mcp-builder

Pass
Comprehensive guide for building Model Context Protocol (MCP) servers with support for tools, resources, prompts, and authentication. Use when: (1) Creating custom MCP servers, (2) Integrating external APIs with Claude, (3) Building tool servers for specialized domains, (4) Creating resource providers for documentation, (5) Implementing authentication and security
@AutumnsGrove•MIT•2/19/2026
(0)
3stars
0downloads
2views
Install Skill

Skills are third-party code from public GitHub repositories. SkillHub scans for known malicious patterns but cannot guarantee safety. Review the source code before installing.
Install with CLI
Install globally (user-level):
npx skillhub install AutumnsGrove/ClaudeSkills/mcp-builder
Install in current project:
npx skillhub install AutumnsGrove/ClaudeSkills/mcp-builder --project
Suggested path: ~/.claude/skills/mcp-builder/
SKILL.md Content

---
name: mcp-builder
description: "Comprehensive guide for building Model Context Protocol (MCP) servers with support for tools, resources, prompts, and authentication. Use when: (1) Creating custom MCP servers, (2) Integrating external APIs with Claude, (3) Building tool servers for specialized domains, (4) Creating resource providers for documentation, (5) Implementing authentication and security"
---

# MCP Builder - Model Context Protocol Server Development

## What is MCP?

Model Context Protocol (MCP) is an open standard created by Anthropic that enables AI assistants like Claude to securely connect to external data sources and tools. Think of it as a universal adapter that allows Claude to interact with any system, API, or data source through a standardized interface.

**Key Benefits:**
- **Standardization**: One protocol for all integrations
- **Security**: Built-in authentication and permission controls
- **Flexibility**: Support for tools, resources, and prompts
- **Scalability**: Designed for production workloads
- **Modularity**: Create reusable MCP servers for different domains

## Architecture Overview

MCP follows a client-server architecture:

```
┌─────────────┐         ┌─────────────┐         ┌──────────────┐
│   Claude    │ ←──MCP──→ │ MCP Server  │ ←──────→ │ External API │
│  (Client)   │         │  (Your Code) │         │  Database    │
└─────────────┘         └─────────────┘         └──────────────┘
```

**Components:**
- **Client**: Claude Desktop, Claude Code, or custom applications
- **Server**: Your MCP implementation (Python, TypeScript, etc.)
- **Transport**: Communication channel (stdio, HTTP, SSE)
- **Protocol**: Standardized message format (JSON-RPC 2.0)

For detailed protocol specification, see [Protocol Specification Reference](./references/protocol-specification.md).

## Core Components

### 1. Tools: Exposing Functions Claude Can Call

Tools are the primary way to give Claude new capabilities. Each tool is a function that Claude can invoke with specific arguments.

**Tool Definition Structure:**
```python
{
    "name": "tool_name",
    "description": "Clear description of what this tool does",
    "inputSchema": {
        "type": "object",
        "properties": {
            "param1": {
                "type": "string",
                "description": "Description of parameter"
            }
        },
        "required": ["param1"]
    }
}
```

**Key Principles:**
- **Clear naming**: Use descriptive, action-oriented names (e.g., `search_database`, not `db_query`)
- **Comprehensive descriptions**: Explain what the tool does, when to use it, and what it returns
- **Strong schemas**: Use JSON Schema to validate inputs and guide Claude
- **Error handling**: Return clear error messages when things go wrong

For complete schema design patterns and best practices, see [Tool Schema Reference](./references/tool-schemas.md).

### 2. Resources: Providing Data/Documentation Access

Resources allow Claude to access files, documentation, or structured data. Unlike tools (which perform actions), resources provide information.

**Resource Types:**
- **Static**: Fixed content (e.g., documentation files)
- **Dynamic**: Generated on-demand (e.g., database queries)
- **Templates**: Parameterized resources (e.g., user profiles)

**Resource URI Patterns:**
```
file:///path/to/file.txt          # Local file
http://example.com/api/docs       # HTTP resource
custom://database/users/123       # Custom scheme
template://report/{user_id}       # Template resource
```

### 3. Prompts: Reusable Prompt Templates

Prompts are pre-defined message templates that users can invoke. They help standardize common workflows and best practices.

**Prompt Definition:**
```python
{
    "name": "code_review",
    "description": "Comprehensive code review checklist",
    "arguments": [
        {
            "name": "language",
            "description": "Programming language",
            "required": True
        }
    ]
}
```

### 4. Authentication Methods

MCP supports multiple authentication methods:
- **No Authentication** (development only)
- **API Key Authentication** (simple, medium security)
- **OAuth 2.0** (third-party, high security)
- **Bearer Token** (API-to-API, high security)

For complete security implementation guides, see [Security Best Practices](./references/security-guide.md).

