There is an easy way to let an AI read your documents (export them and paste them into a prompt), and a way that holds up in production. The whole difference lies in one question: when the agent answers, is it reading a disconnected copy of your files, or is it querying the source with the right permissions? The Model Context Protocol (MCP) exists to guarantee the latter. In practice, it is a standard way for an agent to "ask" the platform to search, read, insert or update, instead of receiving a pile of documents to keep elsewhere.
What MCP is and why it matters for documents
An MCP server exposes tools to the agent, that is, the operations it can perform: search, read, create or update a document. The agent does not take possession of the data; it consults and modifies it at the source, through a single controlled channel.
No copies inside the model, no exports to external drives. Documents stay in the system, with permissions and traceability intact.
The problem: AI without governed access to company data
The most common shortcut, exporting folders and pasting text, works brilliantly in a demo. In production it means untracked copies, sensitive data out of control and no record of who saw what, which is exactly what IT and compliance cannot accept. The crux, after all, is not "AI yes / AI no" but giving the AI the same governed access you would give a person. No more, no less.
How Cervio's MCP server works (permissions included)
Cervio's MCP server applies the same permissions as the rest of the platform: roles, attributes and row-level filters down to the single field. The agent operates in the context of the user who starts the session, so if that user cannot see a document, neither can the agent. And every operation ends up in the audit log.
Example: an agent that finds and processes a contract
A purchasing manager asks their assistant to summarise the renewal clauses of a supplier contract. The agent searches via MCP and receives only the records and fragments authorised by that user's profile, extracts the clauses and proposes a summary. If a draft reserved for the legal team exists, for the purchasing agent that draft simply does not exist.
Security and compliance
The system is designed to comply with the GDPR and records every access, including the agents'. No copies of documents inside third-party models, because the AI reads through a governed channel, not through an export. This is what makes it possible to connect AI to documents without opening a breach.
