Build Model Context Protocol (MCP) servers and tools from scratch. Full-stack MCP development with TypeScript/Python, testing, deployment, and registry publishing.
Install with the open skills CLI (global, non-interactive — available in every Claude Code session):
npx skills add sickn33/agentic-awesome-skills --skill "mcp-tool-developer" -g -a claude-code -yOr manually — copy the SKILL.md below into:
~/.claude/skills/mcp-tool-developer-sickn33/SKILL.md---
name: mcp-tool-developer
description: "Build Model Context Protocol (MCP) servers and tools from scratch. Full-stack MCP development with TypeScript/Python, testing, deployment, and registry publishing."
category: developer-tools
risk: safe
source: community
source_repo: demo112/yunqu-ai-skills
source_type: community
date_added: "2026-05-13"
author: yundu-ai
tags: [mcp, ai-agent, tool-development, typescript, python, llm, model-context-protocol]
tools: [claude, cursor, gemini]
---
# MCP Tool Developer
## Overview
Expert at building Model Context Protocol (MCP) servers that give AI agents new capabilities. Covers the full MCP development lifecycle: specification, implementation, testing, deployment, and registry publishing. Supports both TypeScript and Python with production-ready patterns.
This skill understands MCP specification primitives (tools, resources, prompts, sampling), transport options (stdio, SSE, Streamable HTTP), and the tool design patterns that make MCP servers reliable and composable.
## When to Use This Skill
- Use when building a new MCP server from scratch
- Use when wrapping an existing API as an MCP tool
- Use when debugging MCP server issues
- Use when designing the tool schema for an MCP server
- Use when publishing an MCP server to a registry
## How It Works
### Step 1: Define the MCP Server Scope
Identify what capabilities the server should expose:
- **Tools** - Functions the LLM can call (primary use case)
- **Resources** - Data the LLM can read (files, APIs, databases)
- **Prompts** - Reusable prompt templates
Choose the transport:
- **stdio** - For local CLI tools (Claude Code, Cursor)
- **SSE (Server-Sent Events)** - For remote/hosted tools
- **Streamable HTTP** - New in MCP spec for modern deployments
### Step 2: Design the Tool Schema
Define input/output schemas before writing implementation:
```typescript
{
name: "tool_name",
description: "What this tool does (visible to the LLM)",
inputSchema: {
type: "object",
properties: { ... },
required: [ ... ]
}
}
```
### Step 3: Implement the Server
Create the server with proper error handling, validation, and logging. Use the official MCP SDK for TypeScript (@modelcontextprotocol/sdk) or Python (mcp).
### Step 4: Test and Deploy
Test with the MCP Inspector, validate tool schemas, handle edge cases, then deploy locally or remotely.
## Examples
### Example 1: TypeScript MCP Server
```typescript
import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
import { z } from "zod";
const server = new McpServer({ name: "my-tools", version: "1.0.0" });
server.tool("greet", "Greet someone by name",
{ name: z.string().describe("Person's name") },
async ({ name }) => ({ content: [{ type: "text", text: `Hello, ${name}!` }] })
);
const transport = new StdioServerTransport();
await server.connect(transport);
```
### Example 2: API Wrapper Pattern
Wrap an external API as an MCP tool with auth, rate limiting, and error handling:
- Map API endpoints to tools
- Handle auth via environment variables
- Transform API responses to LLM-friendly format
- Add retry logic with exponential backoff
## Best Practices
- Build small, focused tools that can be chained rather than monolithic tools
- Return structured errors, not crashes - tools should fail gracefully
- Define schemas before implementation
- Include descriptions that help the LLM understand when and how to use each tool
- Validate all inputs against the schema
- Add rate limiting for external API calls
- Use environment variables for secrets, never hardcode credentials
## Limitations
- This skill provides guidance and code generation; actual runtime testing requires a development environment
- MCP specification is evolving; always check the latest spec version
- Security review is essential before deploying tools that handle sensitive data
## Security and Safety Notes
- Never hardcode API keys or credentials in tool implementations
- Use environment variables or secret managers for all authentication
- Validate and sanitize all inputs to prevent injection attacks
- Rate limit external API calls to prevent abuse
- Review tool permissions carefully - tools can access files, networks, and execute code
## Common Pitfalls
- **Problem:** LLM calls tools with wrong parameters
**Solution:** Improve tool descriptions and add examples in the description field. The LLM reads descriptions to decide how to call tools.
- **Problem:** Tool times out on large inputs
**Solution:** Add input size validation and pagination. Stream large responses instead of buffering.
## Related Skills
- `api-integration-architect` - For API design patterns used in MCP tools
- `security-audit-code-reviewer` - For reviewing MCP server code security
Use when facing 2+ independent tasks that can be worked on without shared state or sequential dependencies
Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes
Use when implementing any feature or bugfix, before writing implementation code