The term MCP serverstarted appearing in release notes, tutorials, and VC Twitter threads sometime in early 2025. Twelve months later it's a weekly topic, and most explanations still land in one of two unhelpful places: too abstract ("universal protocol for AI integrations") or too technical ("JSON-RPC 2.0 with capability negotiation over a stdio transport"). Neither tells you what's on the other end of the connection or why you'd care. This is the version I wish I'd read first.
What an MCP server actually is
An MCP server is a small program you install locally that exposes tools to a language-model client. A tool is anything the model can call by name with structured arguments: read_file, query_database, count_tokens, send_email. When you're chatting with Claude and it says "let me check the file system," what's actually happening is that the client (Claude Desktop) is invoking a tool on a local MCP server (filesystem) and handing the result back to the model.
The server doesn't talk to the model directly. It talks to the client— the app you're using (Claude Desktop, Cursor, Zed) — which handles all the LLM communication. Your server reads JSON-RPC messages off stdin, does whatever it needs to, and writes responses back to stdout. That's the whole contract.
Why Anthropic shipped a protocol for this
Before MCP, every LLM-tool integration was bespoke. You wanted Claude to read your Notion pages? You wrote a Notion adapter into your Claude-powered app, parsed tool-call outputs, handled retries, and shipped it. Ten apps wanting Notion = ten adapters. Ten apps wanting ten different data sources = a hundred integrations, all roughly doing the same thing.
MCP flips that. Notion (or a third party) ships one MCP server. Any MCP-compatible client gets Notion integration for free. It's a shift from M×N integrations to M+N. The analogy Anthropic used in the launch materials was USB-C — one physical connector that ends the dongle war. Same basic idea at the software layer.
How to use an MCP server with Claude Desktop
The process for installing an MCP server in Claude Desktop is three commands and a config edit. Here's the short version using our token-counter server as the example.
- Install the server — anywhere on your machine:
npx briskly-mcp-llm-token-counter
This downloads and runs the server once. You don't actually need to do anything with this session — you just need the package cached so Claude Desktop can spawn it.
- Edit the Claude Desktop config — at
%APPDATA%/Claude/claude_desktop_config.jsonon Windows or~/Library/Application Support/Claude/claude_desktop_config.jsonon macOS. Create the file if it doesn't exist:{ "mcpServers": { "token-counter": { "command": "npx", "args": ["briskly-mcp-llm-token-counter"] } } } - Quit Claude Desktop fully and relaunch. Not the window — the whole app, including the menu-bar process on macOS or the tray icon on Windows. On restart, the server's tools show up under the plug icon in the chat input. You can ask something like "how many tokens is this paragraph in GPT-4o?" and the model will invoke
count_tokensunder the hood.
That's it. Cursor and Zed have similar config files in their own settings UI. Most MCP servers you'll install follow the same pattern: one config block per server, launch command plus args, restart the client.
What you can do with one
Some real examples of MCP servers in use today, roughly sorted by how often they're installed:
- Filesystem — scoped read/write to a directory. The model can open, search, and edit files inside the scope. Most common entry point for people trying MCP for the first time.
- GitHub — list repos, read issues, open pull requests. Good replacement for pasting URLs into chat.
- Database (Postgres, SQLite, MySQL) — schema introspection plus read-only queries. Turns the model into a competent SQL-writing assistant on your real tables.
- Slack / Notion / Linear — read context from wherever your work actually lives, so you don't have to paste 30 messages into the prompt.
- Domain-specific utilities — token counters, cost estimators, image resizers, formatters, linters. These are the long tail. Useful if they match your workflow, invisible otherwise.
Building your own in an afternoon
The official TypeScript SDK is @modelcontextprotocol/sdk. Install it, import the Server class, register a ListToolsRequestSchema handler that returns your tool definitions, register a CallToolRequestSchema handler that runs them, and wire the server to a StdioServerTransport. That's the whole architecture. A working server is about 50 lines of TypeScript including the type boilerplate.
The actual work is in the tools — the functions your server exposes. A token counter wraps gpt-tokenizer. A Postgres server wraps the pg client. A GitHub server wraps Octokit. The MCP layer isn't doing anything clever; it's just the introduction system between the model and the code you already know how to write.
Ship by publishing to npm with npm publish --access public and pointing your bin field in package.json at your compiled entry point. Users install it via npx and wire it into their Claude config in two minutes. For discovery, submit to the smithery.ai registry (the de facto MCP directory right now).
MCP server vs. other integration patterns
Quick distinctions that come up when people first hit MCP:
- vs. plain API: A REST API is something your code calls. An MCP server is something the model calls on your behalf through the client. MCP removes the custom tool-calling loop.
- vs. ChatGPT plugins: Plugins were OpenAI-specific, hosted on remote web services, and invoked via an OpenAPI manifest. MCP is vendor-neutral, typically local, and uses its own schema. Plugins were deprecated; MCP has absorbed the use cases.
- vs. function calling: Function calling is a model capability — you give the model a tool schema in the prompt, it emits a structured tool call, you parse and execute. MCP is a delivery mechanism for those tools: the schemas come from the server, the client does the parsing, you just expose the capability.
