agent MCP — Anwendungsfälle, Installieren & Live-Demo

Warum nutzen

Hauptfunktionen

OAuth 2.1 + scope-based auth out of the box
Hot-reload: edit config, new upstreams appear without restart
Audit logging on every tool call
Tag-based filtering so different clients see different tool sets
Runs via npx @1mcp/agent, binary, or Docker

Live-Demo

In der Praxis

agent.replay ▶ bereit

0/0

Installieren

Wählen Sie Ihren Client

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "agent": {
      "command": "npx",
      "args": [
        "-y",
        "agent"
      ],
      "_inferred": true
    }
  }
}

Öffne Claude Desktop → Settings → Developer → Edit Config. Nach dem Speichern neu starten.

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "agent": {
      "command": "npx",
      "args": [
        "-y",
        "agent"
      ],
      "_inferred": true
    }
  }
}

Cursor nutzt das gleiche mcpServers-Schema wie Claude Desktop. Projektkonfiguration schlägt die globale.

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "agent": {
      "command": "npx",
      "args": [
        "-y",
        "agent"
      ],
      "_inferred": true
    }
  }
}

Klicken Sie auf das MCP-Servers-Symbol in der Cline-Seitenleiste, dann "Edit Configuration".

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "agent": {
      "command": "npx",
      "args": [
        "-y",
        "agent"
      ],
      "_inferred": true
    }
  }
}

Gleiche Struktur wie Claude Desktop. Windsurf neu starten zum Übernehmen.

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "agent",
      "command": "npx",
      "args": [
        "-y",
        "agent"
      ]
    }
  ]
}

Continue nutzt ein Array von Serverobjekten statt einer Map.

~/.config/zed/settings.json

{
  "context_servers": {
    "agent": {
      "command": {
        "path": "npx",
        "args": [
          "-y",
          "agent"
        ]
      }
    }
  }
}

In context_servers hinzufügen. Zed lädt beim Speichern neu.

claude mcp add agent -- npx -y agent

Einzeiler. Prüfen mit claude mcp list. Entfernen mit claude mcp remove.

Anwendungsfälle

Praxisnahe Nutzung: agent

Run a multi-tenant MCP gateway for different teams

👤 Platform teams serving multiple squads with different tool needs ⏱ ~45 min advanced

Wann einsetzen: Design and Eng need different MCPs, but you don't want to run two gateways.

Voraussetzungen

A host with Node 20+ or Docker — Any small VM
OAuth IdP (or use built-in for local) — Dex, Auth0, Okta — anything that speaks OIDC

Ablauf

Define scopes in the agent config

Draft an agent config where 'design' scope exposes figma and davinci-resolve MCPs, 'eng' scope exposes github, sentry, postgres.✓ Kopiert

→ Config with scoped upstream mappings
Wire OAuth

Connect the agent to our Auth0 tenant, map groups to scopes.✓ Kopiert

→ Users see only their scope's tools
Audit usage

Show me the last 24h of tool calls by user, grouped by tool name.✓ Kopiert

→ Usage report

Ergebnis: One gateway, per-team tool views, full audit trail.

Fallstricke

Scope design gets spaghetti fast — Start with 2-3 broad scopes (eng-read, eng-write, design) rather than per-tool scopes
Audit logs balloon disk usage — Rotate logs weekly or ship to a log aggregator

Kombinieren mit: github · sentry

Develop a custom MCP with hot-reload

👤 Builders iterating on their own MCP server ⏱ ~20 min intermediate

Wann einsetzen: You're writing a new MCP and don't want to reload the IDE after every change.

Ablauf

Register your dev MCP under the agent

Add my local dev MCP at node ./my-mcp/dist/index.js under the agent config, tag it 'dev'.✓ Kopiert

→ Tool appears in client
Edit, save, retry

I changed the tool. Tell me if the new version is live without me restarting.✓ Kopiert

→ Hot-reload confirmed

Ergebnis: A fast inner loop for MCP development.

Fallstricke

Hot-reload can leak old tool handles if clients cache — For big interface changes, bounce the client anyway

Front an untrusted upstream MCP with sanitization

👤 Security-conscious admins running community MCPs ⏱ ~15 min intermediate

Wann einsetzen: You want to try a community MCP but want belt-and-suspenders input guards.

Ablauf

Enable sanitization

Configure 1mcp agent to enable input sanitization on upstream 'community-x', block any tool returning an oversized payload.✓ Kopiert

→ Limits applied
Verify

Call a tool from that upstream and confirm sanitization log entries.✓ Kopiert

→ Log shows sanitized call

Ergebnis: A safer blast radius when experimenting with community tools.

Kombinationen

Mit anderen MCPs für 10-fache Wirkung

agent + proxy-2

Compare feature-heavy 1mcp vs minimal tbxark/mcp-proxy

Run both 1mcp/agent and tbxark/mcp-proxy on the same host and compare tool-call latency through each.✓ Kopiert

agent + jetski

Stack analytics on top of 1mcp

Run 1mcp/agent behind Jetski to get both OAuth and prompt-level analytics.✓ Kopiert

Werkzeuge

Was dieses MCP bereitstellt

Werkzeug	Eingaben	Wann aufrufen	Kosten
list_tools	(none)	Handshake — handled by clients	free
call_tool	name, args	Any invocation	1 upstream call
mcp_add	name, command, args	Add a new upstream dynamically (admin-only)	free

Kosten & Limits

Was der Betrieb kostet

API-Kontingent: None of its own; bounded by upstream quotas
Tokens pro Aufruf: Small proxy overhead
Kosten in €: Free, MIT
Tipp: Enable audit only on write-capable upstreams — read-only logs fill disk fast for no benefit.

Sicherheit

Rechte, Secrets, Reichweite

Minimale Scopes: OAuth client config + upstream server credentials

Credential-Speicherung: Env vars and config file; use a secret manager for production

Datenabfluss: Agent forwards to configured upstreams only

Niemals gewähren: admin scope to end users — reserve for platform team

Rotate audit logs — long-running agents accumulate GB of tool-call history.
OAuth scopes are only as safe as your IdP group mapping; audit who's in which group quarterly.

Fehlerbehebung

Häufige Fehler und Lösungen

Hot reload didn't pick up my config change

Check the file watcher has permission on the mounted dir (Docker bind mounts on macOS can miss events). Fall back to SIGHUP.

Prüfen: docker exec agent kill -HUP 1

OAuth token rejected

Scope claim doesn't map to any configured scope. Check agent logs for the claim and align config.

Prüfen: Decode JWT at jwt.io

Upstream MCP fails health check

Run the upstream command manually to see its stderr. Agent logs only report exit code.

Prüfen: docker exec agent sh -c '<upstream command>'

Tool list empty for a user

That user's scopes don't match any tool's required scope tags.

Prüfen: Check scope mapping in config vs JWT claims

Alternativen

agent vs. andere

Alternative	Wann stattdessen	Kompromiss
tbxark/mcp-proxy	You want a minimal Go binary without OAuth	No auth, no hot-reload, no scopes
Jetski	You want full analytics dashboards and DCR	K8s + Postgres infrastructure required

Mehr

Ressourcen

📖 Offizielle README auf GitHub lesen

🐙 Offene Issues ansehen

🔍 Alle 400+ MCP-Server und Skills durchsuchen