hive-skills 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (238) hide show
  1. package/LICENSE +28 -0
  2. package/README.md +235 -0
  3. package/assets/LICENSE +32 -0
  4. package/assets/THIRD_PARTY_NOTICES.md +72 -0
  5. package/assets/manifest.json +1290 -0
  6. package/assets/skills/authored/code-review/composable/BUNDLE.md +192 -0
  7. package/assets/skills/authored/code-review/composable/INDEX.md +13 -0
  8. package/assets/skills/authored/code-review/composable/VERSION +1 -0
  9. package/assets/skills/authored/code-review/composable/mini/01-review-method.md +34 -0
  10. package/assets/skills/authored/code-review/composable/mini/02-security-review.md +20 -0
  11. package/assets/skills/authored/code-review/composable/mini/03-correctness-bugs.md +19 -0
  12. package/assets/skills/authored/code-review/composable/mini/04-concurrency.md +16 -0
  13. package/assets/skills/authored/code-review/composable/mini/05-error-handling.md +12 -0
  14. package/assets/skills/authored/code-review/composable/mini/06-performance.md +11 -0
  15. package/assets/skills/authored/code-review/composable/mini/07-api-design.md +20 -0
  16. package/assets/skills/authored/code-review/composable/mini/08-missing-tests.md +25 -0
  17. package/assets/skills/authored/code-review/composable/mini/09-refactoring-and-communication.md +32 -0
  18. package/assets/skills/authored/data-analysis/composable/BUNDLE.md +186 -0
  19. package/assets/skills/authored/data-analysis/composable/INDEX.md +13 -0
  20. package/assets/skills/authored/data-analysis/composable/VERSION +1 -0
  21. package/assets/skills/authored/data-analysis/composable/mini/01-data-quality-profiling.md +26 -0
  22. package/assets/skills/authored/data-analysis/composable/mini/02-aggregation-pitfalls.md +21 -0
  23. package/assets/skills/authored/data-analysis/composable/mini/03-time-series.md +19 -0
  24. package/assets/skills/authored/data-analysis/composable/mini/04-segmentation.md +23 -0
  25. package/assets/skills/authored/data-analysis/composable/mini/05-discount-pricing.md +17 -0
  26. package/assets/skills/authored/data-analysis/composable/mini/06-insight-generation.md +25 -0
  27. package/assets/skills/authored/data-analysis/composable/mini/07-executive-writing.md +26 -0
  28. package/assets/skills/authored/data-analysis/composable/mini/08-recommendations.md +20 -0
  29. package/assets/skills/authored/data-analysis/composable/mini/09-reproducibility-assumptions.md +20 -0
  30. package/assets/skills/authored/financial-analysis/composable/BUNDLE.md +1293 -0
  31. package/assets/skills/authored/financial-analysis/composable/INDEX.md +17 -0
  32. package/assets/skills/authored/financial-analysis/composable/VERSION +1 -0
  33. package/assets/skills/authored/financial-analysis/composable/mini/00-core.md +69 -0
  34. package/assets/skills/authored/financial-analysis/composable/mini/01-profitability-efficiency-ratios.md +173 -0
  35. package/assets/skills/authored/financial-analysis/composable/mini/02-liquidity-leverage-ratios.md +120 -0
  36. package/assets/skills/authored/financial-analysis/composable/mini/03-valuation-ratios-interpretation.md +107 -0
  37. package/assets/skills/authored/financial-analysis/composable/mini/04-dcf-projection-wacc.md +122 -0
  38. package/assets/skills/authored/financial-analysis/composable/mini/05-dcf-terminal-value-sensitivity.md +75 -0
  39. package/assets/skills/authored/financial-analysis/composable/mini/06-comparables-precedents.md +78 -0
  40. package/assets/skills/authored/financial-analysis/composable/mini/07-budget-variance-analysis.md +47 -0
  41. package/assets/skills/authored/financial-analysis/composable/mini/08-driver-based-forecasting-scenarios.md +111 -0
  42. package/assets/skills/authored/financial-analysis/composable/mini/09-rolling-forecasts-accuracy.md +114 -0
  43. package/assets/skills/authored/financial-analysis/composable/mini/10-reporting-exec-summary.md +58 -0
  44. package/assets/skills/authored/financial-analysis/composable/mini/11-industry-adaptations.md +130 -0
  45. package/assets/skills/authored/financial-analysis/composable/mini/12-toolkit-scripts-io.md +102 -0
  46. package/assets/skills/authored/python-api/composable/BUNDLE.md +389 -0
  47. package/assets/skills/authored/python-api/composable/INDEX.md +13 -0
  48. package/assets/skills/authored/python-api/composable/VERSION +1 -0
  49. package/assets/skills/authored/python-api/composable/mini/01-project-structure.md +44 -0
  50. package/assets/skills/authored/python-api/composable/mini/02-routing-and-app.md +38 -0
  51. package/assets/skills/authored/python-api/composable/mini/03-pydantic-models.md +45 -0
  52. package/assets/skills/authored/python-api/composable/mini/04-validation-and-errors.md +59 -0
  53. package/assets/skills/authored/python-api/composable/mini/05-dependencies-and-auth.md +60 -0
  54. package/assets/skills/authored/python-api/composable/mini/06-pagination-filtering.md +44 -0
  55. package/assets/skills/authored/python-api/composable/mini/07-async-performance.md +30 -0
  56. package/assets/skills/authored/python-api/composable/mini/08-testing.md +45 -0
  57. package/assets/skills/authored/python-api/composable/mini/09-middleware-observability.md +29 -0
  58. package/assets/skills/authored/tech-writing/composable/BUNDLE.md +220 -0
  59. package/assets/skills/authored/tech-writing/composable/INDEX.md +12 -0
  60. package/assets/skills/authored/tech-writing/composable/VERSION +1 -0
  61. package/assets/skills/authored/tech-writing/composable/mini/01-audience-analysis.md +26 -0
  62. package/assets/skills/authored/tech-writing/composable/mini/02-document-types.md +27 -0
  63. package/assets/skills/authored/tech-writing/composable/mini/03-readme-quickstart-changelog.md +22 -0
  64. package/assets/skills/authored/tech-writing/composable/mini/04-information-architecture.md +21 -0
  65. package/assets/skills/authored/tech-writing/composable/mini/05-style-clarity.md +29 -0
  66. package/assets/skills/authored/tech-writing/composable/mini/06-breaking-changes-migrations.md +33 -0
  67. package/assets/skills/authored/tech-writing/composable/mini/07-troubleshooting-security.md +30 -0
  68. package/assets/skills/authored/tech-writing/composable/mini/08-faq-voice-tone.md +32 -0
  69. package/assets/skills/converted/claude-api/composable/BUNDLE.md +14996 -0
  70. package/assets/skills/converted/claude-api/composable/INDEX.md +98 -0
  71. package/assets/skills/converted/claude-api/composable/VERSION +1 -0
  72. package/assets/skills/converted/claude-api/composable/mini/00-core.md +235 -0
  73. package/assets/skills/converted/claude-api/composable/mini/01-model-api-quick-reference.md +258 -0
  74. package/assets/skills/converted/claude-api/composable/mini/02-common-pitfalls.md +42 -0
  75. package/assets/skills/converted/claude-api/composable/mini/10-models.md +135 -0
  76. package/assets/skills/converted/claude-api/composable/mini/11-platform-availability.md +96 -0
  77. package/assets/skills/converted/claude-api/composable/mini/12-claude-platform-on-aws.md +59 -0
  78. package/assets/skills/converted/claude-api/composable/mini/13-live-sources.md +143 -0
  79. package/assets/skills/converted/claude-api/composable/mini/14-error-codes.md +256 -0
  80. package/assets/skills/converted/claude-api/composable/mini/15-prompt-caching.md +223 -0
  81. package/assets/skills/converted/claude-api/composable/mini/16-token-counting.md +56 -0
  82. package/assets/skills/converted/claude-api/composable/mini/17-tool-use-concepts.md +444 -0
  83. package/assets/skills/converted/claude-api/composable/mini/18-agent-design.md +101 -0
  84. package/assets/skills/converted/claude-api/composable/mini/19-anthropic-cli.md +246 -0
  85. package/assets/skills/converted/claude-api/composable/mini/20-model-migration.md +1301 -0
  86. package/assets/skills/converted/claude-api/composable/mini/30-managed-agents-overview.md +71 -0
  87. package/assets/skills/converted/claude-api/composable/mini/31-managed-agents-core.md +278 -0
  88. package/assets/skills/converted/claude-api/composable/mini/32-managed-agents-environments.md +219 -0
  89. package/assets/skills/converted/claude-api/composable/mini/33-managed-agents-tools.md +366 -0
  90. package/assets/skills/converted/claude-api/composable/mini/34-managed-agents-events.md +252 -0
  91. package/assets/skills/converted/claude-api/composable/mini/35-managed-agents-outcomes.md +106 -0
  92. package/assets/skills/converted/claude-api/composable/mini/36-managed-agents-multiagent.md +101 -0
  93. package/assets/skills/converted/claude-api/composable/mini/37-managed-agents-webhooks.md +123 -0
  94. package/assets/skills/converted/claude-api/composable/mini/38-managed-agents-memory.md +197 -0
  95. package/assets/skills/converted/claude-api/composable/mini/39-managed-agents-scheduled-deployments.md +146 -0
  96. package/assets/skills/converted/claude-api/composable/mini/40-managed-agents-client-patterns.md +211 -0
  97. package/assets/skills/converted/claude-api/composable/mini/41-managed-agents-onboarding.md +82 -0
  98. package/assets/skills/converted/claude-api/composable/mini/42-managed-agents-api-reference.md +441 -0
  99. package/assets/skills/converted/claude-api/composable/mini/43-managed-agents-self-hosted-sandboxes.md +174 -0
  100. package/assets/skills/converted/claude-api/composable/mini/50-python-readme.md +564 -0
  101. package/assets/skills/converted/claude-api/composable/mini/51-python-tool-use.md +590 -0
  102. package/assets/skills/converted/claude-api/composable/mini/52-python-streaming-batches-files.md +549 -0
  103. package/assets/skills/converted/claude-api/composable/mini/53-python-managed-agents.md +335 -0
  104. package/assets/skills/converted/claude-api/composable/mini/55-typescript-readme.md +404 -0
  105. package/assets/skills/converted/claude-api/composable/mini/56-typescript-tool-use.md +548 -0
  106. package/assets/skills/converted/claude-api/composable/mini/57-typescript-streaming-batches-files.md +384 -0
  107. package/assets/skills/converted/claude-api/composable/mini/58-typescript-managed-agents.md +358 -0
  108. package/assets/skills/converted/claude-api/composable/mini/60-csharp-readme.md +361 -0
  109. package/assets/skills/converted/claude-api/composable/mini/61-csharp-tool-use.md +163 -0
  110. package/assets/skills/converted/claude-api/composable/mini/62-csharp-streaming-batches-files.md +64 -0
  111. package/assets/skills/converted/claude-api/composable/mini/65-go-readme.md +185 -0
  112. package/assets/skills/converted/claude-api/composable/mini/66-go-tool-use.md +219 -0
  113. package/assets/skills/converted/claude-api/composable/mini/67-go-streaming-files.md +63 -0
  114. package/assets/skills/converted/claude-api/composable/mini/68-go-managed-agents.md +564 -0
  115. package/assets/skills/converted/claude-api/composable/mini/70-java-readme.md +237 -0
  116. package/assets/skills/converted/claude-api/composable/mini/71-java-tool-use.md +227 -0
  117. package/assets/skills/converted/claude-api/composable/mini/72-java-streaming-files.md +49 -0
  118. package/assets/skills/converted/claude-api/composable/mini/73-java-managed-agents.md +443 -0
  119. package/assets/skills/converted/claude-api/composable/mini/75-php-readme.md +173 -0
  120. package/assets/skills/converted/claude-api/composable/mini/76-php-tool-use.md +252 -0
  121. package/assets/skills/converted/claude-api/composable/mini/77-php-streaming-batches-files.md +53 -0
  122. package/assets/skills/converted/claude-api/composable/mini/78-php-managed-agents.md +443 -0
  123. package/assets/skills/converted/claude-api/composable/mini/80-ruby-readme.md +133 -0
  124. package/assets/skills/converted/claude-api/composable/mini/81-ruby-tool-use-streaming.md +56 -0
  125. package/assets/skills/converted/claude-api/composable/mini/82-ruby-managed-agents.md +394 -0
  126. package/assets/skills/converted/claude-api/composable/mini/85-curl-examples.md +255 -0
  127. package/assets/skills/converted/claude-api/composable/mini/86-curl-managed-agents.md +340 -0
  128. package/assets/skills/converted/claude-api/composable/presets/csharp.md +1151 -0
  129. package/assets/skills/converted/claude-api/composable/presets/curl.md +1154 -0
  130. package/assets/skills/converted/claude-api/composable/presets/go.md +1598 -0
  131. package/assets/skills/converted/claude-api/composable/presets/java.md +1523 -0
  132. package/assets/skills/converted/claude-api/composable/presets/php.md +1488 -0
  133. package/assets/skills/converted/claude-api/composable/presets/python.md +2605 -0
  134. package/assets/skills/converted/claude-api/composable/presets/ruby.md +1146 -0
  135. package/assets/skills/converted/claude-api/composable/presets/shared.md +6478 -0
  136. package/assets/skills/converted/claude-api/composable/presets/typescript.md +2261 -0
  137. package/assets/skills/converted/docx/composable/BUNDLE.md +617 -0
  138. package/assets/skills/converted/docx/composable/INDEX.md +12 -0
  139. package/assets/skills/converted/docx/composable/VERSION +1 -0
  140. package/assets/skills/converted/docx/composable/mini/00-core.md +26 -0
  141. package/assets/skills/converted/docx/composable/mini/01-reading-converting.md +36 -0
  142. package/assets/skills/converted/docx/composable/mini/02-creating-setup-layout.md +85 -0
  143. package/assets/skills/converted/docx/composable/mini/03-creating-elements.md +257 -0
  144. package/assets/skills/converted/docx/composable/mini/04-editing-existing.md +57 -0
  145. package/assets/skills/converted/docx/composable/mini/05-xml-reference.md +128 -0
  146. package/assets/skills/converted/internal-comms/composable/BUNDLE.md +220 -0
  147. package/assets/skills/converted/internal-comms/composable/INDEX.md +11 -0
  148. package/assets/skills/converted/internal-comms/composable/VERSION +1 -0
  149. package/assets/skills/converted/internal-comms/composable/mini/00-core.md +30 -0
  150. package/assets/skills/converted/internal-comms/composable/mini/01-3p-updates.md +49 -0
  151. package/assets/skills/converted/internal-comms/composable/mini/02-company-newsletter.md +67 -0
  152. package/assets/skills/converted/internal-comms/composable/mini/03-faq-answers.md +32 -0
  153. package/assets/skills/converted/internal-comms/composable/mini/04-general-comms.md +18 -0
  154. package/assets/skills/converted/mcp-builder/composable/BUNDLE.md +2460 -0
  155. package/assets/skills/converted/mcp-builder/composable/INDEX.md +23 -0
  156. package/assets/skills/converted/mcp-builder/composable/VERSION +1 -0
  157. package/assets/skills/converted/mcp-builder/composable/mini/00-core.md +43 -0
  158. package/assets/skills/converted/mcp-builder/composable/mini/01-workflow-research-planning.md +54 -0
  159. package/assets/skills/converted/mcp-builder/composable/mini/02-implementation-process.md +78 -0
  160. package/assets/skills/converted/mcp-builder/composable/mini/03-naming-conventions.md +33 -0
  161. package/assets/skills/converted/mcp-builder/composable/mini/04-response-formats.md +21 -0
  162. package/assets/skills/converted/mcp-builder/composable/mini/05-pagination.md +24 -0
  163. package/assets/skills/converted/mcp-builder/composable/mini/06-transport.md +47 -0
  164. package/assets/skills/converted/mcp-builder/composable/mini/07-annotations.md +20 -0
  165. package/assets/skills/converted/mcp-builder/composable/mini/08-security.md +35 -0
  166. package/assets/skills/converted/mcp-builder/composable/mini/09-error-handling.md +32 -0
  167. package/assets/skills/converted/mcp-builder/composable/mini/10-testing-and-documentation.md +21 -0
  168. package/assets/skills/converted/mcp-builder/composable/mini/11-python-implementation.md +432 -0
  169. package/assets/skills/converted/mcp-builder/composable/mini/12-python-advanced-and-checklist.md +233 -0
  170. package/assets/skills/converted/mcp-builder/composable/mini/13-node-implementation.md +717 -0
  171. package/assets/skills/converted/mcp-builder/composable/mini/14-node-advanced-and-checklist.md +200 -0
  172. package/assets/skills/converted/mcp-builder/composable/mini/15-evaluation-design.md +200 -0
  173. package/assets/skills/converted/mcp-builder/composable/mini/16-evaluation-running.md +198 -0
