본문 바로가기
  • Home

Architecture Design and Implementation of MCP-Based Modular AI Work Agent

  • Journal of Software Forensics
  • Abbr : JSF
  • 2026, 22(2), pp.115~127
  • DOI : 10.29056/jsf.2026.06.11
  • Publisher : Korea Software Assessment and Valuation Society
  • Research Area : Engineering > Computer Science
  • Received : June 1, 2026
  • Accepted : June 20, 2026
  • Published : June 30, 2026

Jea-Suk Song 1 SUNYOUNG BAE 2

1수원대학교
2배재대학교

Accredited

ABSTRACT

Recently, the Large Language Model (LLM)-based AI agent ecosystem is rapidly transitioning toward autonomous task automation systems, supported by the standardization of the Model Context Protocol (MCP). However, conventional agent framework studies have focused primarily on static single- or multi-agent pipeline designs. Consequently, they exhibit critical limitations in dynamically composing modules at runtime to meet changing business requirements, and they remain highly vulnerable to security breaches caused by excessive tool privileges. To address these limitations, this study proposes a secure and modular AI work agent architecture that adopts MCP as a standardized inter-module interface, allowing users to compose only the necessary functionalities dynamically. The proposed system is established on four software engineering design principles—Minimal Core, Declarative Module Registry, Least Privilege, and Human-in-the-Loop—each explicitly mapped to ISO/IEC 25010 software quality characteristics. The architectural validity and security compliance of the proposed system are demonstrated through comparative analysis with existing tools, mapping against prior security guidelines (OWASP, Databricks, AWS), and scenario-based walkthroughs. This study provides a practical, open-standard design foundation crucial for building secure, scalable, and compliant AI agents in modern industrial environments.

Citation status

* References for papers published after 2024 are currently being built.