## Server Implementation Workflow

### Phase 1: Project Setup

Create your MCP server project:

```bash
# Create project directory
mkdir my-mcp-server
cd my-mcp-server

# Initialize Python project
uv init
uv add mcp

# Create server file
touch server.py
```

### Phase 2: Basic Server Structure

**Minimal working server:**

```python
from mcp.server import Server
from mcp.server.stdio import stdio_server
from mcp.types import Tool, TextContent
import asyncio

app = Server("my-mcp-server")

@app.list_tools()
async def list_tools():
    return [
        Tool(
            name="my_tool",
            description="Description of what this tool does",
            inputSchema={
                "type": "object",
                "properties": {
                    "param": {"type": "string"}
                },
                "required": ["param"]
            }
        )
    ]

@app.call_tool()
async def call_tool(name: str, arguments: dict):
    if name == "my_tool":
        param = arguments["param"]
        result = f"Processed: {param}"
        return [TextContent(type="text", text=result)]

async def main():
    async with stdio_server() as (read_stream, write_stream):
        await app.run(read_stream, write_stream, app.create_initialization_options())

if __name__ == "__main__":
    asyncio.run(main())
```

### Phase 3: Tool Registration and Handlers

**Registration Pattern:**
```python
@app.list_tools()
async def list_tools():
    return [
        Tool(
            name="calculator_add",
            description="Add two numbers",
            inputSchema={
                "type": "object",
                "properties": {
                    "a": {"type": "number", "description": "First number"},
                    "b": {"type": "number", "description": "Second number"}
                },
                "required": ["a", "b"]
            }
        )
    ]
```

**Handler Pattern:**
```python
@app.call_tool()
async def call_tool(name: str, arguments: dict):
    if name == "calculator_add":
        return await handle_calculator_add(arguments)
    else:
        raise ValueError(f"Unknown tool: {name}")

async def handle_calculator_add(arguments: dict):
    a = arguments["a"]
    b = arguments["b"]
    result = a + b
    return [TextContent(type="text", text=f"{a} + {b} = {result}")]
```

### Phase 4: Resource Implementation

**Static and dynamic resource examples:**
```python
from mcp.types import Resource, ResourceContents, TextResourceContents

@app.list_resources()
async def list_resources():
    return [Resource(uri="file:///docs/readme.md", name="README",
                     description="Documentation", mimeType="text/markdown")]

@app.read_resource()
async def read_resource(uri: str):
    if uri.startswith("file://"):
        with open(uri[7:], 'r') as f:
            return ResourceContents(contents=[TextResourceContents(
                uri=uri, mimeType="text/markdown", text=f.read())])
```

See [Resource Server Example](./examples/resource-server.md) for complete implementation.

### Phase 5: Error Handling and Testing

**Error Response Pattern:**
```python
async def call_tool(name: str, arguments: dict):
    try:
        return [TextContent(type="text", text=await execute_tool(name, arguments))]
    except ValueError as e:
        return [TextContent(type="text", text=f"Invalid input: {str(e)}", isError=True)]
    except Exception as e:
        logger.exception("Unexpected error")
        return [TextContent(type="text", text=f"Error: {type(e).__name__}", isError=True)]
```

**Testing:**

```bash
# Test with MCP inspector
npx @modelcontextprotocol/inspector python server.py
```

See [Testing and Debugging Guide](./references/testing-debugging.md) for comprehensive strategies.

### Phase 6: Claude Desktop Integration

**Configuration:** Edit `claude_desktop_config.json`:
- macOS: `~/Library/Application Support/Claude/`
- Windows: `%APPDATA%\Claude/`
- Linux: `~/.config/Claude/`

```json
{
  "mcpServers": {
    "my-server": {
      "command": "python",
      "args": ["/absolute/path/to/server.py"],
      "env": {"API_KEY": "your-key"}
    }
  }
}
```

## Best Practices

### Tool Schema Design

**Use descriptive names:**
```python
# ✅ Good
"search_customer_by_email"
"calculate_shipping_cost"

# ❌ Bad
"search"
"calc"
```

**Provide comprehensive descriptions:**
```python
# ✅ Good
description="""
Search for customers by email address. Returns customer profile including:
- Contact information
- Order history
- Account status
"""

# ❌ Bad
description="Search customers"
```

**Use enums for fixed options:**
```python
# ✅ Good
"status": {
    "type": "string",
    "enum": ["pending", "approved", "rejected"],
    "description": "Application status"
}
```

### Error Handling Strategies

Categorize errors with custom exceptions and provide actionable messages:

```python
class ValidationError(Exception): pass
class AuthenticationError(Exception): pass

async def call_tool(name: str, arguments: dict):
    try:
        return await execute_tool(name, arguments)
    except ValidationError as e:
        return [TextContent(type="text", text=f"Invalid input: {str(e)}", isError=True)]
```