  174. package/assets/skills/converted/mcp-builder/composable/presets/node-server.md +1381 -0
  175. package/assets/skills/converted/mcp-builder/composable/presets/python-server.md +1129 -0
  176. package/assets/skills/converted/pdf/composable/BUNDLE.md +1284 -0
  177. package/assets/skills/converted/pdf/composable/INDEX.md +14 -0
  178. package/assets/skills/converted/pdf/composable/VERSION +1 -0
  179. package/assets/skills/converted/pdf/composable/mini/00-core.md +46 -0
  180. package/assets/skills/converted/pdf/composable/mini/01-creation.md +176 -0
  181. package/assets/skills/converted/pdf/composable/mini/02-extraction.md +178 -0
  182. package/assets/skills/converted/pdf/composable/mini/03-merge-split-manipulate.md +240 -0
  183. package/assets/skills/converted/pdf/composable/mini/04-images-ocr.md +168 -0
  184. package/assets/skills/converted/pdf/composable/mini/05-encryption.md +51 -0
  185. package/assets/skills/converted/pdf/composable/mini/06-forms.md +300 -0
  186. package/assets/skills/converted/pdf/composable/mini/07-libraries-reference.md +89 -0
  187. package/assets/skills/converted/pptx/composable/BUNDLE.md +911 -0
  188. package/assets/skills/converted/pptx/composable/INDEX.md +12 -0
  189. package/assets/skills/converted/pptx/composable/VERSION +1 -0
  190. package/assets/skills/converted/pptx/composable/mini/00-core.md +37 -0
  191. package/assets/skills/converted/pptx/composable/mini/01-reading.md +37 -0
  192. package/assets/skills/converted/pptx/composable/mini/02-creating-from-scratch.md +422 -0
  193. package/assets/skills/converted/pptx/composable/mini/03-editing-templates.md +207 -0
  194. package/assets/skills/converted/pptx/composable/mini/04-design.md +89 -0
  195. package/assets/skills/converted/pptx/composable/mini/05-qa-and-rendering.md +91 -0
  196. package/assets/skills/converted/pptx/composable/presets/creating.md +659 -0
  197. package/assets/skills/converted/pptx/composable/presets/editing.md +485 -0
  198. package/assets/skills/converted/skill-creator/composable/BUNDLE.md +1681 -0
  199. package/assets/skills/converted/skill-creator/composable/INDEX.md +21 -0
  200. package/assets/skills/converted/skill-creator/composable/VERSION +1 -0
  201. package/assets/skills/converted/skill-creator/composable/mini/00-core.md +59 -0
  202. package/assets/skills/converted/skill-creator/composable/mini/01-creating-a-skill.md +27 -0
  203. package/assets/skills/converted/skill-creator/composable/mini/02-skill-writing-guide.md +71 -0
  204. package/assets/skills/converted/skill-creator/composable/mini/03-test-cases.md +21 -0
  205. package/assets/skills/converted/skill-creator/composable/mini/04-running-and-evaluating.md +128 -0
  206. package/assets/skills/converted/skill-creator/composable/mini/05-improving-the-skill.md +30 -0
  207. package/assets/skills/converted/skill-creator/composable/mini/06-blind-comparison.md +5 -0
  208. package/assets/skills/converted/skill-creator/composable/mini/07-description-optimization.md +74 -0
  209. package/assets/skills/converted/skill-creator/composable/mini/08-packaging.md +11 -0
  210. package/assets/skills/converted/skill-creator/composable/mini/09-environment-specific.md +38 -0
  211. package/assets/skills/converted/skill-creator/composable/mini/10-scripts-and-references.md +34 -0
  212. package/assets/skills/converted/skill-creator/composable/mini/11-json-schemas.md +414 -0
  213. package/assets/skills/converted/skill-creator/composable/mini/12-agent-grader.md +225 -0
  214. package/assets/skills/converted/skill-creator/composable/mini/13-agent-comparator.md +204 -0
  215. package/assets/skills/converted/skill-creator/composable/mini/14-agent-analyzer.md +276 -0
  216. package/assets/skills/converted/skill-creator/composable/presets/authoring.md +198 -0
  217. package/assets/skills/converted/skill-creator/composable/presets/evaluating.md +1334 -0
  218. package/assets/skills/converted/skill-creator/composable/presets/optimizing.md +160 -0
  219. package/assets/skills/converted/skill-creator/composable/presets.json +5 -0
  220. package/assets/skills/meta/ccs-skill-creator/composable/BUNDLE.md +465 -0
  221. package/assets/skills/meta/ccs-skill-creator/composable/INDEX.md +8 -0
  222. package/assets/skills/meta/ccs-skill-creator/composable/VERSION +1 -0
  223. package/assets/skills/meta/ccs-skill-creator/composable/mini/00-core.md +46 -0
  224. package/assets/skills/meta/ccs-skill-creator/composable/mini/01-create-new-skill.md +167 -0
  225. package/assets/skills/meta/ccs-skill-creator/composable/mini/02-convert-existing-skill.md +120 -0
  226. package/assets/skills/meta/ccs-skill-creator/composable/mini/03-review-and-maintain.md +112 -0
  227. package/assets/skills/sources/anthropic/PROVENANCE.md +3 -0
  228. package/assets/skills/sources/anthropic/claude-api/LICENSE.txt +202 -0
  229. package/assets/skills/sources/anthropic/docx/LICENSE.txt +30 -0
  230. package/assets/skills/sources/anthropic/internal-comms/LICENSE.txt +202 -0
  231. package/assets/skills/sources/anthropic/mcp-builder/LICENSE.txt +202 -0
  232. package/assets/skills/sources/anthropic/pdf/LICENSE.txt +30 -0
  233. package/assets/skills/sources/anthropic/pptx/LICENSE.txt +30 -0
  234. package/assets/skills/sources/anthropic/skill-creator/LICENSE.txt +202 -0
  235. package/assets/skills/sources/financial-analyst/PROVENANCE.md +1 -0
  236. package/assets/tools/hive.py +728 -0
  237. package/dist/cli.js +7494 -0
  238. package/package.json +40 -0
@@ -0,0 +1,2460 @@
1
+ <!-- GENERATED by tools/hive.py compile. Do not hand-edit. -->
2
+ # mcp-builder: Compiled Skill Bundle (v1.0.0)
3
+
4
+ All composable mini-skills for `mcp-builder` concatenated in index order, frontmatter stripped. Regenerate with `tools/hive.py compile <skill-dir>`. Do not edit by hand.
5
+
6
+ ---
7
+ <!-- module: 00-core.md -->
8
+
9
+ # Core: MCP Server Quality Mindset
10
+
11
+ Always-loaded foundation for building high-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Load the focused minis (see INDEX) for the workflow, per-standard rules, language-specific code, and evaluations.
12
+
13
+ ## What "quality" means here
14
+
15
+ Create MCP servers that enable LLMs to interact with external services through well-designed tools. **The quality of an MCP server is measured by how well it enables LLMs to accomplish real-world tasks** — NOT by how well or comprehensively the server implements tools. Quality is about how the implementations (input/output schemas, docstrings/descriptions, functionality) enable an LLM, with no other context and access ONLY to the MCP server, to answer realistic and difficult questions and complete real tasks.
16
+
17
+ ## Agent-first tool design (design for the LLM that will call the tools)
18
+
19
+ - **API coverage vs. workflow tools:** Balance comprehensive API endpoint coverage with specialized workflow tools. Workflow tools can be more convenient for specific tasks; comprehensive coverage gives agents flexibility to compose operations. Performance varies by client — some clients benefit from code execution that combines basic tools, others work better with higher-level workflows. **When uncertain, prioritize comprehensive API coverage.**
20
+ - **Tool naming and discoverability:** Clear, descriptive tool names help agents find the right tools quickly. Use consistent prefixes (e.g., `github_create_issue`, `github_list_repos`) and action-oriented naming. (Full naming rules: see the naming mini.)
21
+ - **Tools should enable complete workflows, not just wrap API endpoints.** Tool names should reflect natural task subdivisions.
22
+ - **Keep tool operations focused and atomic.**
23
+
24
+ ## Token-consciousness (context is scarce)
25
+
26
+ - Agents benefit from **concise tool descriptions** and the ability to **filter/paginate** results. Design tools that return **focused, relevant data**.
27
+ - **Response formats should optimize for agent context efficiency.** Omit verbose metadata; return only what the task needs. Some clients support code execution which can help agents filter and process data efficiently.
28
+ - Prefer **human-readable identifiers** where appropriate (display names with IDs, human-readable datetimes) so the agent doesn't waste effort decoding opaque values.
29
+ - Tools that return large JSON objects or lists can overwhelm the LLM — reduce information returned, paginate, and truncate with clear messages.
30
+
31
+ ## Error-message discipline
32
+
33
+ - **Error messages must guide agents toward solutions** with specific suggestions and next steps — clear, actionable, and educational. An error should tell the agent what to do next (e.g., suggest a filter to reduce results, or the correct alternative tool).
34
+ - Descriptions must **precisely and unambiguously match actual functionality** — never over- or under-claim what a tool does.
35
+
36
+ ## Composability / DRY (applies to every implementation)
37
+
38
+ Your implementation MUST prioritize composability and code reuse:
39
+
40
+ 1. **Extract common functionality:** reusable helper functions for operations used across multiple tools; shared API clients for HTTP requests; centralized error-handling logic; business logic in dedicated composable functions; shared markdown/JSON field-selection & formatting.
41
+ 2. **Avoid duplication:** NEVER copy-paste similar code between tools. If you write similar logic twice, extract it into a function. Common operations (pagination, filtering, field selection, formatting) should be shared. Authentication/authorization logic should be centralized.
42
+
43
+ ## Strategic design checklist (cross-cutting — verify on every server)
44
+
45
+ - [ ] Tools enable complete workflows, not just API endpoint wrappers
46
+ - [ ] Tool names reflect natural task subdivisions
47
+ - [ ] Response formats optimize for agent context efficiency
48
+ - [ ] Human-readable identifiers used where appropriate
49
+ - [ ] Error messages guide agents toward correct usage
50
+
51
+ (Language-specific implementation and code-quality checklists live in the Python and Node minis.)
52
+
53
+ ---
54
+ <!-- module: 01-workflow-research-planning.md -->
55
+
56
+ # Workflow, Research & Planning (Phase 1)
57
+
58
+ Creating a high-quality MCP server involves **four main phases**: (1) Deep Research and Planning, (2) Implementation, (3) Review and Test, (4) Create Evaluations. This mini covers Phase 1 and how to navigate the reference documentation.
59
+
60
+ ## Phase 1: Deep Research and Planning
61
+
62
+ ### 1.1 Understand modern MCP design
63
+
64
+ The core design tensions (agent-first design, API coverage vs. workflow tools, naming/discoverability, context management, actionable errors) are covered in `00-core.md`. Internalize those before designing tools.
65
+
66
+ ### 1.2 Study MCP protocol documentation
67
+
68
+ Navigate the MCP specification:
69
+ - Start with the sitemap to find relevant pages: `https://modelcontextprotocol.io/sitemap.xml`
70
+ - Then fetch specific pages with a `.md` suffix for markdown format (e.g., `https://modelcontextprotocol.io/specification/draft.md`).
71
+
72
+ Key pages to review:
73
+ - Specification overview and architecture
74
+ - Transport mechanisms (streamable HTTP, stdio)
75
+ - Tool, resource, and prompt definitions
76
+
77
+ ### 1.3 Study framework documentation
78
+
79
+ **Recommended stack:**
80
+ - **Language: TypeScript** — high-quality SDK support and good compatibility in many execution environments (e.g. MCPB). AI models are good at generating TypeScript code, benefiting from its broad usage, static typing, and good linting tools.
81
+ - **Transport: Streamable HTTP** for remote servers, using **stateless JSON** (simpler to scale and maintain, as opposed to stateful sessions and streaming responses). **stdio** for local servers.
82
+
83
+ **Load framework documentation:**
84
+ - **MCP Best Practices** — core universal guidelines (see the naming, response-format, pagination, transport, security, annotations, error-handling, and testing minis).
85
+ - **For TypeScript (recommended):** Use WebFetch to load the TypeScript SDK README: `https://raw.githubusercontent.com/modelcontextprotocol/typescript-sdk/main/README.md`. Then use the Node/TypeScript implementation minis.
86
+ - **For Python:** Use WebFetch to load the Python SDK README: `https://raw.githubusercontent.com/modelcontextprotocol/python-sdk/main/README.md`. Then use the Python implementation minis.
87
+
88
+ ### 1.4 Plan your implementation
89
+
90
+ - **Understand the API:** Review the service's API documentation to identify key endpoints, authentication requirements, and data models. Use web search and WebFetch as needed.
91
+ - **Tool selection:** Prioritize comprehensive API coverage. List the endpoints to implement, starting with the most common operations.
92
+
93
+ ## Documentation library — what to load and when
94
+
95
+ **Core MCP documentation (load first):**
96
+ - MCP Protocol: start with the sitemap at `https://modelcontextprotocol.io/sitemap.xml`, then fetch specific pages with `.md` suffix.
97
+ - MCP Best Practices — universal guidelines including server/tool naming conventions, response format (JSON vs Markdown), pagination, transport selection (streamable HTTP vs stdio), security, and error handling.
98
+
99
+ **SDK documentation (load during Phase 1/2):**
100
+ - Python SDK: `https://raw.githubusercontent.com/modelcontextprotocol/python-sdk/main/README.md`
101
+ - TypeScript SDK: `https://raw.githubusercontent.com/modelcontextprotocol/typescript-sdk/main/README.md`
102
+
103
+ **Language-specific implementation guides (load during Phase 2):**
104
+ - Python (FastMCP): server initialization, Pydantic models, tool registration with `@mcp.tool`, complete working examples, quality checklist.
105
+ - TypeScript: project structure, Zod schema patterns, tool registration with `server.registerTool`, complete working examples, quality checklist.
106
+
107
+ **Evaluation guide (load during Phase 4):** question creation guidelines, answer verification strategies, XML format, example questions/answers, and running an evaluation with the provided scripts.
108
+
109
+ The remaining phases: Phase 2 (Implementation) and Phase 3 (Review and Test) — see `02-implementation-process.md`. Phase 4 (Create Evaluations) — see the evaluation minis.
110
+
111
+ ---
112
+ <!-- module: 02-implementation-process.md -->
113
+
114
+ # Implementation & Review Process (Phases 2–3)
115
+
116
+ Language-agnostic steps for building and then reviewing/testing the server. Use alongside the language-specific minis (Python or Node) for the actual code.
117
+
118
+ ## Phase 2: Implementation
119
+
120
+ ### 2.1 Set up project structure
121
+
122
+ See the language-specific minis for project setup:
123
+ - TypeScript: project structure, `package.json`, `tsconfig.json`.
124
+ - Python: module organization, dependencies.
125
+
126
+ ### 2.2 Implement core infrastructure
127
+
128
+ Create shared utilities:
129
+ - API client with authentication
130
+ - Error handling helpers
131
+ - Response formatting (JSON/Markdown)
132
+ - Pagination support
133
+
134
+ ### 2.3 Implement tools
135
+
136
+ For each tool:
137
+
138
+ **Input schema:**
139
+ - Use Zod (TypeScript) or Pydantic (Python)
140
+ - Include constraints and clear descriptions
141
+ - Add examples in field descriptions
142
+
143
+ **Output schema:**
144
+ - Define `outputSchema` where possible for structured data
145
+ - Use `structuredContent` in tool responses (TypeScript SDK feature)
146
+ - Helps clients understand and process tool outputs
147
+
148
+ **Tool description:**
149
+ - Concise summary of functionality
150
+ - Parameter descriptions
151
+ - Return type schema
152
+
153
+ **Implementation:**
154
+ - Async/await for I/O operations
155
+ - Proper error handling with actionable messages
156
+ - Support pagination where applicable
157
+ - Return both text content and structured data when using modern SDKs
158
+
159
+ **Annotations:**
160
+ - `readOnlyHint`: true/false
161
+ - `destructiveHint`: true/false
162
+ - `idempotentHint`: true/false
163
+ - `openWorldHint`: true/false
164
+
165
+ (Full annotation semantics: see the annotations mini.)
