Model Context Protocol (MCP)
MCP (Model Context Protocol) integration enables Kollabor to connect with external tools and services through a standardized JSON-RPC 2.0 protocol. Extend your AI agent's capabilities with filesystem access, databases, APIs, web search, and more.
What is MCP?
The Model Context Protocol is an open standard (protocol version 2024-11-05) that enables AI applications to connect to external data sources and tools. It standardizes communication between LLMs and external services, allowing the AI to:
- Access filesystems - Read, write, search, and manipulate files and directories
- Query databases - Execute SQL queries on SQLite, PostgreSQL, and more
- Integrate with APIs - GitHub, Slack, Google Drive, and custom APIs
- Search the web - Brave Search, Google, and other search engines
- Control browsers - Puppeteer automation for web scraping and testing
MCP uses JSON-RPC 2.0 over stdio (standard input/output) for communication, making it language-agnostic and easy to implement.
MCP in Kollab CLI vs App
Kollab CLI
- + Automatic server discovery from config
- + Real-time status monitoring plugin
- + Interactive setup wizard (/mcp setup)
- + Hot reload configuration changes
- + Event-driven lifecycle hooks
- + Command-line server management
Kowork
- + Visual MCP server selector
- + GUI configuration interface
- + Health monitoring with auto-reconnect
- + Security hardening (command whitelist)
- + Configurable timeouts & rate limits
- + Rust-based Tauri backend
MCP in Kollab CLI
Quick Start
The CLI provides an interactive setup wizard that walks you through configuring MCP servers:
# Run the interactive setup wizard
/mcp setup
# Or manually create configuration
mkdir -p ~/.kollabor-cli/mcp
cp docs/mcp/mcp_settings.example.json ~/.kollabor-cli/mcp/mcp_settings.jsonConfiguration
MCP servers are configured via mcp_settings.json in either:
~/.kollabor-cli/mcp/- Global configuration (all projects).kollabor-cli/mcp/- Project-specific (overrides global)
{
"servers": {
"filesystem": {
"type": "stdio",
"command": "npx -y @modelcontextprotocol/server-filesystem /Users/yourname",
"enabled": true,
"description": "File system access"
},
"github": {
"type": "stdio",
"command": "npx -y @modelcontextprotocol/server-github",
"enabled": true,
"env": {
"GITHUB_TOKEN": "ghp_your_token_here"
}
}
}
}Architecture
The CLI's MCP integration is built on an event-driven architecture with several core components:
core/llm/mcp_integration.pyMain integration class. Handles server discovery, connection management, tool registration, and execution. Implements MCP JSON-RPC protocol (initialize, tools/list, tools/call).
plugins/mcp_status_plugin.pyReal-time status monitoring plugin. Tracks server connections, tool counts, and errors. Displays status in terminal UI status areas via event hooks.
core/commands/mcp_command.pySlash command handler (/mcp). Provides interactive setup wizard, server management (enable/disable/test), and tool listing.
Slash Commands
/mcp setup # Interactive setup wizard
/mcp list # List all servers and status
/mcp test <server> # Test connection to server
/mcp enable <server> # Enable a server
/mcp disable <server> # Disable a server
/mcp show # Show MCP status panel
/mcp tools [server] # List available toolsEvent System Integration
MCP integration emits events throughout its lifecycle that plugins can hook into:
# Event types available for hooks
MCP_SERVER_DISCOVER # Discovery started
MCP_SERVER_DISCOVERED # Servers found in config
MCP_SERVER_CONNECT # Connection attempt
MCP_SERVER_CONNECTED # Successfully connected
MCP_SERVER_DISCONNECT # Server disconnected
MCP_SERVER_ERROR # Connection/execution error
MCP_TOOL_REGISTER # Tool registered
MCP_TOOL_UNREGISTER # Tool unregistered
MCP_TOOL_CALL_PRE # Before tool execution
MCP_TOOL_CALL_POST # After tool executionMCP in Kowork
Visual Configuration
The desktop app provides a graphical interface for managing MCP servers through the Settings panel. Configuration is stored in the app's settings.json file.
Architecture
The app uses a Tauri-based architecture with Rust backend and Vue frontend:
src-tauri/src/commands/mcp.rsRust MCP client implementation. Spawns server processes, manages stdio communication, handles JSON-RPC protocol, and enforces security policies.
src-vue/src/components/settings/MCPSettings.vueVisual MCP server configuration interface. Add/edit/remove servers, configure environment variables, and manage server state.
src-vue/src/components/chat/MCPServerSelector.vueChat interface component for selecting active MCP servers. Shows server status, tool count, and connection health.
Security Features
- Command whitelist - Only allowed executables (node, npx, python, uvx) can be used
- Argument validation - Shell metacharacters (&|;`$) are blocked
- Health monitoring - Process health checks with automatic reconnection
- Configurable timeouts - Per-server timeout configuration (default 30s)
- Rate limiting - Configurable per-server rate limits
Tauri Commands
// Server lifecycle
create_mcp_server(server_data) // Add server to config
start_mcp_server(server_id) // Spawn process & initialize
stop_mcp_server(server_id) // Gracefully shutdown
reconnect_mcp_server(server_id) // Restart server
update_mcp_server(server_id, data) // Update configuration
delete_mcp_server(server_id) // Remove from config
// Server management
list_mcp_servers() // Get all configured servers
get_mcp_server_tools(server_id) // List server's tools
check_mcp_server_health(server_id) // Process health check
// Tool execution
call_mcp_tool(server_id, tool_name, args) // Execute toolAvailable MCP Servers
@modelcontextprotocol/server-filesystemCoreFile system access: read, write, create, move, search files and directories. Requires specifying allowed paths for security.