### Security Considerations

Always validate inputs and use environment variables for secrets:

```python
# Input validation
def validate_url(url: str) -> bool:
    if urlparse(url).scheme not in ['http', 'https']:
        raise ValidationError("Only HTTP/HTTPS URLs allowed")

# Secrets management
API_KEY = os.getenv("API_KEY")  # ✅ Good
# API_KEY = "sk-1234"  # ❌ Bad - Never hardcode!
```

### Performance Optimization

Use connection pooling and parallel async operations:

```python
# ✅ Parallel execution
results = await asyncio.gather(*[fetch_user_data(uid) for uid in user_ids])

# ❌ Sequential execution (slow)
for user_id in user_ids:
    result = await fetch_user_data(user_id)
```

## Common Pitfalls

### Schema Validation Errors

**Missing required validation:**
```python
# ❌ Bad: No validation
async def handle_create_user(arguments: dict):
    username = arguments["username"]  # Will crash if missing!

# ✅ Good: Validate inputs
async def handle_create_user(arguments: dict):
    if "username" not in arguments:
        return [TextContent(type="text", text="Error: username required", isError=True)]
    username = arguments["username"]
```

### Authentication Issues

**Insecure storage:**
```python
# ❌ Bad: Hardcoded API key
API_KEY = "sk-1234567890abcdef"

# ✅ Good: Environment variables
API_KEY = os.getenv("API_KEY")
if not API_KEY:
    raise ValueError("API_KEY environment variable required")
```

### Transport Configuration

**Path issues:**
```python
# ❌ Bad: Relative path
{
  "command": "python",
  "args": ["server.py"]  # Won't work!
}

# ✅ Good: Absolute path
{
  "command": "python",
  "args": ["/Users/username/projects/mcp-server/server.py"]
}
```

### Error Propagation

**Silent failures:**
```python
# ❌ Bad: Silent failure
async def call_tool(name: str, arguments: dict):
    try:
        return await execute_tool(name, arguments)
    except Exception:
        return [TextContent(type="text", text="Something went wrong")]

# ✅ Good: Descriptive errors
async def call_tool(name: str, arguments: dict):
    try:
        return await execute_tool(name, arguments)
    except ValueError as e:
        return [TextContent(type="text", text=f"Invalid input: {str(e)}", isError=True)]
    except Exception as e:
        logger.exception("Unexpected error")
        return [TextContent(type="text", text=f"Error: {type(e).__name__}", isError=True)]
```

**Not marking errors:**
```python
# ❌ Bad
return [TextContent(type="text", text="Error: Failed")]

# ✅ Good
return [TextContent(type="text", text="Error: Failed", isError=True)]
```

## Additional Resources

### Official Documentation
- MCP Specification: https://modelcontextprotocol.io/
- Python SDK: https://github.com/modelcontextprotocol/python-sdk
- TypeScript SDK: https://github.com/modelcontextprotocol/typescript-sdk

### Detailed References
- [Protocol Specification](./references/protocol-specification.md) - Complete protocol details, message formats, transport mechanisms
- [Tool Schema Guide](./references/tool-schemas.md) - Comprehensive schema patterns and validation
- [Security Best Practices](./references/security-guide.md) - Authentication, authorization, input validation, secrets management
- [Testing and Debugging](./references/testing-debugging.md) - Unit tests, integration tests, MCP inspector usage, debugging techniques
- [Production Deployment](./references/production-deployment.md) - Production configuration, monitoring, scaling, Docker deployment

### Complete Examples
- [Simple Calculator Server](./examples/simple-calculator-server.md) - Basic arithmetic tools
- [REST API Wrapper](./examples/rest-api-wrapper.md) - GitHub API integration
- [Database Server](./examples/database-server.md) - Safe database query access
- [Resource Server](./examples/resource-server.md) - Static and dynamic resources

### Tools
- MCP Inspector: https://github.com/modelcontextprotocol/inspector
- Claude Desktop: https://claude.ai/download

## Quick Reference

### Server Template (Python)
```python
from mcp.server import Server
from mcp.server.stdio import stdio_server
from mcp.types import Tool, TextContent
import asyncio

app = Server("my-server")

@app.list_tools()
async def list_tools():
    return [Tool(name="my_tool", description="...", inputSchema={...})]

@app.call_tool()
async def call_tool(name: str, arguments: dict):
    if name == "my_tool":
        return [TextContent(type="text", text="Result")]

async def main():
    async with stdio_server() as (read_stream, write_stream):
        await app.run(read_stream, write_stream, app.create_initialization_options())

if __name__ == "__main__":
    asyncio.run(main())
```

### Common Patterns

**Error handling:**
```python
return [TextContent(type="text", text="Error message", isError=True)]
```

**Async operations:**
```python
results = await asyncio.gather(*tasks)
```

**Input validation:**
```python
if "required_param" not in arguments:
    return [TextContent(type="text", text="Missing parameter", isError=True)]
```

---

**End of MCP Builder Skill Guide**

For complete working examples and detailed technical references, explore the `examples/` and `references/` directories.
Links

Repository
AutumnsGrove/ClaudeSkills