166
+
167
+ ## Phase 3: Review and Test
168
+
169
+ ### 3.1 Code quality
170
+
171
+ Review for:
172
+ - No duplicated code (DRY principle)
173
+ - Consistent error handling
174
+ - Full type coverage
175
+ - Clear tool descriptions
176
+
177
+ ### 3.2 Build and test
178
+
179
+ **TypeScript:**
180
+ - Run `npm run build` to verify compilation
181
+ - Test with MCP Inspector: `npx @modelcontextprotocol/inspector`
182
+
183
+ **Python:**
184
+ - Verify syntax: `python -m py_compile your_server.py`
185
+ - Test with MCP Inspector
186
+
187
+ See the language-specific minis for detailed testing approaches and quality checklists.
188
+
189
+ ## Phase 4: Create Evaluations
190
+
191
+ After implementing your MCP server, create comprehensive evaluations to test its effectiveness. Use evaluations to test whether LLMs can effectively use your MCP server to answer realistic, complex questions. The process (10 questions: tool inspection → content exploration → question generation → answer verification) and the harness for running them are covered in the evaluation minis.
192
+
193
+ ---
194
+ <!-- module: 03-naming-conventions.md -->
195
+
196
+ # Naming Conventions (Server & Tools)
197
+
198
+ ## Server naming
199
+
200
+ Follow these standardized naming patterns:
201
+
202
+ - **Python:** `{service}_mcp` (lowercase with underscores) — e.g., `slack_mcp`, `github_mcp`, `jira_mcp`, `stripe_mcp`.
203
+ - **Node/TypeScript:** `{service}-mcp-server` (lowercase with hyphens) — e.g., `slack-mcp-server`, `github-mcp-server`, `jira-mcp-server`, `stripe-mcp-server`.
204
+
205
+ The name should be:
206
+ - **General** — descriptive of the service being integrated, not tied to specific features.
207
+ - **Descriptive** of the service/API being integrated.
208
+ - **Easy to infer** from the task description.
209
+ - **Without version numbers** or dates.
210
+
211
+ ## Tool naming
212
+
213
+ 1. **Use snake_case:** `search_users`, `create_project`, `get_channel_info`.
214
+ 2. **Include service prefix** — anticipate that your MCP server may be used alongside other MCP servers, so include the service context to prevent overlaps:
215
+ - Use `slack_send_message` instead of just `send_message`
216
+ - Use `github_create_issue` instead of just `create_issue`
217
+ - Use `asana_list_tasks` instead of just `list_tasks`
218
+ 3. **Be action-oriented:** start with verbs (get, list, search, create, etc.).
219
+ 4. **Be specific:** avoid generic names that could conflict with other servers.
220
+
221
+ Format: `{service}_{action}_{resource}` — e.g., `slack_send_message`, `github_create_issue`.
222
+
223
+ ## Tool design
224
+
225
+ - Tool descriptions must **narrowly and unambiguously** describe functionality.
226
+ - Descriptions must **precisely match actual functionality**.
227
+ - Provide tool annotations (`readOnlyHint`, `destructiveHint`, `idempotentHint`, `openWorldHint`) — see the annotations mini.
228
+ - Keep tool operations **focused and atomic**.
229
+
230
+ ---
231
+ <!-- module: 04-response-formats.md -->
232
+
233
+ # Response Formats (JSON vs Markdown)
234
+
235
+ All tools that return data should support **multiple formats**, typically via a `response_format` parameter that defaults to markdown. JSON is for programmatic processing; Markdown is for human readability.
236
+
237
+ ## JSON format (`response_format="json"`)
238
+
239
+ - Machine-readable structured data
240
+ - Return complete, structured data suitable for programmatic processing
241
+ - Include all available fields and metadata
242
+ - Use consistent field names and types
243
+
244
+ ## Markdown format (`response_format="markdown"`, typically the default)
245
+
246
+ - Human-readable formatted text
247
+ - Use headers, lists, and formatting for clarity
248
+ - Convert timestamps to human-readable format (e.g., "2024-01-15 10:30:00 UTC" instead of epoch)
249
+ - Show display names with IDs in parentheses (e.g., "@john.doe (U123456)")
250
+ - Omit verbose metadata (e.g., show only one profile image URL, not all sizes)
251
+ - Group related information logically
252
+
253
+ (Language-specific code for implementing the `ResponseFormat` enum and formatting both branches lives in the Python and Node minis.)
254
+
255
+ ---
256
+ <!-- module: 05-pagination.md -->
257
+
258
+ # Pagination
259
+
260
+ For tools that list resources:
261
+
262
+ - **Always respect the `limit` parameter.**
263
+ - **Implement pagination:** use `offset` or cursor-based pagination.
264
+ - **Return pagination metadata:** include `has_more`, `next_offset`/`next_cursor`, and `total_count`.
265
+ - **Never load all results into memory** — especially important for large datasets.
266
+ - **Default to reasonable limits:** 20–50 items is typical.
267
+
268
+ Example pagination response:
269
+
270
+ ```json
271
+ {
272
+ "total": 150,
273
+ "count": 20,
274
+ "offset": 0,
275
+ "items": [...],
276
+ "has_more": true,
277
+ "next_offset": 20
278
+ }
279
+ ```
280
+
281
+ (Language-specific pagination code — computing `has_more` and `next_offset` from `total`, `offset`, and returned items — lives in the Python and Node minis.)
282
+
283
+ ---
284
+ <!-- module: 06-transport.md -->
285
+
286
+ # Transport Options
287
+
288
+ Two main transports: **Streamable HTTP** (remote) and **stdio** (local). **Avoid SSE — deprecated in favor of streamable HTTP.**
289
+
290
+ ## Streamable HTTP
291
+
292
+ **Best for:** remote servers, web services, multi-client scenarios.
293
+
294
+ **Characteristics:**
295
+ - Bidirectional communication over HTTP
296
+ - Supports multiple simultaneous clients
297
+ - Can be deployed as a web service
298
+ - Enables server-to-client notifications
299
+
300
+ **Use when:**
301
+ - Serving multiple clients simultaneously
302
+ - Deploying as a cloud service
303
+ - Integrating with web applications
304
+
305
+ For remote servers, prefer **stateless JSON** (simpler to scale and maintain than stateful sessions and streaming responses).
306
+
307
+ ## stdio
308
+
309
+ **Best for:** local integrations, command-line tools.
310
+
311
+ **Characteristics:**
312
+ - Standard input/output stream communication
313
+ - Simple setup, no network configuration needed
314
+ - Runs as a subprocess of the client
315
+
316
+ **Use when:**
317
+ - Building tools for local development environments
318
+ - Integrating with desktop applications
319
+ - Single-user, single-session scenarios
320
+
321
+ **Note:** stdio servers must NOT log to stdout — use stderr for logging.
322
+
323
+ ## Transport selection
324
+
325
+ | Criterion | stdio | Streamable HTTP |
326
+ |-----------|-------|-----------------|
327
+ | **Deployment** | Local | Remote |
328
+ | **Clients** | Single | Multiple |
329
+ | **Complexity** | Low | Medium |
330
+ | **Real-time** | No | Yes |
331
+
332
+ (Language-specific code for wiring up each transport lives in the Python and Node minis.)
333
+
334
+ ---
335
+ <!-- module: 07-annotations.md -->
336
+
337
+ # Tool Annotations
338
+
339
+ Provide annotations to help clients understand tool behavior. Set them on every tool.
340
+
341
+ | Annotation | Type | Default | Description |
342
+ |-----------|------|---------|-------------|
343
+ | `readOnlyHint` | boolean | false | Tool does not modify its environment |
344
+ | `destructiveHint` | boolean | true | Tool may perform destructive updates |
345
+ | `idempotentHint` | boolean | false | Repeated calls with same args have no additional effect |
346
+ | `openWorldHint` | boolean | true | Tool interacts with external entities |
347
+
348
+ **Important:** Annotations are **hints, not security guarantees**. Clients should not make security-critical decisions based solely on annotations.
349
+
350
+ Set each hint to accurately reflect the tool:
351
+ - `readOnlyHint`: true if the tool does not modify environment
352
+ - `destructiveHint`: false if the tool does not perform destructive operations
353
+ - `idempotentHint`: true if repeated calls have no additional effect
354
+ - `openWorldHint`: false if the tool does not interact with external entities
355
+
356
+ (Language-specific syntax — the `annotations={...}` dict in the `@mcp.tool` decorator for Python, and the `annotations` object in `registerTool` for Node — lives in the language minis.)
357
+
358
+ ---
359
+ <!-- module: 08-security.md -->
360
+
361
+ # Security Best Practices
362
+
363
+ ## Authentication and Authorization
364
+
365
+ **OAuth 2.1:**
366
+ - Use secure OAuth 2.1 with certificates from recognized authorities
367
+ - Validate access tokens before processing requests
368
+ - Only accept tokens specifically intended for your server
369
+
370
+ **API Keys:**
371
+ - Store API keys in environment variables, never in code
372
+ - Validate keys on server startup
373
+ - Provide clear error messages when authentication fails
374
+
375
+ ## Input Validation
376
+
377
+ - Sanitize file paths to prevent directory traversal
378
+ - Validate URLs and external identifiers
379
+ - Check parameter sizes and ranges
380
+ - Prevent command injection in system calls
381
+ - Use schema validation (Pydantic/Zod) for all inputs
382
+
383
+ ## Error Handling (security angle)
384
+
385
+ - Don't expose internal errors to clients
386
+ - Log security-relevant errors server-side
387
+ - Provide helpful but not revealing error messages
388
+ - Clean up resources after errors
389
+
390
+ ## DNS Rebinding Protection
391
+
392
+ For streamable HTTP servers running locally:
393
+ - Enable DNS rebinding protection
394
+ - Validate the `Origin` header on all incoming connections
395
+ - Bind to `127.0.0.1` rather than `0.0.0.0`
396
+
397
+ ---
398
+ <!-- module: 09-error-handling.md -->
399
+
400
+ # Error Handling Standards
401
+
402
+ General, cross-language error-handling standards. Language-specific error formatting (`_handle_api_error` in Python, `handleApiError` in Node, mapping 404/403/429/timeout to messages) lives in the language minis.
403
+
404
+ ## Principles
405
+
406
+ - Use standard **JSON-RPC error codes**.
407
+ - **Report tool errors within result objects** (not protocol-level errors).
408
+ - Provide **helpful, specific error messages with suggested next steps**.
409
+ - **Don't expose internal implementation details.**
410
+ - **Clean up resources properly on errors.**
411
+
412
+ Error messages should be clear, actionable, and educational — guiding the agent toward a solution with specific suggestions and next steps.
413
+
414
+ ## Example (TypeScript pattern)
415
+
416
+ ```typescript
417
+ try {
418
+ const result = performOperation();
419
+ return { content: [{ type: "text", text: result }] };
420
+ } catch (error) {
421
+ return {
422
+ isError: true,
423
+ content: [{
424
+ type: "text",
425
+ text: `Error: ${error.message}. Try using filter='active_only' to reduce results.`
426
+ }]
427
+ };
428
+ }
429
+ ```
430
+
431
+ Note how the message not only reports the failure but suggests a concrete next step (`filter='active_only'`) that helps the agent recover.
432
+
433
+ ---
434
+ <!-- module: 10-testing-and-documentation.md -->
435
+
436
+ # Testing & Documentation Requirements
437
+
438
+ General (language-agnostic) requirements. Language-specific build/test commands and quality checklists live in the Python and Node minis; the evaluation harness is covered in the evaluation minis.
439
+
440
+ ## Testing Requirements
441
+
442
+ Comprehensive testing should cover:
443
+
444
+ - **Functional testing:** verify correct execution with valid/invalid inputs.
445
+ - **Integration testing:** test interaction with external systems.
446
+ - **Security testing:** validate auth, input sanitization, rate limiting.
447
+ - **Performance testing:** check behavior under load, timeouts.
448
+ - **Error handling:** ensure proper error reporting and cleanup.
449
+
450
+ ## Documentation Requirements
451
+
452
+ - Provide clear documentation of all tools and capabilities.
453
+ - Include working examples (**at least 3 per major feature**).
454
+ - Document security considerations.
455
+ - Specify required permissions and access levels.
456
+ - Document rate limits and performance characteristics.
457
+
458
+ ---
459
+ <!-- module: 11-python-implementation.md -->
460
+
461
+ # Python (FastMCP) — Implementation Patterns
462
+
463
+ Python-specific best practices and code for implementing MCP servers with the MCP Python SDK (FastMCP): server setup, tool registration, input validation with Pydantic, error handling, and a complete working example. Server naming (`{service}_mcp`) and tool naming are in the naming mini; this mini is the how-in-Python.
464
+
465
+ ## MCP Python SDK and FastMCP
466
+
467
+ The official MCP Python SDK provides FastMCP, a high-level framework for building MCP servers. It provides:
468
+ - Automatic description and inputSchema generation from function signatures and docstrings
469
+ - Pydantic model integration for input validation
470
+ - Decorator-based tool registration with `@mcp.tool`
471
+
472
+ For complete SDK documentation, use WebFetch to load: `https://raw.githubusercontent.com/modelcontextprotocol/python-sdk/main/README.md`
473
+
474
+ ## Quick Reference
475
+
476
+ ### Key imports
477
+ ```python
478
+ from mcp.server.fastmcp import FastMCP
479
+ from pydantic import BaseModel, Field, field_validator, ConfigDict
480
+ from typing import Optional, List, Dict, Any
481
+ from enum import Enum
482
+ import httpx
483
+ ```
484
+
485
+ ### Server initialization
486
+ ```python
487
+ mcp = FastMCP("service_mcp")
488
+ ```
489
+
490
+ ### Tool registration pattern
491
+ ```python
492
+ @mcp.tool(name="tool_name", annotations={...})
493
+ async def tool_function(params: InputModel) -> str:
494
+ # Implementation
495
+ pass
496
+ ```
497
+
498
+ ## Tool Structure with FastMCP
499
+
500
+ Tools are defined using the `@mcp.tool` decorator with Pydantic models for input validation. Use snake_case, action-oriented tool names with a service prefix (e.g., `slack_send_message`, `github_create_issue`, `asana_list_tasks`).
501
+
502
+ ```python
503
+ from pydantic import BaseModel, Field, ConfigDict
504
+ from mcp.server.fastmcp import FastMCP
505
+
506
+ # Initialize the MCP server
507
+ mcp = FastMCP("example_mcp")
508
+
509
+ # Define Pydantic model for input validation
510
+ class ServiceToolInput(BaseModel):
511
+ '''Input model for service tool operation.'''
512
+ model_config = ConfigDict(
513
+ str_strip_whitespace=True, # Auto-strip whitespace from strings
514
+ validate_assignment=True, # Validate on assignment
515
+ extra='forbid' # Forbid extra fields
516
+ )
517
+
518
+ param1: str = Field(..., description="First parameter description (e.g., 'user123', 'project-abc')", min_length=1, max_length=100)
519
+ param2: Optional[int] = Field(default=None, description="Optional integer parameter with constraints", ge=0, le=1000)
520
+ tags: Optional[List[str]] = Field(default_factory=list, description="List of tags to apply", max_items=10)
521
+
522
+ @mcp.tool(
523
+ name="service_tool_name",
524
+ annotations={
525
+ "title": "Human-Readable Tool Title",
526
+ "readOnlyHint": True, # Tool does not modify environment
527
+ "destructiveHint": False, # Tool does not perform destructive operations
528
+ "idempotentHint": True, # Repeated calls have no additional effect
529
+ "openWorldHint": False # Tool does not interact with external entities
530
+ }
531
+ )
532
+ async def service_tool_name(params: ServiceToolInput) -> str:
533
+ '''Tool description automatically becomes the 'description' field.
534
+
535
+ This tool performs a specific operation on the service. It validates all inputs
536
+ using the ServiceToolInput Pydantic model before processing.