- vs. agents: An agent is a pattern where a model loops over tool calls autonomously. MCP is what the agent calls into. Claude's Managed Agents product, for instance, can consume MCP servers as one of its tool sources.
Limitations and gotchas
- Trust is on you. An MCP server runs with your user permissions. The model decides when to invoke it. A server with a shell-execute tool, invoked from a malicious prompt hidden in a document the model read, can do real damage. Stick to official or widely-reviewed sources and prefer narrow-scope tools.
- Stdio servers are per-client-session. Each client spawns its own subprocess. Expensive startup (huge model loads, database warmups) happens every launch. For hot-path cases, either use HTTP transport or cache on first call.
- Discovery is rough. There's no single registry everyone uses. Smithery is the most-complete; GitHub topic tags are patchy; the official list at modelcontextprotocol.io is curated but shorter. Expect to spend real time finding the server you actually need.
- Schema-on-read problems still exist. The model sees your tool descriptions, not your implementation. Vague descriptions get vague tool calls. If your server has a
querytool described as "runs SQL," expect mediocre results. Tool descriptions are prompt engineering for your future self.
FAQ
What is an MCP server?
An MCP server is a small program that exposes tools, data, or prompts to a large-language-model client over a shared protocol called the Model Context Protocol. When you connect an MCP server to a client like Claude Desktop or Cursor, the model can call the server's tools (for example: read a file, query a database, count tokens) as part of answering you. The server decides what's exposed and how; the model decides when to call it.
What is the Model Context Protocol?
Model Context Protocol (MCP) is an open specification published by Anthropic in late 2024 for how LLM applications talk to external tools and data sources. It standardizes the request/response shape, the transport (stdio or HTTP with Server-Sent Events), and the capability handshake, so any MCP-compatible client can use any MCP-compatible server without custom glue code. Think of it as USB-C for LLM integrations.
How do I use an MCP server?
Three steps. First, pick a client that speaks MCP — Claude Desktop, Cursor, Zed, and a growing list of others all do. Second, install the server (usually via npm, pip, or a native binary). Third, add an entry to the client's config file pointing at the server's command, and restart the client. After restart, the server's tools show up inside the chat interface. No browser OAuth, no API key exchange with the model provider — the server runs locally and the client calls it on your machine.
Where does the MCP server actually run?
For stdio-transport servers (the most common type), the server runs as a subprocess of the client on your own machine. Claude Desktop literally spawns `node /path/to/server.js` when you start it. The model sends JSON-RPC messages to the subprocess's stdin and reads tool results from its stdout. Nothing is sent to a remote host unless the server itself decides to. HTTP-transport servers can run remotely, but most personal-use servers are stdio and local.
How do I install an MCP server in Claude Desktop?
Open (or create) the file `~/Library/Application Support/Claude/claude_desktop_config.json` on macOS, or `%APPDATA%/Claude/claude_desktop_config.json` on Windows. Add an `mcpServers` key with entries for each server you want, specifying the command to launch and any args. Save the file, quit Claude Desktop fully, and relaunch. If the server starts cleanly, its tools appear under the plug icon in the chat input.
How do I build my own MCP server?
The fastest path is the official TypeScript SDK (`@modelcontextprotocol/sdk`) or the Python SDK (`mcp`). Both give you a Server class you configure with a handful of handlers — `list_tools`, `call_tool`, optionally `list_resources` and `list_prompts` — and a transport layer you wire to stdin/stdout. A minimal server is about 50 lines. The tools you expose are arbitrary: anything you can call from Node or Python can become a tool. You publish the server to npm or PyPI and users install it like any other package.
What's the difference between an MCP server and a regular API?
An API is something your code calls. An MCP server is something the model calls through a client that your code doesn't have to write. With an API, you build the tool-calling loop — parsing model output, invoking functions, feeding results back. With MCP, the client does all of that; you just expose the capability once and every MCP-compatible client uses it. It's a developer-experience layer on top of tool-calling, not a replacement for HTTP APIs.
What MCP servers should I install first?
Filesystem (read/write scoped directories), GitHub (query repos and issues), and one domain-specific server for what you actually do. If you work with LLMs all day, a token counter is useful. If you write SQL, a Postgres or SQLite server. If you navigate a big design system, a Figma server. The best-mcp-servers list at modelcontextprotocol.io is curated and a decent starting point, but most of the real value comes from one or two well-chosen servers, not a drawer full.
Is MCP a security risk?
It's at least worth thinking about. An MCP server runs with your user permissions and the model decides when to invoke it. A poorly-written server that exposes a shell-execution tool can be coaxed into running commands by a malicious prompt (injected via a document, a web page, another tool's output). The mitigations: install only MCP servers you trust (official sources, not random GitHub forks), prefer narrow-scope servers (a filesystem server scoped to one directory, not `/`), and audit what tools each server actually exposes before you trust it.
Related
- · LLM token counter — the web version of the token-counter MCP server referenced above. Works in the browser, no install.
- · briskly-mcp-llm-token-counter on npm — the MCP package. Install with
npx briskly-mcp-llm-token-counter. - · Claude Design: first look — the other Anthropic capability we've been using.
- · Briskly home — six free tools, built by a solo developer who uses MCP daily.