecture, Acquisition, Security, and the Path Forward.” arXiv, ahead of print. https://doi.org/10.48550/arXiv.2602.12430.
Zhu, Liming, Qinghua Lu, Ming Ding, Sung Une Lee, and Chen Wang. 2026. “Designing Meaningful Human Oversight in AI.” AI and Ethics 6: 286. https://doi.org/10.1007/s43681-026-01147-7.
Zimmermann, Théo. 2020. “A First Look at an Emerging Model of Community Organizations for the Long-Term Maintenance of Ecosystems’ Packages.” Proceedings of the 42nd International Conference on Software Engineering: Software Engineering in Society, 711–18. https://doi.org/10.1145/3387940.3392209.