537
+
538
+ Args:
539
+ params (ServiceToolInput): Validated input parameters containing:
540
+ - param1 (str): First parameter description
541
+ - param2 (Optional[int]): Optional parameter with default
542
+ - tags (Optional[List[str]]): List of tags
543
+
544
+ Returns:
545
+ str: JSON-formatted response containing operation results
546
+ '''
547
+ # Implementation here
548
+ pass
549
+ ```
550
+
551
+ ## Pydantic v2 Key Features
552
+
553
+ - Use `model_config` instead of nested `Config` class
554
+ - Use `field_validator` instead of deprecated `validator`
555
+ - Use `model_dump()` instead of deprecated `dict()`
556
+ - Validators require `@classmethod` decorator
557
+ - Type hints are required for validator methods
558
+
559
+ ```python
560
+ from pydantic import BaseModel, Field, field_validator, ConfigDict
561
+
562
+ class CreateUserInput(BaseModel):
563
+ model_config = ConfigDict(
564
+ str_strip_whitespace=True,
565
+ validate_assignment=True
566
+ )
567
+
568
+ name: str = Field(..., description="User's full name", min_length=1, max_length=100)
569
+ email: str = Field(..., description="User's email address", pattern=r'^[\w\.-]+@[\w\.-]+\.\w+$')
570
+ age: int = Field(..., description="User's age", ge=0, le=150)
571
+
572
+ @field_validator('email')
573
+ @classmethod
574
+ def validate_email(cls, v: str) -> str:
575
+ if not v.strip():
576
+ raise ValueError("Email cannot be empty")
577
+ return v.lower()
578
+ ```
579
+
580
+ ## Response Format Options
581
+
582
+ Support multiple output formats for flexibility (concept in the response-formats mini):
583
+
584
+ ```python
585
+ from enum import Enum
586
+
587
+ class ResponseFormat(str, Enum):
588
+ '''Output format for tool responses.'''
589
+ MARKDOWN = "markdown"
590
+ JSON = "json"
591
+
592
+ class UserSearchInput(BaseModel):
593
+ query: str = Field(..., description="Search query")
594
+ response_format: ResponseFormat = Field(
595
+ default=ResponseFormat.MARKDOWN,
596
+ description="Output format: 'markdown' for human-readable or 'json' for machine-readable"
597
+ )
598
+ ```
599
+
600
+ **Markdown format:** use headers, lists, and formatting for clarity; convert timestamps to human-readable format (e.g., "2024-01-15 10:30:00 UTC" instead of epoch); show display names with IDs in parentheses (e.g., "@john.doe (U123456)"); omit verbose metadata (e.g., show only one profile image URL, not all sizes); group related information logically.
601
+
602
+ **JSON format:** return complete, structured data suitable for programmatic processing; include all available fields and metadata; use consistent field names and types.
603
+
604
+ ## Pagination Implementation
605
+
606
+ ```python
607
+ class ListInput(BaseModel):
608
+ limit: Optional[int] = Field(default=20, description="Maximum results to return", ge=1, le=100)
609
+ offset: Optional[int] = Field(default=0, description="Number of results to skip for pagination", ge=0)
610
+
611
+ async def list_items(params: ListInput) -> str:
612
+ # Make API request with pagination
613
+ data = await api_request(limit=params.limit, offset=params.offset)
614
+
615
+ # Return pagination info
616
+ response = {
617
+ "total": data["total"],
618
+ "count": len(data["items"]),
619
+ "offset": params.offset,
620
+ "items": data["items"],
621
+ "has_more": data["total"] > params.offset + len(data["items"]),
622
+ "next_offset": params.offset + len(data["items"]) if data["total"] > params.offset + len(data["items"]) else None
623
+ }
624
+ return json.dumps(response, indent=2)
625
+ ```
626
+
627
+ ## Error Handling
628
+
629
+ Provide clear, actionable error messages:
630
+
631
+ ```python
632
+ def _handle_api_error(e: Exception) -> str:
633
+ '''Consistent error formatting across all tools.'''
634
+ if isinstance(e, httpx.HTTPStatusError):
635
+ if e.response.status_code == 404:
636
+ return "Error: Resource not found. Please check the ID is correct."
637
+ elif e.response.status_code == 403:
638
+ return "Error: Permission denied. You don't have access to this resource."
639
+ elif e.response.status_code == 429:
640
+ return "Error: Rate limit exceeded. Please wait before making more requests."
641
+ return f"Error: API request failed with status {e.response.status_code}"
642
+ elif isinstance(e, httpx.TimeoutException):
643
+ return "Error: Request timed out. Please try again."
644
+ return f"Error: Unexpected error occurred: {type(e).__name__}"
645
+ ```
646
+
647
+ ## Shared Utilities
648
+
649
+ Extract common functionality into reusable functions:
650
+
651
+ ```python
652
+ # Shared API request function
653
+ async def _make_api_request(endpoint: str, method: str = "GET", **kwargs) -> dict:
654
+ '''Reusable function for all API calls.'''
655
+ async with httpx.AsyncClient() as client:
656
+ response = await client.request(
657
+ method,
658
+ f"{API_BASE_URL}/{endpoint}",
659
+ timeout=30.0,
660
+ **kwargs
661
+ )
662
+ response.raise_for_status()
663
+ return response.json()
664
+ ```
665
+
666
+ ## Async/Await Best Practices
667
+
668
+ Always use async/await for network requests and I/O operations:
669
+
670
+ ```python
671
+ # Good: Async network request
672
+ async def fetch_data(resource_id: str) -> dict:
673
+ async with httpx.AsyncClient() as client:
674
+ response = await client.get(f"{API_URL}/resource/{resource_id}")
675
+ response.raise_for_status()
676
+ return response.json()
677
+
678
+ # Bad: Synchronous request
679
+ def fetch_data(resource_id: str) -> dict:
680
+ response = requests.get(f"{API_URL}/resource/{resource_id}") # Blocks
681
+ return response.json()
682
+ ```
683
+
684
+ ## Type Hints
685
+
686
+ Use type hints throughout:
687
+
688
+ ```python
689
+ from typing import Optional, List, Dict, Any
690
+
691
+ async def get_user(user_id: str) -> Dict[str, Any]:
692
+ data = await fetch_user(user_id)
693
+ return {"id": data["id"], "name": data["name"]}
694
+ ```
695
+
696
+ ## Tool Docstrings
697
+
698
+ Every tool must have comprehensive docstrings with explicit type information, including the complete schema structure for dict/JSON returns and usage examples:
699
+
700
+ ```python
701
+ async def search_users(params: UserSearchInput) -> str:
702
+ '''
703
+ Search for users in the Example system by name, email, or team.
704
+
705
+ This tool searches across all user profiles in the Example platform,
706
+ supporting partial matches and various search filters. It does NOT
707
+ create or modify users, only searches existing ones.
708
+
709
+ Args:
710
+ params (UserSearchInput): Validated input parameters containing:
711
+ - query (str): Search string to match against names/emails (e.g., "john", "@example.com", "team:marketing")
712
+ - limit (Optional[int]): Maximum results to return, between 1-100 (default: 20)
713
+ - offset (Optional[int]): Number of results to skip for pagination (default: 0)
714
+
715
+ Returns:
716
+ str: JSON-formatted string containing search results with the following schema:
717
+
718
+ Success response:
719
+ {
720
+ "total": int, # Total number of matches found
721
+ "count": int, # Number of results in this response
722
+ "offset": int, # Current pagination offset
723
+ "users": [
724
+ {
725
+ "id": str, # User ID (e.g., "U123456789")
726
+ "name": str, # Full name (e.g., "John Doe")
727
+ "email": str, # Email address (e.g., "john@example.com")
728
+ "team": str # Team name (e.g., "Marketing") - optional
729
+ }
730
+ ]
731
+ }
732
+
733
+ Error response:
734
+ "Error: <error message>" or "No users found matching '<query>'"
735
+
736
+ Examples:
737
+ - Use when: "Find all marketing team members" -> params with query="team:marketing"
738
+ - Use when: "Search for John's account" -> params with query="john"
739
+ - Don't use when: You need to create a user (use example_create_user instead)
740
+ - Don't use when: You have a user ID and need full details (use example_get_user instead)
741
+
742
+ Error Handling:
743
+ - Input validation errors are handled by Pydantic model
744
+ - Returns "Error: Rate limit exceeded" if too many requests (429 status)
745
+ - Returns "Error: Invalid API authentication" if API key is invalid (401 status)
746
+ - Returns formatted list of results or "No users found matching 'query'"
747
+ '''
748
+ ```
749
+
750
+ ## Complete Example
751
+
752
+ ```python
753
+ #!/usr/bin/env python3
754
+ '''
755
+ MCP Server for Example Service.
756
+
757
+ This server provides tools to interact with Example API, including user search,
758
+ project management, and data export capabilities.
759
+ '''
760
+
761
+ from typing import Optional, List, Dict, Any
762
+ from enum import Enum
763
+ import httpx
764
+ from pydantic import BaseModel, Field, field_validator, ConfigDict
765
+ from mcp.server.fastmcp import FastMCP
766
+
767
+ # Initialize the MCP server
768
+ mcp = FastMCP("example_mcp")
769
+
770
+ # Constants
771
+ API_BASE_URL = "https://api.example.com/v1"
772
+
773
+ # Enums
774
+ class ResponseFormat(str, Enum):
775
+ '''Output format for tool responses.'''
776
+ MARKDOWN = "markdown"
777
+ JSON = "json"
778
+
779
+ # Pydantic Models for Input Validation
780
+ class UserSearchInput(BaseModel):
781
+ '''Input model for user search operations.'''
782
+ model_config = ConfigDict(
783
+ str_strip_whitespace=True,
784
+ validate_assignment=True
785
+ )
786
+
787
+ query: str = Field(..., description="Search string to match against names/emails", min_length=2, max_length=200)
788
+ limit: Optional[int] = Field(default=20, description="Maximum results to return", ge=1, le=100)
789
+ offset: Optional[int] = Field(default=0, description="Number of results to skip for pagination", ge=0)
790
+ response_format: ResponseFormat = Field(default=ResponseFormat.MARKDOWN, description="Output format")
791
+
792
+ @field_validator('query')
793
+ @classmethod
794
+ def validate_query(cls, v: str) -> str:
795
+ if not v.strip():
796
+ raise ValueError("Query cannot be empty or whitespace only")
797
+ return v.strip()
798
+
799
+ # Shared utility functions
800
+ async def _make_api_request(endpoint: str, method: str = "GET", **kwargs) -> dict:
801
+ '''Reusable function for all API calls.'''
802
+ async with httpx.AsyncClient() as client:
803
+ response = await client.request(
804
+ method,
805
+ f"{API_BASE_URL}/{endpoint}",
806
+ timeout=30.0,
807
+ **kwargs
808
+ )
809
+ response.raise_for_status()
810
+ return response.json()
811
+
812
+ def _handle_api_error(e: Exception) -> str:
813
+ '''Consistent error formatting across all tools.'''
814
+ if isinstance(e, httpx.HTTPStatusError):
815
+ if e.response.status_code == 404:
816
+ return "Error: Resource not found. Please check the ID is correct."
817
+ elif e.response.status_code == 403:
818
+ return "Error: Permission denied. You don't have access to this resource."
819
+ elif e.response.status_code == 429:
820
+ return "Error: Rate limit exceeded. Please wait before making more requests."
821
+ return f"Error: API request failed with status {e.response.status_code}"
822
+ elif isinstance(e, httpx.TimeoutException):
823
+ return "Error: Request timed out. Please try again."
824
+ return f"Error: Unexpected error occurred: {type(e).__name__}"
825
+
826
+ # Tool definitions
827
+ @mcp.tool(
828
+ name="example_search_users",
829
+ annotations={
830
+ "title": "Search Example Users",
831
+ "readOnlyHint": True,
832
+ "destructiveHint": False,
833
+ "idempotentHint": True,
834
+ "openWorldHint": True
835
+ }
836
+ )
837
+ async def example_search_users(params: UserSearchInput) -> str:
838
+ '''Search for users in the Example system by name, email, or team.
839
+
840
+ [Full docstring as shown above]
841
+ '''
842
+ try:
843
+ # Make API request using validated parameters
844
+ data = await _make_api_request(
845
+ "users/search",
846
+ params={
847
+ "q": params.query,
848
+ "limit": params.limit,
849
+ "offset": params.offset
850
+ }
851
+ )
852
+
853
+ users = data.get("users", [])
854
+ total = data.get("total", 0)
855
+
856
+ if not users:
857
+ return f"No users found matching '{params.query}'"
858
+
859
+ # Format response based on requested format
860
+ if params.response_format == ResponseFormat.MARKDOWN:
861
+ lines = [f"# User Search Results: '{params.query}'", ""]
862
+ lines.append(f"Found {total} users (showing {len(users)})")
863
+ lines.append("")
864
+
865
+ for user in users:
866
+ lines.append(f"## {user['name']} ({user['id']})")
867
+ lines.append(f"- **Email**: {user['email']}")
868
+ if user.get('team'):
869
+ lines.append(f"- **Team**: {user['team']}")
870
+ lines.append("")
871
+
872
+ return "\n".join(lines)
873
+
874
+ else:
875
+ # Machine-readable JSON format
876
+ import json
877
+ response = {
878
+ "total": total,
879
+ "count": len(users),
880
+ "offset": params.offset,
881
+ "users": users
882
+ }
883
+ return json.dumps(response, indent=2)
884
+
885
+ except Exception as e:
886
+ return _handle_api_error(e)
887
+
888
+ if __name__ == "__main__":
889
+ mcp.run()
890
+ ```
891
+
892
+ Advanced FastMCP features (context injection, resources, structured output, lifespan, transport), Python-specific best practices, and the quality checklist are in `12-python-advanced-and-checklist.md`.
893
+
894
+ ---
895
+ <!-- module: 12-python-advanced-and-checklist.md -->
896
+
897
+ # Python (FastMCP) — Advanced Features & Quality Checklist
898
+
899
+ Continues `11-python-implementation.md`. Advanced FastMCP capabilities, Python-specific best practices, and the finalization checklist.
900
+
901
+ ## Advanced FastMCP Features
902
+
903
+ ### Context Parameter Injection
904
+
905
+ FastMCP can automatically inject a `Context` parameter into tools for advanced capabilities like logging, progress reporting, resource reading, and user interaction:
906
+
907
+ ```python
908
+ from mcp.server.fastmcp import FastMCP, Context
909
+
910
+ mcp = FastMCP("example_mcp")
911
+
912
+ @mcp.tool()
913
+ async def advanced_search(query: str, ctx: Context) -> str:
914
+ '''Advanced tool with context access for logging and progress.'''
915
+
916
+ # Report progress for long operations
917
+ await ctx.report_progress(0.25, "Starting search...")
918
+
919
+ # Log information for debugging
920
+ await ctx.log_info("Processing query", {"query": query, "timestamp": datetime.now()})
921
+
922
+ # Perform search
923
+ results = await search_api(query)
924
+ await ctx.report_progress(0.75, "Formatting results...")
925
+
926
+ # Access server configuration
927
+ server_name = ctx.fastmcp.name
928
+
929
+ return format_results(results)
930
+
931
+ @mcp.tool()
932
+ async def interactive_tool(resource_id: str, ctx: Context) -> str:
933
+ '''Tool that can request additional input from users.'''
934
+
935
+ # Request sensitive information when needed
936
+ api_key = await ctx.elicit(
937
+ prompt="Please provide your API key:",
938
+ input_type="password"
939
+ )
940
+
941
+ # Use the provided key
942
+ return await api_call(resource_id, api_key)
943
+ ```
944
+
945
+ **Context capabilities:**
946
+ - `ctx.report_progress(progress, message)` — Report progress for long operations
947
+ - `ctx.log_info(message, data)` / `ctx.log_error()` / `ctx.log_debug()` — Logging
948
+ - `ctx.elicit(prompt, input_type)` — Request input from users
949
+ - `ctx.fastmcp.name` — Access server configuration
950
+ - `ctx.read_resource(uri)` — Read MCP resources
951
+
952
+ ### Resource Registration
953
+
954
+ Expose data as resources for efficient, template-based access:
955
+
956
+ ```python
957
+ @mcp.resource("file://documents/{name}")
958
+ async def get_document(name: str) -> str:
959
+ '''Expose documents as MCP resources.
960
+
961
+ Resources are useful for static or semi-static data that doesn't
962
+ require complex parameters. They use URI templates for flexible access.
963
+ '''
964
+ document_path = f"./docs/{name}"
965
+ with open(document_path, "r") as f:
966
+ return f.read()
967
+
968
+ @mcp.resource("config://settings/{key}")
969
+ async def get_setting(key: str, ctx: Context) -> str:
970
+ '''Expose configuration as resources with context.'''
