AI agents are moving fast: systems that do not just answer questions but are proactive, taking action across tools and data.

The next problem is fragmentation. If every vendor invents their own way to plug an agent into tools, pass context, handle permissions, and log actions, we end up with incompatible “agent stacks” that do not work together.

The Linux Foundation has now set up a home for this problem: the Agentic AI Foundation (AAIF), intended to standardize the “agent layer” so the ecosystem can converge on shared building blocks instead of duplicating the plumbing.

What’s being put on the table

The launch involves three founding contributions (with presumably more to follow):

MCP (Model Context Protocol)
Developed by Anthropic and already the industry standard for integration, MCP provides a way for an agent to connect to tools and data sources. Think “one common interface for tool access” rather than bespoke connectors for every agent framework. MCP was already open - so making it part of the AAIF formalises this and helps ensure it remains open and community-driven.

Goose
An open-source agent framework for software engineering tasks, this has been contributed as a practical reference point. The idea is that standards are easier to adopt when there’s real working code.

AGENTS.md
A lightweight convention for coding agents: a markdown file in a repo that tells an agent how to behave there.

Both Goose and Agents.MD have a strong software engineering flavour, which is another clue about where early adoption is strongest right now.

Why standards

This is the boring part of technology that decides whether a wave becomes real. The goal here is:

• fewer one-off integrations

• easier portability across tools and vendors

• more consistent approaches to permissions and policies

• more consistent logging and audit

This is a pretty well-trodden path. Two familiar examples:

• OAuth/OpenID Connect became the standard for delegated access, enabling ecosystems of integrations without every platform inventing its own approach.

• HTTP standardised a simple, universal way for systems to communicate over the web, which is why everything from browsers to APIs can interoperate without bespoke agreements every time.

Does this make agents a commodity then?

Not really. Standards tend to commoditise the plumbing rather than the product. If a common agent layer takes off, “we support MCP” becomes table stakes, kind of like “we have an API.”

Vendors still differentiate on things like:

• Governance: permissions, policy controls, approval workflows, audit trails that stand up to scrutiny.

• Workflow depth: opinionated, domain-specific flows that match how teams actually operate.

• User interface: how you spin up new agents, how they interact with your features.

• Reliability at scale: handling rate limits, retries, failures, observability, and cost controls.

• Agent quality: planning, tool selection, error recovery, and knowing when to stop or ask for human review.

What it means for legal

If agents are going to operate inside legal teams, they need:

• matter-scoped access and ethical walls

• clear approval steps (i.e., handoff to human lawyers)

• auditable records of what was accessed and what changed

• predictable behavior across tools

Standards like MCP are still to really take off in legal. Yes, there are isolated use cases, but it hasn’t yet hit the mainstream.

Why? First, MCP is only the connector. It doesn’t magically solve the enterprise questions that legal cares about. All the usual issues still apply, like:

• Authentication: is the agent acting as a specific user, with delegated access, or as a broad service account?

• Security: what’s exposed through the MCP server, what actions are allowed, what requires approval, and what gets logged?

• Rate limits: how do you prevent an agent from hammering systems, creating throttling cascades, or failing unpredictably under load?

Also, most legal teams live in a few systems of record, like the DMS and the PMS. When those systems formally begin MCP support, I think things will change very quickly. And there are signs this is already happening - iManage announced MCP support earlier this year and will accelerate support in 2026. I’m not sure where the PMS vendors are on this yet but one imagines there will be support at some point.

The practical takeaway

The most interesting part is probably the fact this is happening at all, and the companies behind it. Founding members include Amazon Web Services, Anthropic, Block, Bloomberg, Cloudflare, Google, Microsoft and OpenAI.

It feels like the agent era might be about to enter a new phase. It is maturing from where we were 12 months ago, “wow, autonomous agents look really cool, here are a few use cases” to “OK this is actually going to happen at scale, how do we make sure the plumbing works?”

This tells us everything we need to know about where these companies think the industry is going - their bet is that agent are going to move from reactive chatbots to proactive teammates. The launch quote captures it well:

“We are seeing AI enter a new phase, as conversational systems shift to autonomous agents that can work together.”