MCP · AIbeginner

MCP Server Config (.mcp.json)

A Model Context Protocol server config — the .mcp.json shared by Claude Code, Cursor and Windsurf — wiring up a local stdio server and a remote HTTP server so AI agents can call external tools.

mcpmodel-context-protocolaiclaude-codetools

Preview

{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "./src"
      ]
    },
    "github": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-github"
      ],
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_TOKEN}"
      }
    },
    "sentry": {
      "type": "http",
      "url": "https://mcp.sentry.dev/mcp",
      "headers": {
        "Authorization": "Bearer ${SENTRY_TOKEN}"
      }
    }
  }
}

AI actions

Documentation

Purpose

Declare the Model Context Protocol servers an AI agent may connect to, so it can read files, query databases or call APIs through a standard tool interface.

When to use

Giving Claude Code, Cursor or Windsurf access to external tools in a repo — checked in as .mcp.json so the whole team shares the same servers.

Required fields

  • mcpServers — a map of server name to its launch/connection config
  • command — the executable for a stdio server (or type + url for remote)

Optional fields

  • args — command-line arguments passed to a stdio server
  • env — environment variables (often secret references) for the server
  • type — "stdio" (default), "http" or "sse" for remote servers
  • headers — auth headers for an http/sse server

Best practices

  • Reference secrets via ${ENV_VAR} rather than hardcoding tokens in the file.
  • Scope each server to the least access it needs (e.g. a read-only DB role).
  • Commit .mcp.json so every contributor and Codespace gets the same servers.

Security considerations

  • Never commit real tokens; use environment-variable expansion for anything secret.
  • Only add servers from sources you trust — an MCP server can execute arbitrary code.
  • Prefer read-only credentials for database and API servers.