Field notes
The MCP Tasks Extension Is a Governance Blind Spot — Close It Before July 28
The July 28 MCP spec adds a Tasks extension for long-running work — and moves that work out of your gateway's view. Here's what MCP fleet operators must watch.
MCPOrbit Team
MCPOrbit
- Published
- Updated
- · Updated
- Read time
- · 4 min read

In nine days, the Model Context Protocol (MCP) specification finalizes. The headline features — a stateless core, the Extensions framework, MCP Apps, enterprise-managed authorization — have been analyzed to death. One feature has not: the Tasks extension. It is also the one most likely to blindside the teams responsible for governing MCP in production.
The Tasks extension lets an MCP server accept a request, acknowledge it in milliseconds, and keep working out of band — for seconds, minutes, or longer. It's the right primitive for agentic work: long-running retrieval, multi-step tool chains, background jobs. But it quietly breaks the model most teams use to watch MCP traffic.
What the Tasks extension actually changes
Until now, an MCP interaction fit inside a single request/response. A gateway could inspect the call, inspect the result, log both, and call it governed. Tasks severs that link. The server returns a task handle almost immediately; the real work — the tool calls, the data access, the side effects — executes afterward and reports completion through a separate channel.
Why this is a governance problem, not just a feature
Every assumption baked into 'inspect the request, inspect the response' breaks the moment work goes asynchronous. The blast radius of a long-running task is larger than the request that spawned it, and it's invisible to tooling that only watches the synchronous edge.
Three questions every fleet operator must answer before July 28
- Which of your servers will expose the Tasks extension, and can you tell from the outside?
- Can you correlate a long-running task back to the request — and the identity — that spawned it?
- Who is watching the task while it runs, not just the response it returned?
You can't secure the MCP work you can't see. Tasks just moved a lot of that work out of view.
How MCPOrbit closes the gap
MCPOrbit gives you continuous visibility and verification across your MCP fleet — including the work that doesn't fit in a single request. It surfaces which servers advertise Tasks, ties long-running work back to its originating call and identity, and monitors tasks across their full lifecycle instead of stopping at the synchronous response. When the spec locks on July 28, the async blind spot ships with it. The teams that mapped it first won't be the ones surprised by it.
Operating MCP servers in production? See what your gateway can't at mcporbit.com.
About the author
MCPOrbit Team
MCPOrbit
The MCPOrbit team builds the control plane for Model Context Protocol — one view of every server in your stack and the work it does out of band.