971
+ settings = await load_settings()
972
+ return json.dumps(settings.get(key, {}))
973
+ ```
974
+
975
+ **When to use Resources vs Tools:**
976
+ - **Resources:** for data access with simple parameters (URI templates)
977
+ - **Tools:** for complex operations with validation and business logic
978
+
979
+ ### Structured Output Types
980
+
981
+ FastMCP supports multiple return types beyond strings:
982
+
983
+ ```python
984
+ from typing import TypedDict
985
+ from dataclasses import dataclass
986
+ from pydantic import BaseModel
987
+
988
+ # TypedDict for structured returns
989
+ class UserData(TypedDict):
990
+ id: str
991
+ name: str
992
+ email: str
993
+
994
+ @mcp.tool()
995
+ async def get_user_typed(user_id: str) -> UserData:
996
+ '''Returns structured data - FastMCP handles serialization.'''
997
+ return {"id": user_id, "name": "John Doe", "email": "john@example.com"}
998
+
999
+ # Pydantic models for complex validation
1000
+ class DetailedUser(BaseModel):
1001
+ id: str
1002
+ name: str
1003
+ email: str
1004
+ created_at: datetime
1005
+ metadata: Dict[str, Any]
1006
+
1007
+ @mcp.tool()
1008
+ async def get_user_detailed(user_id: str) -> DetailedUser:
1009
+ '''Returns Pydantic model - automatically generates schema.'''
1010
+ user = await fetch_user(user_id)
1011
+ return DetailedUser(**user)
1012
+ ```
1013
+
1014
+ ### Lifespan Management
1015
+
1016
+ Initialize resources that persist across requests:
1017
+
1018
+ ```python
1019
+ from contextlib import asynccontextmanager
1020
+
1021
+ @asynccontextmanager
1022
+ async def app_lifespan():
1023
+ '''Manage resources that live for the server's lifetime.'''
1024
+ # Initialize connections, load config, etc.
1025
+ db = await connect_to_database()
1026
+ config = load_configuration()
1027
+
1028
+ # Make available to all tools
1029
+ yield {"db": db, "config": config}
1030
+
1031
+ # Cleanup on shutdown
1032
+ await db.close()
1033
+
1034
+ mcp = FastMCP("example_mcp", lifespan=app_lifespan)
1035
+
1036
+ @mcp.tool()
1037
+ async def query_data(query: str, ctx: Context) -> str:
1038
+ '''Access lifespan resources through context.'''
1039
+ db = ctx.request_context.lifespan_state["db"]
1040
+ results = await db.query(query)
1041
+ return format_results(results)
1042
+ ```
1043
+
1044
+ ### Transport Options
1045
+
1046
+ FastMCP supports two main transport mechanisms:
1047
+
1048
+ ```python
1049
+ # stdio transport (for local tools) - default
1050
+ if __name__ == "__main__":
1051
+ mcp.run()
1052
+
1053
+ # Streamable HTTP transport (for remote servers)
1054
+ if __name__ == "__main__":
1055
+ mcp.run(transport="streamable_http", port=8000)
1056
+ ```
1057
+
1058
+ **Transport selection:**
1059
+ - **stdio:** command-line tools, local integrations, subprocess execution
1060
+ - **Streamable HTTP:** web services, remote access, multiple clients
1061
+
1062
+ ## Code Best Practices
1063
+
1064
+ ### Code Composability and Reusability
1065
+
1066
+ Prioritize composability and code reuse (the general rule is in `00-core.md`): extract common functionality into reusable helper functions, shared API clients, centralized error handling, composable business logic, and shared markdown/JSON field-selection & formatting. NEVER copy-paste similar code between tools; if you write similar logic twice, extract it. Share pagination, filtering, field selection, and formatting; centralize authentication/authorization.
1067
+
1068
+ ### Python-Specific Best Practices
1069
+
1070
+ 1. **Use Type Hints:** always include type annotations for function parameters and return values.
1071
+ 2. **Pydantic Models:** define clear Pydantic models for all input validation.
1072
+ 3. **Avoid Manual Validation:** let Pydantic handle input validation with constraints.
1073
+ 4. **Proper Imports:** group imports (standard library, third-party, local).
1074
+ 5. **Error Handling:** use specific exception types (`httpx.HTTPStatusError`, not generic `Exception`).
1075
+ 6. **Async Context Managers:** use `async with` for resources that need cleanup.
1076
+ 7. **Constants:** define module-level constants in UPPER_CASE.
1077
+
1078
+ ## Quality Checklist
1079
+
1080
+ Before finalizing your Python MCP server implementation, ensure:
1081
+
1082
+ ### Strategic Design
1083
+ - [ ] Tools enable complete workflows, not just API endpoint wrappers
1084
+ - [ ] Tool names reflect natural task subdivisions
1085
+ - [ ] Response formats optimize for agent context efficiency
1086
+ - [ ] Human-readable identifiers used where appropriate
1087
+ - [ ] Error messages guide agents toward correct usage
1088
+
1089
+ ### Implementation Quality
1090
+ - [ ] FOCUSED IMPLEMENTATION: Most important and valuable tools implemented
1091
+ - [ ] All tools have descriptive names and documentation
1092
+ - [ ] Return types are consistent across similar operations
1093
+ - [ ] Error handling is implemented for all external calls
1094
+ - [ ] Server name follows format: `{service}_mcp`
1095
+ - [ ] All network operations use async/await
1096
+ - [ ] Common functionality is extracted into reusable functions
1097
+ - [ ] Error messages are clear, actionable, and educational
1098
+ - [ ] Outputs are properly validated and formatted
1099
+
1100
+ ### Tool Configuration
1101
+ - [ ] All tools implement 'name' and 'annotations' in the decorator
1102
+ - [ ] Annotations correctly set (readOnlyHint, destructiveHint, idempotentHint, openWorldHint)
1103
+ - [ ] All tools use Pydantic BaseModel for input validation with Field() definitions
1104
+ - [ ] All Pydantic Fields have explicit types and descriptions with constraints
1105
+ - [ ] All tools have comprehensive docstrings with explicit input/output types
1106
+ - [ ] Docstrings include complete schema structure for dict/JSON returns
1107
+ - [ ] Pydantic models handle input validation (no manual validation needed)
1108
+
1109
+ ### Advanced Features (where applicable)
1110
+ - [ ] Context injection used for logging, progress, or elicitation
1111
+ - [ ] Resources registered for appropriate data endpoints
1112
+ - [ ] Lifespan management implemented for persistent connections
1113
+ - [ ] Structured output types used (TypedDict, Pydantic models)
1114
+ - [ ] Appropriate transport configured (stdio or streamable HTTP)
1115
+
1116
+ ### Code Quality
1117
+ - [ ] File includes proper imports including Pydantic imports
1118
+ - [ ] Pagination is properly implemented where applicable
1119
+ - [ ] Filtering options are provided for potentially large result sets
1120
+ - [ ] All async functions are properly defined with `async def`
1121
+ - [ ] HTTP client usage follows async patterns with proper context managers
1122
+ - [ ] Type hints are used throughout the code
1123
+ - [ ] Constants are defined at module level in UPPER_CASE
1124
+
1125
+ ### Testing
1126
+ - [ ] Server runs successfully: `python your_server.py --help`
1127
+ - [ ] All imports resolve correctly
1128
+ - [ ] Sample tool calls work as expected
1129
+ - [ ] Error scenarios handled gracefully
1130
+
1131
+ ---
1132
+ <!-- module: 13-node-implementation.md -->
1133
+
1134
+ # Node/TypeScript — Implementation Patterns
1135
+
1136
+ Node/TypeScript-specific best practices and code for implementing MCP servers with the MCP TypeScript SDK: project structure, server setup, tool registration, input validation with Zod, error handling, and a complete working example. Server naming (`{service}-mcp-server`) and tool naming are in the naming mini; this mini is the how-in-TypeScript.
1137
+
1138
+ ## MCP TypeScript SDK
1139
+
1140
+ The official MCP TypeScript SDK provides:
1141
+ - `McpServer` class for server initialization
1142
+ - `registerTool` method for tool registration
1143
+ - Zod schema integration for runtime input validation
1144
+ - Type-safe tool handler implementations
1145
+
1146
+ **IMPORTANT — Use Modern APIs Only:**
1147
+ - **DO use:** `server.registerTool()`, `server.registerResource()`, `server.registerPrompt()`
1148
+ - **DO NOT use:** old deprecated APIs such as `server.tool()`, `server.setRequestHandler(ListToolsRequestSchema, ...)`, or manual handler registration.
1149
+ - The `register*` methods provide better type safety, automatic schema handling, and are the recommended approach.
1150
+
1151
+ For complete SDK details use WebFetch: `https://raw.githubusercontent.com/modelcontextprotocol/typescript-sdk/main/README.md`
1152
+
1153
+ ## Quick Reference
1154
+
1155
+ ### Key imports
1156
+ ```typescript
1157
+ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
1158
+ import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
1159
+ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
1160
+ import express from "express";
1161
+ import { z } from "zod";
1162
+ ```
1163
+
1164
+ ### Server initialization
1165
+ ```typescript
1166
+ const server = new McpServer({
1167
+ name: "service-mcp-server",
1168
+ version: "1.0.0"
1169
+ });
1170
+ ```
1171
+
1172
+ ### Tool registration pattern
1173
+ ```typescript
1174
+ server.registerTool(
1175
+ "tool_name",
1176
+ {
1177
+ title: "Tool Display Name",
1178
+ description: "What the tool does",
1179
+ inputSchema: { param: z.string() },
1180
+ outputSchema: { result: z.string() }
1181
+ },
1182
+ async ({ param }) => {
1183
+ const output = { result: `Processed: ${param}` };
1184
+ return {
1185
+ content: [{ type: "text", text: JSON.stringify(output) }],
1186
+ structuredContent: output // Modern pattern for structured data
1187
+ };
1188
+ }
1189
+ );
1190
+ ```
1191
+
1192
+ ## Project Structure
1193
+
1194
+ ```
1195
+ {service}-mcp-server/
1196
+ ├── package.json
1197
+ ├── tsconfig.json
1198
+ ├── README.md
1199
+ ├── src/
1200
+ │ ├── index.ts # Main entry point with McpServer initialization
1201
+ │ ├── types.ts # TypeScript type definitions and interfaces
1202
+ │ ├── tools/ # Tool implementations (one file per domain)
1203
+ │ ├── services/ # API clients and shared utilities
1204
+ │ ├── schemas/ # Zod validation schemas
1205
+ │ └── constants.ts # Shared constants (API_URL, CHARACTER_LIMIT, etc.)
1206
+ └── dist/ # Built JavaScript files (entry point: dist/index.js)
1207
+ ```
1208
+
1209
+ ## Tool Structure
1210
+
1211
+ Use snake_case, action-oriented tool names with a service prefix (e.g., `slack_send_message`, `github_create_issue`, `asana_list_tasks`). Tools are registered using `registerTool`:
1212
+ - Use Zod schemas for runtime input validation and type safety.
1213
+ - The `description` field must be explicitly provided — JSDoc comments are NOT automatically extracted.
1214
+ - Explicitly provide `title`, `description`, `inputSchema`, and `annotations`.
1215
+ - The `inputSchema` must be a Zod schema object (not a JSON schema).
1216
+ - Type all parameters and return values explicitly.
1217
+
1218
+ ```typescript
1219
+ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
1220
+ import { z } from "zod";
1221
+
1222
+ const server = new McpServer({
1223
+ name: "example-mcp",
1224
+ version: "1.0.0"
1225
+ });
1226
+
1227
+ // Zod schema for input validation
1228
+ const UserSearchInputSchema = z.object({
1229
+ query: z.string()
1230
+ .min(2, "Query must be at least 2 characters")
1231
+ .max(200, "Query must not exceed 200 characters")
1232
+ .describe("Search string to match against names/emails"),
1233
+ limit: z.number()
1234
+ .int()
1235
+ .min(1)
1236
+ .max(100)
1237
+ .default(20)
1238
+ .describe("Maximum results to return"),
1239
+ offset: z.number()
1240
+ .int()
1241
+ .min(0)
1242
+ .default(0)
1243
+ .describe("Number of results to skip for pagination"),
1244
+ response_format: z.nativeEnum(ResponseFormat)
1245
+ .default(ResponseFormat.MARKDOWN)
1246
+ .describe("Output format: 'markdown' for human-readable or 'json' for machine-readable")
1247
+ }).strict();
1248
+
1249
+ // Type definition from Zod schema
1250
+ type UserSearchInput = z.infer<typeof UserSearchInputSchema>;
1251
+
1252
+ server.registerTool(
1253
+ "example_search_users",
1254
+ {
1255
+ title: "Search Example Users",
1256
+ description: `Search for users in the Example system by name, email, or team.
1257
+
1258
+ This tool searches across all user profiles in the Example platform, supporting partial matches and various search filters. It does NOT create or modify users, only searches existing ones.
1259
+
1260
+ Args:
1261
+ - query (string): Search string to match against names/emails
1262
+ - limit (number): Maximum results to return, between 1-100 (default: 20)
1263
+ - offset (number): Number of results to skip for pagination (default: 0)
1264
+ - response_format ('markdown' | 'json'): Output format (default: 'markdown')
1265
+
1266
+ Returns:
1267
+ For JSON format: Structured data with schema:
1268
+ {
1269
+ "total": number, // Total number of matches found
1270
+ "count": number, // Number of results in this response
1271
+ "offset": number, // Current pagination offset
1272
+ "users": [
1273
+ {
1274
+ "id": string, // User ID (e.g., "U123456789")
1275
+ "name": string, // Full name (e.g., "John Doe")
1276
+ "email": string, // Email address
1277
+ "team": string, // Team name (optional)
1278
+ "active": boolean // Whether user is active
1279
+ }
1280
+ ],
1281
+ "has_more": boolean, // Whether more results are available
1282
+ "next_offset": number // Offset for next page (if has_more is true)
1283
+ }
1284
+
1285
+ Examples:
1286
+ - Use when: "Find all marketing team members" -> params with query="team:marketing"
1287
+ - Use when: "Search for John's account" -> params with query="john"
1288
+ - Don't use when: You need to create a user (use example_create_user instead)
1289
+
1290
+ Error Handling:
1291
+ - Returns "Error: Rate limit exceeded" if too many requests (429 status)
1292
+ - Returns "No users found matching '<query>'" if search returns empty`,
1293
+ inputSchema: UserSearchInputSchema,
1294
+ annotations: {
1295
+ readOnlyHint: true,
1296
+ destructiveHint: false,
1297
+ idempotentHint: true,
1298
+ openWorldHint: true
1299
+ }
1300
+ },
1301
+ async (params: UserSearchInput) => {
1302
+ try {
1303
+ // Input validation is handled by Zod schema
1304
+ // Make API request using validated parameters
1305
+ const data = await makeApiRequest<any>(
1306
+ "users/search",
1307
+ "GET",
1308
+ undefined,
1309
+ {
1310
+ q: params.query,
1311
+ limit: params.limit,
1312
+ offset: params.offset
1313
+ }
1314
+ );
1315
+
1316
+ const users = data.users || [];
1317
+ const total = data.total || 0;
1318
+
1319
+ if (!users.length) {
1320
+ return {
1321
+ content: [{
1322
+ type: "text",
1323
+ text: `No users found matching '${params.query}'`
1324
+ }]
1325
+ };
1326
+ }
1327
+
1328
+ // Prepare structured output
1329
+ const output = {
1330
+ total,
1331
+ count: users.length,
1332
+ offset: params.offset,
1333
+ users: users.map((user: any) => ({
1334
+ id: user.id,
1335
+ name: user.name,
1336
+ email: user.email,
1337
+ ...(user.team ? { team: user.team } : {}),
1338
+ active: user.active ?? true
1339
+ })),
1340
+ has_more: total > params.offset + users.length,
1341
+ ...(total > params.offset + users.length ? {
1342
+ next_offset: params.offset + users.length
1343
+ } : {})
1344
+ };
1345
+
1346
+ // Format text representation based on requested format
1347
+ let textContent: string;
1348
+ if (params.response_format === ResponseFormat.MARKDOWN) {
1349
+ const lines = [`# User Search Results: '${params.query}'`, "",
1350
+ `Found ${total} users (showing ${users.length})`, ""];
1351
+ for (const user of users) {
1352
+ lines.push(`## ${user.name} (${user.id})`);
1353
+ lines.push(`- **Email**: ${user.email}`);
1354
+ if (user.team) lines.push(`- **Team**: ${user.team}`);
1355
+ lines.push("");
1356
+ }
1357
+ textContent = lines.join("\n");
1358
+ } else {
1359
+ textContent = JSON.stringify(output, null, 2);
1360
+ }
1361
+
1362
+ return {
1363
+ content: [{ type: "text", text: textContent }],
1364
+ structuredContent: output // Modern pattern for structured data
1365
+ };
1366
+ } catch (error) {
1367
+ return {
1368
+ content: [{
1369
+ type: "text",
1370
+ text: handleApiError(error)
1371
+ }]
1372
+ };
1373
+ }
1374
+ }
1375
+ );
1376
+ ```
1377
+
1378
+ ## Zod Schemas for Input Validation
1379
+
1380
+ Zod provides runtime type validation:
1381
+
1382
+ ```typescript
1383
+ import { z } from "zod";
1384
+
1385
+ // Basic schema with validation
1386
+ const CreateUserSchema = z.object({
1387
+ name: z.string()
1388
+ .min(1, "Name is required")
1389
+ .max(100, "Name must not exceed 100 characters"),
1390
+ email: z.string()
1391
+ .email("Invalid email format"),
1392
+ age: z.number()
1393
+ .int("Age must be a whole number")
1394
+ .min(0, "Age cannot be negative")
1395
+ .max(150, "Age cannot be greater than 150")
1396
+ }).strict(); // Use .strict() to forbid extra fields
1397
+
1398
+ // Enums
1399
+ enum ResponseFormat {
1400
+ MARKDOWN = "markdown",
1401
+ JSON = "json"
1402
+ }
1403
+
1404
+ const SearchSchema = z.object({
1405
+ response_format: z.nativeEnum(ResponseFormat)
1406
+ .default(ResponseFormat.MARKDOWN)
1407
+ .describe("Output format")
1408
+ });
1409
+
1410
+ // Optional fields with defaults
1411
+ const PaginationSchema = z.object({
1412
+ limit: z.number()
1413
+ .int()
1414
+ .min(1)
1415
+ .max(100)
1416
+ .default(20)
1417
+ .describe("Maximum results to return"),
1418
+ offset: z.number()
1419
+ .int()
1420
+ .min(0)
1421
+ .default(0)
1422
+ .describe("Number of results to skip")
1423
+ });
1424
+ ```
1425
+
1426
+ ## Response Format Options
1427
+
1428
+ Support multiple output formats for flexibility (concept in the response-formats mini):
1429
+
1430
+ ```typescript
1431
+ enum ResponseFormat {
1432
+ MARKDOWN = "markdown",
1433
+ JSON = "json"
1434
+ }
1435
+
1436
+ const inputSchema = z.object({
1437
+ query: z.string(),
1438
+ response_format: z.nativeEnum(ResponseFormat)
1439
+ .default(ResponseFormat.MARKDOWN)
1440
+ .describe("Output format: 'markdown' for human-readable or 'json' for machine-readable")
1441
+ });
1442
+ ```
1443
+
1444
+ **Markdown format:** use headers, lists, and formatting for clarity; convert timestamps to human-readable format; show display names with IDs in parentheses; omit verbose metadata; group related information logically.
