As the Model Context Protocol (MCP) gains widespread adoption in the AI ecosystem, a common architectural pattern has emerged: building MCP servers as thin wrappers over existing APIs. While this approach might seem pragmatic, it fundamentally misunderstands the distinct nature of MCP and the security implications of AI-driven interactions. The problem runs deeper than mere implementation convenience – it touches on the core differences between how developers consume APIs versus how AI agents operate on behalf of humans.