If you've watched a junior pen-tester spend a Monday morning typing the same six commands into a fresh EC2 box, you've seen the recon setup tax up close. amass enum -passive -d $TARGET , subfinder -d $TARGET -silent , pipe to httpx , pipe to naabu , feed surviving hosts into nuclei , dump JSON somewhere, repeat next quarter when the scope changes. The work isn't hard. The glue is. Every team I've talked to has rebuilt this glue at least twice, usually in a different language each time. This post is about a different shape of the problem: what happens when you stop writing the glue yourself and instead expose the recon toolbox as MCP tools that an AI agent can call? Why MCP, specifically Agents have been doing "tool use" for a couple of years now via bespoke function-calling adapters. The problem with those adapters is that every agent framework wants its own JSON shape, every tool needs its own auth, and every team writes its own retry/timeout/rate-limit middleware.…