1445
+
1446
+ **JSON format:** return complete, structured data suitable for programmatic processing; include all available fields and metadata; use consistent field names and types.
1447
+
1448
+ ## Pagination Implementation
1449
+
1450
+ ```typescript
1451
+ const ListSchema = z.object({
1452
+ limit: z.number().int().min(1).max(100).default(20),
1453
+ offset: z.number().int().min(0).default(0)
1454
+ });
1455
+
1456
+ async function listItems(params: z.infer<typeof ListSchema>) {
1457
+ const data = await apiRequest(params.limit, params.offset);
1458
+
1459
+ const response = {
1460
+ total: data.total,
1461
+ count: data.items.length,
1462
+ offset: params.offset,
1463
+ items: data.items,
1464
+ has_more: data.total > params.offset + data.items.length,
1465
+ next_offset: data.total > params.offset + data.items.length
1466
+ ? params.offset + data.items.length
1467
+ : undefined
1468
+ };
1469
+
1470
+ return JSON.stringify(response, null, 2);
1471
+ }
1472
+ ```
1473
+
1474
+ ## Character Limits and Truncation
1475
+
1476
+ Add a CHARACTER_LIMIT constant to prevent overwhelming responses:
1477
+
1478
+ ```typescript
1479
+ // At module level in constants.ts
1480
+ export const CHARACTER_LIMIT = 25000; // Maximum response size in characters
1481
+
1482
+ async function searchTool(params: SearchInput) {
1483
+ let result = generateResponse(data);
1484
+
1485
+ // Check character limit and truncate if needed
1486
+ if (result.length > CHARACTER_LIMIT) {
1487
+ const truncatedData = data.slice(0, Math.max(1, data.length / 2));
1488
+ response.data = truncatedData;
1489
+ response.truncated = true;
1490
+ response.truncation_message =
1491
+ `Response truncated from ${data.length} to ${truncatedData.length} items. ` +
1492
+ `Use 'offset' parameter or add filters to see more results.`;
1493
+ result = JSON.stringify(response, null, 2);
1494
+ }
1495
+
1496
+ return result;
1497
+ }
1498
+ ```
1499
+
1500
+ ## Error Handling
1501
+
1502
+ Provide clear, actionable error messages:
1503
+
1504
+ ```typescript
1505
+ import axios, { AxiosError } from "axios";
1506
+
1507
+ function handleApiError(error: unknown): string {
1508
+ if (error instanceof AxiosError) {
1509
+ if (error.response) {
1510
+ switch (error.response.status) {
1511
+ case 404:
1512
+ return "Error: Resource not found. Please check the ID is correct.";
1513
+ case 403:
1514
+ return "Error: Permission denied. You don't have access to this resource.";
1515
+ case 429:
1516
+ return "Error: Rate limit exceeded. Please wait before making more requests.";
1517
+ default:
1518
+ return `Error: API request failed with status ${error.response.status}`;
1519
+ }
1520
+ } else if (error.code === "ECONNABORTED") {
1521
+ return "Error: Request timed out. Please try again.";
1522
+ }
1523
+ }
1524
+ return `Error: Unexpected error occurred: ${error instanceof Error ? error.message : String(error)}`;
1525
+ }
1526
+ ```
1527
+
1528
+ ## Shared Utilities
1529
+
1530
+ Extract common functionality into reusable functions:
1531
+
1532
+ ```typescript
1533
+ // Shared API request function
1534
+ async function makeApiRequest<T>(
1535
+ endpoint: string,
1536
+ method: "GET" | "POST" | "PUT" | "DELETE" = "GET",
1537
+ data?: any,
1538
+ params?: any
1539
+ ): Promise<T> {
1540
+ try {
1541
+ const response = await axios({
1542
+ method,
1543
+ url: `${API_BASE_URL}/${endpoint}`,
1544
+ data,
1545
+ params,
1546
+ timeout: 30000,
1547
+ headers: {
1548
+ "Content-Type": "application/json",
1549
+ "Accept": "application/json"
1550
+ }
1551
+ });
1552
+ return response.data;
1553
+ } catch (error) {
1554
+ throw error;
1555
+ }
1556
+ }
1557
+ ```
1558
+
1559
+ ## Async/Await Best Practices
1560
+
1561
+ Always use async/await for network requests and I/O operations:
1562
+
1563
+ ```typescript
1564
+ // Good: Async network request
1565
+ async function fetchData(resourceId: string): Promise<ResourceData> {
1566
+ const response = await axios.get(`${API_URL}/resource/${resourceId}`);
1567
+ return response.data;
1568
+ }
1569
+
1570
+ // Bad: Promise chains
1571
+ function fetchData(resourceId: string): Promise<ResourceData> {
1572
+ return axios.get(`${API_URL}/resource/${resourceId}`)
1573
+ .then(response => response.data); // Harder to read and maintain
1574
+ }
1575
+ ```
1576
+
1577
+ ## TypeScript Best Practices
1578
+
1579
+ 1. **Use Strict TypeScript:** enable strict mode in tsconfig.json.
1580
+ 2. **Define Interfaces:** create clear interface definitions for all data structures.
1581
+ 3. **Avoid `any`:** use proper types or `unknown` instead of `any`.
1582
+ 4. **Zod for Runtime Validation:** use Zod schemas to validate external data.
1583
+ 5. **Type Guards:** create type guard functions for complex type checking.
1584
+ 6. **Error Handling:** always use try-catch with proper error type checking.
1585
+ 7. **Null Safety:** use optional chaining (`?.`) and nullish coalescing (`??`).
1586
+
1587
+ ```typescript
1588
+ // Good: Type-safe with Zod and interfaces
1589
+ interface UserResponse {
1590
+ id: string;
1591
+ name: string;
1592
+ email: string;
1593
+ team?: string;
1594
+ active: boolean;
1595
+ }
1596
+
1597
+ const UserSchema = z.object({
1598
+ id: z.string(),
1599
+ name: z.string(),
1600
+ email: z.string().email(),
1601
+ team: z.string().optional(),
1602
+ active: z.boolean()
1603
+ });
1604
+
1605
+ type User = z.infer<typeof UserSchema>;
1606
+
1607
+ async function getUser(id: string): Promise<User> {
1608
+ const data = await apiCall(`/users/${id}`);
1609
+ return UserSchema.parse(data); // Runtime validation
1610
+ }
1611
+
1612
+ // Bad: Using any
1613
+ async function getUser(id: string): Promise<any> {
1614
+ return await apiCall(`/users/${id}`); // No type safety
1615
+ }
1616
+ ```
1617
+
1618
+ ## Package Configuration
1619
+
1620
+ ### package.json
1621
+
1622
+ ```json
1623
+ {
1624
+ "name": "{service}-mcp-server",
1625
+ "version": "1.0.0",
1626
+ "description": "MCP server for {Service} API integration",
1627
+ "type": "module",
1628
+ "main": "dist/index.js",
1629
+ "scripts": {
1630
+ "start": "node dist/index.js",
1631
+ "dev": "tsx watch src/index.ts",
1632
+ "build": "tsc",
1633
+ "clean": "rm -rf dist"
1634
+ },
1635
+ "engines": {
1636
+ "node": ">=18"
1637
+ },
1638
+ "dependencies": {
1639
+ "@modelcontextprotocol/sdk": "^1.6.1",
1640
+ "axios": "^1.7.9",
1641
+ "zod": "^3.23.8"
1642
+ },
1643
+ "devDependencies": {
1644
+ "@types/node": "^22.10.0",
1645
+ "tsx": "^4.19.2",
1646
+ "typescript": "^5.7.2"
1647
+ }
1648
+ }
1649
+ ```
1650
+
1651
+ ### tsconfig.json
1652
+
1653
+ ```json
1654
+ {
1655
+ "compilerOptions": {
1656
+ "target": "ES2022",
1657
+ "module": "Node16",
1658
+ "moduleResolution": "Node16",
1659
+ "lib": ["ES2022"],
1660
+ "outDir": "./dist",
1661
+ "rootDir": "./src",
1662
+ "strict": true,
1663
+ "esModuleInterop": true,
1664
+ "skipLibCheck": true,
1665
+ "forceConsistentCasingInFileNames": true,
1666
+ "declaration": true,
1667
+ "declarationMap": true,
1668
+ "sourceMap": true,
1669
+ "allowSyntheticDefaultImports": true
1670
+ },
1671
+ "include": ["src/**/*"],
1672
+ "exclude": ["node_modules", "dist"]
1673
+ }
1674
+ ```
1675
+
1676
+ ## Complete Example
1677
+
1678
+ ```typescript
1679
+ #!/usr/bin/env node
1680
+ /**
1681
+ * MCP Server for Example Service.
1682
+ *
1683
+ * This server provides tools to interact with Example API, including user search,
1684
+ * project management, and data export capabilities.
1685
+ */
1686
+
1687
+ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
1688
+ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
1689
+ import { z } from "zod";
1690
+ import axios, { AxiosError } from "axios";
1691
+
1692
+ // Constants
1693
+ const API_BASE_URL = "https://api.example.com/v1";
1694
+ const CHARACTER_LIMIT = 25000;
1695
+
1696
+ // Enums
1697
+ enum ResponseFormat {
1698
+ MARKDOWN = "markdown",
1699
+ JSON = "json"
1700
+ }
1701
+
1702
+ // Zod schemas
1703
+ const UserSearchInputSchema = z.object({
1704
+ query: z.string()
1705
+ .min(2, "Query must be at least 2 characters")
1706
+ .max(200, "Query must not exceed 200 characters")
1707
+ .describe("Search string to match against names/emails"),
1708
+ limit: z.number()
1709
+ .int()
1710
+ .min(1)
1711
+ .max(100)
1712
+ .default(20)
1713
+ .describe("Maximum results to return"),
1714
+ offset: z.number()
1715
+ .int()
1716
+ .min(0)
1717
+ .default(0)
1718
+ .describe("Number of results to skip for pagination"),
1719
+ response_format: z.nativeEnum(ResponseFormat)
1720
+ .default(ResponseFormat.MARKDOWN)
1721
+ .describe("Output format: 'markdown' for human-readable or 'json' for machine-readable")
1722
+ }).strict();
1723
+
1724
+ type UserSearchInput = z.infer<typeof UserSearchInputSchema>;
1725
+
1726
+ // Shared utility functions
1727
+ async function makeApiRequest<T>(
1728
+ endpoint: string,
1729
+ method: "GET" | "POST" | "PUT" | "DELETE" = "GET",
1730
+ data?: any,
1731
+ params?: any
1732
+ ): Promise<T> {
1733
+ try {
1734
+ const response = await axios({
1735
+ method,
1736
+ url: `${API_BASE_URL}/${endpoint}`,
1737
+ data,
1738
+ params,
1739
+ timeout: 30000,
1740
+ headers: {
1741
+ "Content-Type": "application/json",
1742
+ "Accept": "application/json"
1743
+ }
1744
+ });
1745
+ return response.data;
1746
+ } catch (error) {
1747
+ throw error;
1748
+ }
1749
+ }
1750
+
1751
+ function handleApiError(error: unknown): string {
1752
+ if (error instanceof AxiosError) {
1753
+ if (error.response) {
1754
+ switch (error.response.status) {
1755
+ case 404:
1756
+ return "Error: Resource not found. Please check the ID is correct.";
1757
+ case 403:
1758
+ return "Error: Permission denied. You don't have access to this resource.";
1759
+ case 429:
1760
+ return "Error: Rate limit exceeded. Please wait before making more requests.";
1761
+ default:
1762
+ return `Error: API request failed with status ${error.response.status}`;
1763
+ }
1764
+ } else if (error.code === "ECONNABORTED") {
1765
+ return "Error: Request timed out. Please try again.";
1766
+ }
1767
+ }
1768
+ return `Error: Unexpected error occurred: ${error instanceof Error ? error.message : String(error)}`;
1769
+ }
1770
+
1771
+ // Create MCP server instance
1772
+ const server = new McpServer({
1773
+ name: "example-mcp",
1774
+ version: "1.0.0"
1775
+ });
1776
+
1777
+ // Register tools
1778
+ server.registerTool(
1779
+ "example_search_users",
1780
+ {
1781
+ title: "Search Example Users",
1782
+ description: `[Full description as shown above]`,
1783
+ inputSchema: UserSearchInputSchema,
1784
+ annotations: {
1785
+ readOnlyHint: true,
1786
+ destructiveHint: false,
1787
+ idempotentHint: true,
1788
+ openWorldHint: true
1789
+ }
1790
+ },
1791
+ async (params: UserSearchInput) => {
1792
+ // Implementation as shown above
1793
+ }
1794
+ );
1795
+
1796
+ // Main function
1797
+ // For stdio (local):
1798
+ async function runStdio() {
1799
+ if (!process.env.EXAMPLE_API_KEY) {
1800
+ console.error("ERROR: EXAMPLE_API_KEY environment variable is required");
1801
+ process.exit(1);
1802
+ }
1803
+
1804
+ const transport = new StdioServerTransport();
1805
+ await server.connect(transport);
1806
+ console.error("MCP server running via stdio");
1807
+ }
1808
+
1809
+ // For streamable HTTP (remote):
1810
+ async function runHTTP() {
1811
+ if (!process.env.EXAMPLE_API_KEY) {
1812
+ console.error("ERROR: EXAMPLE_API_KEY environment variable is required");
1813
+ process.exit(1);
1814
+ }
1815
+
1816
+ const app = express();
1817
+ app.use(express.json());
1818
+
1819
+ app.post('/mcp', async (req, res) => {
1820
+ const transport = new StreamableHTTPServerTransport({
1821
+ sessionIdGenerator: undefined,
1822
+ enableJsonResponse: true
1823
+ });
1824
+ res.on('close', () => transport.close());
1825
+ await server.connect(transport);
1826
+ await transport.handleRequest(req, res, req.body);
1827
+ });
1828
+
1829
+ const port = parseInt(process.env.PORT || '3000');
1830
+ app.listen(port, () => {
1831
+ console.error(`MCP server running on http://localhost:${port}/mcp`);
1832
+ });
1833
+ }
1834
+
1835
+ // Choose transport based on environment
1836
+ const transport = process.env.TRANSPORT || 'stdio';
1837
+ if (transport === 'http') {
1838
+ runHTTP().catch(error => {
1839
+ console.error("Server error:", error);
1840
+ process.exit(1);
1841
+ });
1842
+ } else {
1843
+ runStdio().catch(error => {
1844
+ console.error("Server error:", error);
1845
+ process.exit(1);
1846
+ });
1847
+ }
1848
+ ```
1849
+
1850
+ Advanced MCP features (resources, transport, notifications), build/run commands, and the quality checklist are in `14-node-advanced-and-checklist.md`.