@modelcontextprotocol/server-gitDevelopmentGit repository operations: status, log, diff, commit, branch management. Perfect for AI-assisted development workflows.
@modelcontextprotocol/server-githubAPIGitHub API integration: create issues, pull requests, push files, search. Requires GITHUB_TOKEN environment variable.
@modelcontextprotocol/server-brave-searchSearchWeb search using Brave Search API. Requires BRAVE_API_KEY (free tier available at api.search.brave.com).
@modelcontextprotocol/server-sqliteDatabaseSQLite database operations: execute queries, create tables, manage data. Specify database path via --db-path flag.
@modelcontextprotocol/server-puppeteerAutomationBrowser automation and web scraping: navigate, screenshot, click, fill forms. Requires Node.js and Chromium.
Discover more servers: Visit github.com/modelcontextprotocol/servers for the official server repository and community-contributed servers.
Creating Custom MCP Servers
You can create custom MCP servers in any language that supports stdio and JSON-RPC. The protocol is simple and well-documented.
Python Example
#!/usr/bin/env python3
import json
import sys
from typing import Any, Dict
class CustomMCPServer:
def __init__(self):
self.tools = [
{
"name": "my_custom_tool",
"description": "Does something amazing",
"inputSchema": {
"type": "object",
"properties": {
"input": {"type": "string", "description": "Input text"}
},
"required": ["input"]
}
}
]
def handle_initialize(self, params: Dict) -> Dict:
return {
"protocolVersion": "2024-11-05",
"capabilities": {"tools": {}},
"serverInfo": {"name": "custom-server", "version": "1.0.0"}
}
def handle_tools_list(self, params: Dict) -> Dict:
return {"tools": self.tools}
def handle_tools_call(self, params: Dict) -> Dict:
tool_name = params.get("name")
arguments = params.get("arguments", {})
if tool_name == "my_custom_tool":
result = f"Processed: {arguments.get('input', '')}"
return {"content": [{"type": "text", "text": result}]}
return {"error": "Tool not found"}
def run(self):
for line in sys.stdin:
try:
request = json.loads(line)
method = request.get("method")
params = request.get("params", {})
request_id = request.get("id")
# Route to handler
if method == "initialize":
result = self.handle_initialize(params)
elif method == "tools/list":
result = self.handle_tools_list(params)
elif method == "tools/call":
result = self.handle_tools_call(params)
else:
result = {"error": f"Unknown method: {method}"}
# Send response
response = {
"jsonrpc": "2.0",
"id": request_id,
"result": result
}
print(json.dumps(response), flush=True)
except Exception as e:
error_response = {
"jsonrpc": "2.0",
"id": request.get("id"),
"error": {"code": -32603, "message": str(e)}
}
print(json.dumps(error_response), flush=True)
if __name__ == "__main__":
server = CustomMCPServer()
server.run()Configuration
{
"servers": {
"my-custom-server": {
"type": "stdio",
"command": "python3 /path/to/custom_server.py",
"enabled": true,
"description": "My custom MCP server"
}
}
}Development Resources: Visit modelcontextprotocol.io for the official specification, SDK documentation, and best practices.
Troubleshooting
Issue: MCP tools not appearing
- 1. Verify configuration syntax:
python -m json.tool mcp_settings.json - 2. Check that
"enabled": truefor desired servers - 3. Restart Kollabor to reload configuration
- 4. Check logs for initialization errors
Issue: Server fails to start
- 1. Verify npx is installed:
npx --version - 2. Test server command manually in terminal
- 3. Check Node.js version (requires 18+):
node --version - 4. Verify API keys are set for servers that require them
Issue: Permission errors
- 1. Check filesystem server allowed paths match your working directory
- 2. Verify API tokens have required scopes (e.g., GitHub needs 'repo' scope)
- 3. Ensure database connection strings are correct
- 4. Review Kollabor's permission system settings (/permissions in CLI)
Issue: Tools execute slowly or timeout
- 1. Increase timeout in server config (App only):
"timeout_secs": 60 - 2. Check network connectivity for API-based servers
- 3. Verify server process is responsive (check CPU/memory usage)
- 4. Enable debug logging to identify bottlenecks
Security Best Practices
Principle of Least Privilege
Only enable servers you actively need. Disable unused servers to minimize attack surface. Review enabled servers regularly.
Restrict Filesystem Access
Specify only necessary directories when configuring filesystem server. Never use root (/) or home directory unless absolutely required.
Use Scoped API Tokens
Create tokens with minimum required scopes. Store in environment variables instead of config files. Rotate tokens regularly.
Review Tool Permissions
MCP tools respect Kollabor's permission system. Configure approval mode appropriately (CLI: /permissions strict, App: Settings > Security).
Project-Specific Configuration
Use local .kollabor-cli/mcp/ config for project-specific servers to isolate permissions and avoid cross-project tool access.