mcp-development

This skill provides comprehensive engineering guidance for implementing Model Context Protocol (MCP) servers, enabling seamless communication between AI assistants and external data, tools, or services. It is designed for developers building agentic workflows who need to adhere to standardized protocols for tool exposure, resource management, and secure system architecture. Whether you are creating a new MCP server in TypeScript or Python, or integrating existing APIs into LLM-driven environments, this skill ensures your implementation follows best practices for efficiency, security, and interoperability.

• Full support for MCP server architecture including capability definitions for tools, resources, and prompt templates.

• Implementation patterns for stdio and HTTP/SSE transport layers to support various deployment environments.

• Best practices for tool design, including input schema validation using JSON Schema, clear description writing, and robust error handling to prevent AI hallucination or silent failures.

• Guidance on mapping external data sources to MCP resources, including URI handling and MIME-type management for structured content delivery.

• Security-first development principles such as parameter validation, path sanitization, rate limiting, and sensitive credential management to protect internal systems.

• Advanced integration patterns for LLM systems, including RAG (Retrieval-Augmented Generation) flows, embedding vector similarity searches, and custom agent tool calls.

• Use this skill when defining server capabilities, registering tool handlers, or configuring Claude Desktop MCP settings.

• Ideal for developers who need to bridge the gap between local enterprise data and cloud-based AI models.

• Inputs typically involve server initialization code, tool definitions, or API integration logic, while outputs include structured protocol responses and compliant interface implementations.

• Always perform local validation of the server's tool registry and transport connectivity before connecting to production AI agents.

• Ensure all remote data access points are audited and authenticated to prevent unauthorized access by AI-driven tools.