1851
+
1852
+ ---
1853
+ <!-- module: 14-node-advanced-and-checklist.md -->
1854
+
1855
+ # Node/TypeScript — Advanced Features, Build & Quality Checklist
1856
+
1857
+ Continues `13-node-implementation.md`. Advanced MCP features, building/running, and the finalization checklist.
1858
+
1859
+ ## Advanced MCP Features
1860
+
1861
+ ### Resource Registration
1862
+
1863
+ Expose data as resources for efficient, URI-based access:
1864
+
1865
+ ```typescript
1866
+ import { ResourceTemplate } from "@modelcontextprotocol/sdk/types.js";
1867
+
1868
+ // Register a resource with URI template
1869
+ server.registerResource(
1870
+ {
1871
+ uri: "file://documents/{name}",
1872
+ name: "Document Resource",
1873
+ description: "Access documents by name",
1874
+ mimeType: "text/plain"
1875
+ },
1876
+ async (uri: string) => {
1877
+ // Extract parameter from URI
1878
+ const match = uri.match(/^file:\/\/documents\/(.+)$/);
1879
+ if (!match) {
1880
+ throw new Error("Invalid URI format");
1881
+ }
1882
+
1883
+ const documentName = match[1];
1884
+ const content = await loadDocument(documentName);
1885
+
1886
+ return {
1887
+ contents: [{
1888
+ uri,
1889
+ mimeType: "text/plain",
1890
+ text: content
1891
+ }]
1892
+ };
1893
+ }
1894
+ );
1895
+
1896
+ // List available resources dynamically
1897
+ server.registerResourceList(async () => {
1898
+ const documents = await getAvailableDocuments();
1899
+ return {
1900
+ resources: documents.map(doc => ({
1901
+ uri: `file://documents/${doc.name}`,
1902
+ name: doc.name,
1903
+ mimeType: "text/plain",
1904
+ description: doc.description
1905
+ }))
1906
+ };
1907
+ });
1908
+ ```
1909
+
1910
+ **When to use Resources vs Tools:**
1911
+ - **Resources:** for data access with simple URI-based parameters
1912
+ - **Tools:** for complex operations requiring validation and business logic
1913
+ - **Resources:** when data is relatively static or template-based
1914
+ - **Tools:** when operations have side effects or complex workflows
1915
+
1916
+ ### Transport Options
1917
+
1918
+ The TypeScript SDK supports two main transport mechanisms:
1919
+
1920
+ #### Streamable HTTP (Recommended for Remote Servers)
1921
+
1922
+ ```typescript
1923
+ import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
1924
+ import express from "express";
1925
+
1926
+ const app = express();
1927
+ app.use(express.json());
1928
+
1929
+ app.post('/mcp', async (req, res) => {
1930
+ // Create new transport for each request (stateless, prevents request ID collisions)
1931
+ const transport = new StreamableHTTPServerTransport({
1932
+ sessionIdGenerator: undefined,
1933
+ enableJsonResponse: true
1934
+ });
1935
+
1936
+ res.on('close', () => transport.close());
1937
+
1938
+ await server.connect(transport);
1939
+ await transport.handleRequest(req, res, req.body);
1940
+ });
1941
+
1942
+ app.listen(3000);
1943
+ ```
1944
+
1945
+ #### stdio (For Local Integrations)
1946
+
1947
+ ```typescript
1948
+ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
1949
+
1950
+ const transport = new StdioServerTransport();
1951
+ await server.connect(transport);
1952
+ ```
1953
+
1954
+ **Transport selection:**
1955
+ - **Streamable HTTP:** web services, remote access, multiple clients
1956
+ - **stdio:** command-line tools, local development, subprocess integration
1957
+
1958
+ ### Notification Support
1959
+
1960
+ Notify clients when server state changes:
1961
+
1962
+ ```typescript
1963
+ // Notify when tools list changes
1964
+ server.notification({
1965
+ method: "notifications/tools/list_changed"
1966
+ });
1967
+
1968
+ // Notify when resources change
1969
+ server.notification({
1970
+ method: "notifications/resources/list_changed"
1971
+ });
1972
+ ```
1973
+
1974
+ Use notifications sparingly — only when server capabilities genuinely change.
1975
+
1976
+ ## Code Best Practices
1977
+
1978
+ ### Code Composability and Reusability
1979
+
1980
+ Prioritize composability and code reuse (the general rule is in `00-core.md`): extract common functionality into reusable helper functions, shared API clients, centralized error handling, composable business logic, and shared markdown/JSON field-selection & formatting. NEVER copy-paste similar code between tools; if you write similar logic twice, extract it. Share pagination, filtering, field selection, and formatting; centralize authentication/authorization.
1981
+
1982
+ ## Building and Running
1983
+
1984
+ Always build your TypeScript code before running:
1985
+
1986
+ ```bash
1987
+ # Build the project
1988
+ npm run build
1989
+
1990
+ # Run the server
1991
+ npm start
1992
+
1993
+ # Development with auto-reload
1994
+ npm run dev
1995
+ ```
1996
+
1997
+ Always ensure `npm run build` completes successfully before considering the implementation complete.
1998
+
1999
+ ## Quality Checklist
2000
+
2001
+ Before finalizing your Node/TypeScript MCP server implementation, ensure:
2002
+
2003
+ ### Strategic Design
2004
+ - [ ] Tools enable complete workflows, not just API endpoint wrappers
2005
+ - [ ] Tool names reflect natural task subdivisions
2006
+ - [ ] Response formats optimize for agent context efficiency
2007
+ - [ ] Human-readable identifiers used where appropriate
2008
+ - [ ] Error messages guide agents toward correct usage
2009
+
2010
+ ### Implementation Quality
2011
+ - [ ] FOCUSED IMPLEMENTATION: Most important and valuable tools implemented
2012
+ - [ ] All tools registered using `registerTool` with complete configuration
2013
+ - [ ] All tools include `title`, `description`, `inputSchema`, and `annotations`
2014
+ - [ ] Annotations correctly set (readOnlyHint, destructiveHint, idempotentHint, openWorldHint)
2015
+ - [ ] All tools use Zod schemas for runtime input validation with `.strict()` enforcement
2016
+ - [ ] All Zod schemas have proper constraints and descriptive error messages
2017
+ - [ ] All tools have comprehensive descriptions with explicit input/output types
2018
+ - [ ] Descriptions include return value examples and complete schema documentation
2019
+ - [ ] Error messages are clear, actionable, and educational
2020
+
2021
+ ### TypeScript Quality
2022
+ - [ ] TypeScript interfaces are defined for all data structures
2023
+ - [ ] Strict TypeScript is enabled in tsconfig.json
2024
+ - [ ] No use of `any` type - use `unknown` or proper types instead
2025
+ - [ ] All async functions have explicit Promise<T> return types
2026
+ - [ ] Error handling uses proper type guards (e.g., `axios.isAxiosError`, `z.ZodError`)
2027
+
2028
+ ### Advanced Features (where applicable)
2029
+ - [ ] Resources registered for appropriate data endpoints
2030
+ - [ ] Appropriate transport configured (stdio or streamable HTTP)
2031
+ - [ ] Notifications implemented for dynamic server capabilities
2032
+ - [ ] Type-safe with SDK interfaces
2033
+
2034
+ ### Project Configuration
2035
+ - [ ] Package.json includes all necessary dependencies
2036
+ - [ ] Build script produces working JavaScript in dist/ directory
2037
+ - [ ] Main entry point is properly configured as dist/index.js
2038
+ - [ ] Server name follows format: `{service}-mcp-server`
2039
+ - [ ] tsconfig.json properly configured with strict mode
2040
+
2041
+ ### Code Quality
2042
+ - [ ] Pagination is properly implemented where applicable
2043
+ - [ ] Large responses check CHARACTER_LIMIT constant and truncate with clear messages
2044
+ - [ ] Filtering options are provided for potentially large result sets
2045
+ - [ ] All network operations handle timeouts and connection errors gracefully
2046
+ - [ ] Common functionality is extracted into reusable functions
2047
+ - [ ] Return types are consistent across similar operations
2048
+
2049
+ ### Testing and Build
2050
+ - [ ] `npm run build` completes successfully without errors
2051
+ - [ ] dist/index.js created and executable
2052
+ - [ ] Server runs: `node dist/index.js --help`
2053
+ - [ ] All imports resolve correctly
2054
+ - [ ] Sample tool calls work as expected
2055
+
2056
+ ---
2057
+ <!-- module: 15-evaluation-design.md -->
2058
+
2059
+ # Evaluations — Designing Questions (Phase 4)
2060
+
2061
+ Create comprehensive evaluations that test whether LLMs can effectively use your MCP server to answer realistic, complex questions using ONLY the tools provided. Running the evaluation harness is covered in `16-evaluation-running.md`.
2062
+
2063
+ ## Purpose
2064
+
2065
+ The measure of quality of an MCP server is NOT how well or comprehensively the server implements tools, but how well these implementations (input/output schemas, docstrings/descriptions, functionality) enable LLMs — with no other context and access ONLY to the MCP server — to answer realistic and difficult questions.
2066
+
2067
+ ## Overview & Requirements
2068
+
2069
+ Create **10 human-readable questions** requiring ONLY READ-ONLY, INDEPENDENT, NON-DESTRUCTIVE, and IDEMPOTENT operations to answer. Each question should be:
2070
+ - Realistic
2071
+ - Clear and concise
2072
+ - Unambiguous
2073
+ - Complex, requiring potentially dozens of tool calls or steps
2074
+ - Answerable with a single, verifiable value that you identify in advance
2075
+
2076
+ The four-step creation process (referenced from the workflow): (1) **Tool Inspection** — list available tools and understand their capabilities; (2) **Content Exploration** — use READ-ONLY operations to explore available data; (3) **Question Generation** — create 10 complex, realistic questions; (4) **Answer Verification** — solve each question yourself to verify answers.
2077
+
2078
+ ## Question Guidelines
2079
+
2080
+ ### Core Requirements
2081
+
2082
+ 1. **Questions MUST be independent** — each should NOT depend on the answer to any other question, and should not assume prior write operations from processing another question.
2083
+ 2. **Questions MUST require ONLY NON-DESTRUCTIVE AND IDEMPOTENT tool use** — should not instruct or require modifying state to arrive at the correct answer.
2084
+ 3. **Questions must be REALISTIC, CLEAR, CONCISE, and COMPLEX** — must require another LLM to use multiple (potentially dozens of) tools or steps to answer.
2085
+
2086
+ ### Complexity and Depth
2087
+
2088
+ 4. **Questions must require deep exploration** — consider multi-hop questions requiring multiple sub-questions and sequential tool calls; each step should benefit from information found in previous steps.
2089
+ 5. **Questions may require extensive paging** — may need paging through multiple pages of results; may require querying old data (1–2 years out-of-date) to find niche information; the questions must be DIFFICULT.
2090
+ 6. **Questions must require deep understanding** — rather than surface-level knowledge; may pose complex ideas as True/False questions requiring evidence; may use multiple-choice format where the LLM must search different hypotheses.
2091
+ 7. **Questions must not be solvable with straightforward keyword search** — do not include specific keywords from the target content; use synonyms, related concepts, or paraphrases; require multiple searches, analyzing multiple related items, extracting context, then deriving the answer.
2092
+
2093
+ ### Tool Testing
2094
+
2095
+ 8. **Questions should stress-test tool return values** — may elicit tools returning large JSON objects or lists that overwhelm the LLM; should require understanding multiple modalities of data (IDs and names; timestamps and datetimes — months, days, years, seconds; file IDs, names, extensions, mimetypes; URLs, GIDs, etc.); should probe the tool's ability to return all useful forms of data.
2096
+ 9. **Questions should MOSTLY reflect real human use cases** — the kinds of information-retrieval tasks that humans assisted by an LLM would care about.
2097
+ 10. **Questions may require dozens of tool calls** — this challenges LLMs with limited context and encourages MCP server tools to reduce information returned.
2098
+ 11. **Include ambiguous questions** — may be ambiguous OR require difficult decisions on which tools to call; force the LLM to potentially make mistakes or misinterpret; ensure that despite AMBIGUITY, there is STILL A SINGLE VERIFIABLE ANSWER.
2099
+
2100
+ ### Stability
2101
+
2102
+ 12. **Questions must be designed so the answer DOES NOT CHANGE** — do not ask questions that rely on dynamic "current state." For example, do not count: number of reactions to a post, number of replies to a thread, number of members in a channel.
2103
+ 13. **DO NOT let the MCP server RESTRICT the kinds of questions you create** — create challenging and complex questions; some may not be solvable with the available tools; questions may require specific output formats (datetime vs. epoch time, JSON vs. MARKDOWN); questions may require dozens of tool calls.
2104
+
2105
+ ## Answer Guidelines
2106
+
2107
+ ### Verification
2108
+
2109
+ 1. **Answers must be VERIFIABLE via direct string comparison.** If the answer can be written in many formats, clearly specify the output format in the QUESTION (e.g., "Use YYYY/MM/DD.", "Respond True or False.", "Answer A, B, C, or D and nothing else."). Answer should be a single verifiable value such as: user ID, user name, display name, first name, last name; channel ID, channel name; message ID, string; URL, title; numerical quantity; timestamp, datetime; boolean (True/False); email address, phone number; file ID, file name, file extension; multiple choice answer. Answers must not require special formatting or complex, structured output. Answer will be verified using DIRECT STRING COMPARISON.
2110
+
2111
+ ### Readability
2112
+
2113
+ 2. **Answers should generally prefer HUMAN-READABLE formats** — names, first name, last name, datetime, file name, message string, URL, yes/no, true/false, a/b/c/d — rather than opaque IDs (though IDs are acceptable). The VAST MAJORITY of answers should be human-readable.
2114
+
2115
+ ### Stability
2116
+
2117
+ 3. **Answers must be STABLE/STATIONARY** — look at old content (conversations that have ended, projects that have launched, questions answered); create questions based on "closed" concepts that will always return the same answer; questions may ask to consider a fixed time window to insulate from non-stationary answers; rely on context UNLIKELY to change. Example: if finding a paper name, be SPECIFIC enough so the answer is not confused with papers published later.
2118
+ 4. **Answers must be CLEAR and UNAMBIGUOUS** — designed so there is a single, clear answer derivable from the MCP server tools.
2119
+
2120
+ ### Diversity
2121
+
2122
+ 5. **Answers must be DIVERSE** — a single verifiable value in diverse modalities and formats. User concept: user ID, user name, display name, first name, last name, email address, phone number. Channel concept: channel ID, channel name, channel topic. Message concept: message ID, message string, timestamp, month, day, year.
2123
+ 6. **Answers must NOT be complex structures** — not a list of values, not a complex object, not a list of IDs or strings, not natural language text — UNLESS the answer can be straightforwardly verified using DIRECT STRING COMPARISON and can be realistically reproduced (unlikely that an LLM would return the same list in any other order or format).
