One-Line Summary: The Model Context Protocol (MCP) is the cross-harness tool standard — a single MCP server runs identically inside Claude Code, Cursor, ruflo, Codex CLI, Zed, and Continue, which is why the same github or postgres server installation works everywhere and why MCP, not any harness's native tool format, became the lingua franca of harness extensions.
Prerequisites: Function calling, what is an AI harness, model context protocol
What Is MCP at the Harness Layer?
MCP is covered in the foundational model-context-protocol.md concept; this concept treats it from the harness perspective. The relevant facts:
- MCP defines a transport (JSON-RPC over stdio or HTTP/SSE) and a primitive set (tools, resources, prompts) that any client and any server speaks.
- Every major 2026 harness ships an MCP client built in: Claude Code, Codex CLI, Cursor, ruflo, Zed, Continue, Sourcegraph Cody.
- A user installs an MCP server once (typically as an
npxinvocation or a binary) and it becomes available to every MCP-aware harness on that machine.
This shared substrate is the most important interoperability win of the agent ecosystem. Without MCP, every harness would have its own tool format and tools would not portage across.
How MCP Plugs Into a Harness
Each harness has a config slot where MCP servers are declared:
- Claude Code:
settings.jsonmcpServersfield —{ "filesystem": { "command": "npx", "args": ["-y", "@modelcontextprotocol/server-filesystem", "/some/path"] } }. - Cursor:
mcp.jsonper workspace. - ruflo: Inherits Claude Code's config; ruflo plugins can also bundle their own MCP servers.
- Codex CLI:
~/.codex/config.toml.
At startup, the harness spawns each declared MCP server (stdio servers as subprocesses; HTTP servers must be reachable). It negotiates capabilities, gets the tool list, and merges those tools into the active registry. From the model's perspective, MCP-provided tools are indistinguishable from native tools — they appear in the same tool-call interface.
Why It Matters
Three reasons MCP is load-bearing for this course:
- Portability: Tool work invested in MCP is harness-portable. A
linearMCP server you build for Claude Code drops into Cursor without modification. - Plugin distribution: Most plugin systems lean on MCP for tools because it makes plugins less harness-specific.
- Permission boundary: An MCP server is a separate process. The harness can sandbox it, monitor it, terminate it, or replace it without modifying the model loop. This is much cleaner than tools coded into the harness binary.
Key Technical Details
- Stdio vs. HTTP: Stdio is simpler, faster, and more secure (no network exposure). HTTP is needed when the MCP server is remote or when multiple clients share one server. Default to stdio when possible.
- Tool annotations: Tools can declare side-effecting vs. read-only, enabling harnesses to gate them with confirmation prompts.
- Resources are read-only: Files, database snapshots, etc. — useful for adding context the model should be aware of but does not act on.
- Prompts are slash-command-shaped: An MCP server can ship reusable prompt templates that surface as slash commands in the harness UI.
- Discovery via initialization handshake: When the client connects, the server responds with its capabilities and tool list. This is dynamic — the tool set can vary between sessions.
- Resource subscriptions: For long-running sessions, an MCP server can notify the client when a resource changes (e.g., a watched file is modified), enabling reactive patterns.
- Sampling: An MCP server can request the client perform an LLM call. This lets servers leverage AI without embedding their own model — useful but requires careful permission scoping.
How Harnesses & Frameworks Implement This
| Harness / Framework | MCP client | Notes |
|---|---|---|
| Claude Code | ✅ native | mcpServers in settings |
| Claude Agent SDK | ✅ programmatic | agent.useMCP(...) |
| ruflo | ✅ native; 314 tools across 5 server groups | Heavy MCP user |
| LangGraph | ✅ via integrations | langchain-mcp adapter |
| AutoGen | ⚠ partial; ecosystem catching up | Ad-hoc adapters |
| CrewAI | ⚠ partial | Ad-hoc adapters |
| OpenAI Agents SDK | ✅ | mcp_servers=[...] |
| Codex CLI | ✅ | Native |
| Cursor | ✅ | mcp.json per workspace |
Connections to Other Concepts
../../ai-agent-concepts/04-tool-use-and-integration/model-context-protocol.md— Foundational MCP coverage.plugin-and-marketplace-systems.md— How MCP servers ship inside plugins.permission-and-tool-scoping-primitives.md— The permission boundary MCP gives you for free.cross-machine-agent-federation.md— HTTP/SSE MCP and federation often co-occur.
Further Reading
- Model Context Protocol Specification — modelcontextprotocol.io.
- Anthropic, "Introducing MCP" (2024) — The original announcement.
- ruvnet, ruflo MCP servers documentation — A worked example of operating MCP at scale.