2124
+
2125
+ ## Evaluation Process
2126
+
2127
+ 1. **Documentation Inspection** — read the target API docs to understand available endpoints and functionality; if ambiguity exists, fetch additional info from the web; parallelize as much as possible; ensure each subagent is ONLY examining documentation from the file system or web.
2128
+ 2. **Tool Inspection** — list the tools available in the MCP server; inspect input/output schemas, docstrings, and descriptions WITHOUT calling the tools at this stage.
2129
+ 3. **Developing Understanding** — repeat steps 1 & 2, iterating multiple times; think about the tasks you want to create and refine understanding; at NO stage READ the code of the MCP server implementation itself; use intuition to create reasonable, realistic, but VERY challenging tasks.
2130
+ 4. **Read-Only Content Inspection** — USE the MCP server tools with READ-ONLY, NON-DESTRUCTIVE operations ONLY to identify specific content (users, channels, messages, projects, tasks) for realistic questions. Do NOT call tools that modify state. Do NOT read the server's code. Parallelize with individual sub-agents pursuing independent explorations (each performing only read-only, non-destructive, idempotent operations). BE CAREFUL: some tools may return LOTS OF DATA and exhaust context — make INCREMENTAL, SMALL, TARGETED calls; in all tool call requests use the `limit` parameter (<10); use pagination.
2131
+ 5. **Task Generation** — create 10 human-readable questions an LLM can answer with the MCP server, following all question and answer guidelines above.
2132
+
2133
+ ## Output Format
2134
+
2135
+ Each QA pair consists of a question and an answer, in an XML file:
2136
+
2137
+ ```xml
2138
+ <evaluation>
2139
+ <qa_pair>
2140
+ <question>Find the project created in Q2 2024 with the highest number of completed tasks. What is the project name?</question>
2141
+ <answer>Website Redesign</answer>
2142
+ </qa_pair>
2143
+ <qa_pair>
2144
+ <question>Search for issues labeled as "bug" that were closed in March 2024. Which user closed the most issues? Provide their username.</question>
2145
+ <answer>sarah_dev</answer>
2146
+ </qa_pair>
2147
+ <qa_pair>
2148
+ <question>Look for pull requests that modified files in the /api directory and were merged between January 1 and January 31, 2024. How many different contributors worked on these PRs?</question>
2149
+ <answer>7</answer>
2150
+ </qa_pair>
2151
+ <qa_pair>
2152
+ <question>Find the repository with the most stars that was created before 2023. What is the repository name?</question>
2153
+ <answer>data-pipeline</answer>
2154
+ </qa_pair>
2155
+ </evaluation>
2156
+ ```
2157
+
2158
+ A single-pair illustration of the same structure:
2159
+
2160
+ ```xml
2161
+ <evaluation>
2162
+ <qa_pair>
2163
+ <question>Find discussions about AI model launches with animal codenames. One model needed a specific safety designation that uses the format ASL-X. What number X was being determined for the model named after a spotted wild cat?</question>
2164
+ <answer>3</answer>
2165
+ </qa_pair>
2166
+ <!-- More qa_pairs... -->
2167
+ </evaluation>
2168
+ ```
2169
+
2170
+ ## Examples
2171
+
2172
+ ### Good Questions
2173
+
2174
+ **Example 1 — Multi-hop question requiring deep exploration (GitHub MCP):**
2175
+ ```xml
2176
+ <qa_pair>
2177
+ <question>Find the repository that was archived in Q3 2023 and had previously been the most forked project in the organization. What was the primary programming language used in that repository?</question>
2178
+ <answer>Python</answer>
2179
+ </qa_pair>
2180
+ ```
2181
+ Good because: requires multiple searches to find archived repositories; needs to identify which had the most forks before archival; requires examining repository details for the language; answer is a simple verifiable value; based on historical (closed) data that won't change.
2182
+
2183
+ **Example 2 — Requires understanding context without keyword matching (Project Management MCP):**
2184
+ ```xml
2185
+ <qa_pair>
2186
+ <question>Locate the initiative focused on improving customer onboarding that was completed in late 2023. The project lead created a retrospective document after completion. What was the lead's role title at that time?</question>
2187
+ <answer>Product Manager</answer>
2188
+ </qa_pair>
2189
+ ```
2190
+ Good because: doesn't use the specific project name; requires finding completed projects from a specific timeframe; needs to identify the project lead and their role; requires understanding context from retrospective documents; answer is human-readable and stable; based on completed work.
2191
+
2192
+ **Example 3 — Complex aggregation requiring multiple steps (Issue Tracker MCP):**
2193
+ ```xml
2194
+ <qa_pair>
2195
+ <question>Among all bugs reported in January 2024 that were marked as critical priority, which assignee resolved the highest percentage of their assigned bugs within 48 hours? Provide the assignee's username.</question>
2196
+ <answer>alex_eng</answer>
2197
+ </qa_pair>
2198
+ ```
2199
+ Good because: requires filtering bugs by date, priority, and status; needs to group by assignee and calculate resolution rates; requires understanding timestamps to determine 48-hour windows; tests pagination; answer is a single username; based on historical data.
2200
+
2201
+ **Example 4 — Requires synthesis across multiple data types (CRM MCP):**
2202
+ ```xml
2203
+ <qa_pair>
2204
+ <question>Find the account that upgraded from the Starter to Enterprise plan in Q4 2023 and had the highest annual contract value. What industry does this account operate in?</question>
2205
+ <answer>Healthcare</answer>
2206
+ </qa_pair>
2207
+ ```
2208
+ Good because: requires understanding subscription tier changes; needs to identify upgrade events in a specific timeframe; requires comparing contract values; must access account industry information; answer is simple and verifiable; based on completed historical transactions.
2209
+
2210
+ ### Poor Questions
2211
+
2212
+ **Example 1 — Answer changes over time:**
2213
+ ```xml
2214
+ <qa_pair>
2215
+ <question>How many open issues are currently assigned to the engineering team?</question>
2216
+ <answer>47</answer>
2217
+ </qa_pair>
2218
+ ```
2219
+ Poor because: the answer changes as issues are created, closed, or reassigned; not based on stable data; relies on dynamic "current state."
2220
+
2221
+ **Example 2 — Too easy with keyword search:**
2222
+ ```xml
2223
+ <qa_pair>
2224
+ <question>Find the pull request with title "Add authentication feature" and tell me who created it.</question>
2225
+ <answer>developer123</answer>
2226
+ </qa_pair>
2227
+ ```
2228
+ Poor because: solvable with a straightforward keyword search for the exact title; doesn't require deep exploration or understanding; no synthesis or analysis needed.
2229
+
2230
+ **Example 3 — Ambiguous answer format:**
2231
+ ```xml
2232
+ <qa_pair>
2233
+ <question>List all the repositories that have Python as their primary language.</question>
2234
+ <answer>repo1, repo2, repo3, data-pipeline, ml-tools</answer>
2235
+ </qa_pair>
2236
+ ```
2237
+ Poor because: the answer is a list that could be returned in any order; difficult to verify with direct string comparison; an LLM might format differently (JSON array, comma-separated, newline-separated); better to ask for a specific aggregate (count) or superlative (most stars).
2238
+
2239
+ ## Verification Process
2240
+
2241
+ After creating evaluations:
2242
+ 1. **Examine the XML file** to understand the schema.
2243
+ 2. **Load each task instruction** and, in parallel using the MCP server and tools, identify the correct answer by attempting to solve the task YOURSELF.
2244
+ 3. **Flag any operations** that require WRITE or DESTRUCTIVE operations.
2245
+ 4. **Accumulate all CORRECT answers** and replace any incorrect answers in the document.
2246
+ 5. **Remove any `<qa_pair>`** that requires WRITE or DESTRUCTIVE operations.
2247
+
2248
+ Parallelize solving tasks to avoid running out of context, then accumulate all answers and make changes to the file at the end.
2249
+
2250
+ ## Tips for Quality Evaluations
2251
+
2252
+ 1. **Think Hard and Plan Ahead** before generating tasks.
2253
+ 2. **Parallelize Where Opportunity Arises** to speed up the process and manage context.
2254
+ 3. **Focus on Realistic Use Cases** that humans would actually want to accomplish.
2255
+ 4. **Create Challenging Questions** that test the limits of the MCP server's capabilities.
2256
+ 5. **Ensure Stability** by using historical data and closed concepts.
2257
+ 6. **Verify Answers** by solving the questions yourself using the MCP server tools.
2258
+ 7. **Iterate and Refine** based on what you learn during the process.
2259
+
2260
+ ---
2261
+ <!-- module: 16-evaluation-running.md -->
2262
+
2263
+ # Evaluations — Running the Harness
2264
+
2265
+ After creating your evaluation file (see `15-evaluation-design.md`), use the provided evaluation harness (`scripts/evaluation.py`) to test your MCP server.
2266
+
2267
+ ## Setup
2268
+
2269
+ 1. **Install Dependencies**
2270
+ ```bash
2271
+ pip install -r scripts/requirements.txt
2272
+ ```
2273
+ Or install manually:
2274
+ ```bash
2275
+ pip install anthropic mcp
2276
+ ```
2277
+
2278
+ 2. **Set API Key**
2279
+ ```bash
2280
+ export ANTHROPIC_API_KEY=your_api_key_here
2281
+ ```
2282
+
2283
+ ## Evaluation File Format
2284
+
2285
+ Evaluation files use XML format with `<qa_pair>` elements:
2286
+
2287
+ ```xml
2288
+ <evaluation>
2289
+ <qa_pair>
2290
+ <question>Find the project created in Q2 2024 with the highest number of completed tasks. What is the project name?</question>
2291
+ <answer>Website Redesign</answer>
2292
+ </qa_pair>
2293
+ <qa_pair>
2294
+ <question>Search for issues labeled as "bug" that were closed in March 2024. Which user closed the most issues? Provide their username.</question>
2295
+ <answer>sarah_dev</answer>
2296
+ </qa_pair>
2297
+ </evaluation>
2298
+ ```
2299
+
2300
+ ## Running Evaluations
2301
+
2302
+ The evaluation script (`scripts/evaluation.py`) supports three transport types.
2303
+
2304
+ **Important:**
2305
+ - **stdio transport:** the evaluation script automatically launches and manages the MCP server process for you. Do not run the server manually.
2306
+ - **sse/http transports:** you must start the MCP server separately before running the evaluation. The script connects to the already-running server at the specified URL.
2307
+
2308
+ ### 1. Local STDIO Server
2309
+
2310
+ For locally-run MCP servers (script launches the server automatically):
2311
+
2312
+ ```bash
2313
+ python scripts/evaluation.py \
2314
+ -t stdio \
2315
+ -c python \
2316
+ -a my_mcp_server.py \
2317
+ evaluation.xml
2318
+ ```
2319
+
2320
+ With environment variables:
2321
+ ```bash
2322
+ python scripts/evaluation.py \
2323
+ -t stdio \
2324
+ -c python \
2325
+ -a my_mcp_server.py \
2326
+ -e API_KEY=abc123 \
2327
+ -e DEBUG=true \
2328
+ evaluation.xml
2329
+ ```
2330
+
2331
+ ### 2. Server-Sent Events (SSE)
2332
+
2333
+ For SSE-based MCP servers (you must start the server first):
2334
+
2335
+ ```bash
2336
+ python scripts/evaluation.py \
2337
+ -t sse \
2338
+ -u https://example.com/mcp \
2339
+ -H "Authorization: Bearer token123" \
2340
+ -H "X-Custom-Header: value" \
2341
+ evaluation.xml
2342
+ ```
2343
+
2344
+ ### 3. HTTP (Streamable HTTP)
2345
+
2346
+ For HTTP-based MCP servers (you must start the server first):
2347
+
2348
+ ```bash
2349
+ python scripts/evaluation.py \
2350
+ -t http \
2351
+ -u https://example.com/mcp \
2352
+ -H "Authorization: Bearer token123" \
2353
+ evaluation.xml
2354
+ ```
2355
+
2356
+ ## Command-Line Options
2357
+
2358
+ ```
2359
+ usage: evaluation.py [-h] [-t {stdio,sse,http}] [-m MODEL] [-c COMMAND]
2360
+ [-a ARGS [ARGS ...]] [-e ENV [ENV ...]] [-u URL]
2361
+ [-H HEADERS [HEADERS ...]] [-o OUTPUT]
2362
+ eval_file
2363
+
2364
+ positional arguments:
2365
+ eval_file Path to evaluation XML file
2366
+
2367
+ optional arguments:
2368
+ -h, --help Show help message
2369
+ -t, --transport Transport type: stdio, sse, or http (default: stdio)
2370
+ -m, --model Claude model to use (default: claude-3-7-sonnet-20250219)
2371
+ -o, --output Output file for report (default: print to stdout)
2372
+
2373
+ stdio options:
2374
+ -c, --command Command to run MCP server (e.g., python, node)
2375
+ -a, --args Arguments for the command (e.g., server.py)
2376
+ -e, --env Environment variables in KEY=VALUE format
2377
+
2378
+ sse/http options:
2379
+ -u, --url MCP server URL
2380
+ -H, --header HTTP headers in 'Key: Value' format
2381
+ ```
2382
+
2383
+ ## Output
2384
+
2385
+ The evaluation script generates a detailed report including:
2386
+
2387
+ - **Summary Statistics:** Accuracy (correct/total); Average task duration; Average tool calls per task; Total tool calls.
2388
+ - **Per-Task Results:** Prompt and expected response; Actual response from the agent; Whether the answer was correct (✅/❌); Duration and tool call details; Agent's summary of its approach; Agent's feedback on the tools.
2389
+
2390
+ ### Save Report to File
2391
+
2392
+ ```bash
2393
+ python scripts/evaluation.py \
2394
+ -t stdio \
2395
+ -c python \
2396
+ -a my_server.py \
2397
+ -o evaluation_report.md \
2398
+ evaluation.xml
2399
+ ```
2400
+
2401
+ ## Complete Example Workflow
2402
+
2403
+ 1. **Create your evaluation file** (`my_evaluation.xml`):
2404
+ ```xml
2405
+ <evaluation>
2406
+ <qa_pair>
2407
+ <question>Find the user who created the most issues in January 2024. What is their username?</question>
2408
+ <answer>alice_developer</answer>
2409
+ </qa_pair>
2410
+ <qa_pair>
2411
+ <question>Among all pull requests merged in Q1 2024, which repository had the highest number? Provide the repository name.</question>
2412
+ <answer>backend-api</answer>
2413
+ </qa_pair>
2414
+ <qa_pair>
2415
+ <question>Find the project that was completed in December 2023 and had the longest duration from start to finish. How many days did it take?</question>
2416
+ <answer>127</answer>
2417
+ </qa_pair>
2418
+ </evaluation>
2419
+ ```
2420
+
2421
+ 2. **Install dependencies**:
2422
+ ```bash
2423
+ pip install -r scripts/requirements.txt
2424
+ export ANTHROPIC_API_KEY=your_api_key
2425
+ ```
2426
+
2427
+ 3. **Run evaluation**:
2428
+ ```bash
2429
+ python scripts/evaluation.py \
2430
+ -t stdio \
2431
+ -c python \
2432
+ -a github_mcp_server.py \
2433
+ -e GITHUB_TOKEN=ghp_xxx \
2434
+ -o github_eval_report.md \
2435
+ my_evaluation.xml
2436
+ ```
2437
+
2438
+ 4. **Review the report** in `github_eval_report.md` to: see which questions passed/failed; read the agent's feedback on your tools; identify areas for improvement; iterate on your MCP server design.
2439
+
2440
+ ## Troubleshooting
2441
+
2442
+ ### Connection Errors
2443
+ - **STDIO:** verify the command and arguments are correct.
2444
+ - **SSE/HTTP:** check the URL is accessible and headers are correct.
2445
+ - Ensure any required API keys are set in environment variables or headers.
2446
+
2447
+ ### Low Accuracy
2448
+ If many evaluations fail:
2449
+ - Review the agent's feedback for each task.
2450
+ - Check if tool descriptions are clear and comprehensive.
2451
+ - Verify input parameters are well-documented.
2452
+ - Consider whether tools return too much or too little data.
2453
+ - Ensure error messages are actionable.
2454
+
2455
+ ### Timeout Issues
2456
+ If tasks are timing out:
2457
+ - Use a more capable model (e.g., `claude-3-7-sonnet-20250219`).
2458
+ - Check if tools are returning too much data.
2459
+ - Verify pagination is working correctly.
2460
+ - Consider simplifying complex questions.