pctx MCP — 사용 사례, 설치 & 라이브 데모

왜 쓰나요

핵심 기능

Code Mode: one LLM code block can chain many MCP tool calls in one turn
Deno sandbox: no FS, no env, allowlisted network only
Aggregates multiple upstream MCP servers behind one pctx
Credential-proofing: LLM never sees keys — pctx injects them
Install via Homebrew, npm -g, or curl-pipe script

라이브 데모

실제 사용 모습

pctx.replay ▶ 준비됨

0/0

설치

클라이언트 선택

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "pctx": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/portofcontext/pctx"
      ],
      "_inferred": true
    }
  }
}

Claude Desktop → Settings → Developer → Edit Config 열기. 저장 후 앱 재시작.

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "pctx": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/portofcontext/pctx"
      ],
      "_inferred": true
    }
  }
}

Cursor는 Claude Desktop과 동일한 mcpServers 스키마 사용. 프로젝트 설정이 전역보다 우선.

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "pctx": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/portofcontext/pctx"
      ],
      "_inferred": true
    }
  }
}

Cline 사이드바의 MCP Servers 아이콘 클릭 후 "Edit Configuration" 선택.

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "pctx": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/portofcontext/pctx"
      ],
      "_inferred": true
    }
  }
}

Claude Desktop과 같은 형식. Windsurf 재시작 후 적용.

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "pctx",
      "command": "TODO",
      "args": [
        "See README: https://github.com/portofcontext/pctx"
      ]
    }
  ]
}

Continue는 맵이 아닌 서버 오브젝트 배열 사용.

~/.config/zed/settings.json

{
  "context_servers": {
    "pctx": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/portofcontext/pctx"
        ]
      }
    }
  }
}

context_servers에 추가. 저장 시 Zed가 핫 리로드.

claude mcp add pctx -- TODO 'See README: https://github.com/portofcontext/pctx'

한 줄 명령. claude mcp list로 확인, claude mcp remove로 제거.

사용 사례

실전 활용법: pctx

Run a chain of 20 tool calls as one code block

👤 Agent builders whose token bills spike on long sequential flows ⏱ ~20 min advanced

언제 쓸까: A task needs many tool calls (fetch N issues, enrich each, post summary).

사전 조건

pctx installed and configured — brew install portofcontext/tap/pctx; pctx config add <upstream-mcp>

흐름

Register upstreams with credentials

pctx config add github --env GITHUB_TOKEN=... and add sentry --env SENTRY_TOKEN=....✓ 복사됨

→ Upstreams listed
Ask agent to write Code Mode

In pctx Code Mode, write a function that fetches the 10 newest Sentry issues, for each finds the releasing commit via github, and returns a summary array.✓ 복사됨

→ Code block + single execution result
Inspect the result

Summarize the array in English and flag any issue whose releasing commit was by a specific author.✓ 복사됨

→ Final answer grounded in the data

결과: 10x fewer tool-call round-trips, major token savings, same result.

함정

Sandboxed code errors are opaque if you don't surface stderr — Wrap the code in try/catch and print caught errors so the LLM can self-correct
Network allowlist too tight — legitimate calls blocked — Start broad, narrow based on actual host usage from logs

함께 쓰기: github · sentry

Isolate credentials from the LLM

👤 Security-conscious teams adopting MCPs ⏱ ~15 min intermediate

언제 쓸까: Your threat model says 'LLM must never see the token in any form'.

흐름

Store creds in pctx

Add a keychain-backed credential to pctx for github.✓ 복사됨

→ Credential stored, not visible to callers
Verify from the other side

Ask the LLM to 'print the GitHub token' — confirm it cannot.✓ 복사됨

→ LLM has no way to access the secret

결과: A reproducible answer to 'can the LLM exfiltrate our tokens?' — no.

Aggregate many MCPs into one sandboxed code interface

👤 Teams wanting a single safe surface ⏱ ~25 min advanced

언제 쓸까: You want Code Mode semantics across github, postgres, filesystem in one place.

흐름

Register each

Add github, postgres (read-only), and filesystem (scoped to /data) to pctx.✓ 복사됨

→ All three callable from code
Write a cross-MCP job

Write pctx code that reads a SQL query result and writes CSV to /data/out.csv, then creates a GitHub gist with that CSV.✓ 복사됨

→ Single execution, three upstreams used

결과: A unified, sandboxed execution plane for mixed-upstream workflows.

함께 쓰기: github · postgres · filesystem

조합

다른 MCP와 조합해 10배 효율

pctx + github + sentry

Cross-reference Sentry issues with GitHub commits in one sandboxed code block

Via pctx Code Mode: for every new Sentry issue, find the GitHub commit that introduced it and return a table.✓ 복사됨

pctx + postgres

Query + transform + export in one sandbox

pctx code that runs a Postgres read, pivots the result in JS, and writes /data/report.json.✓ 복사됨

도구

이 MCP가 노출하는 것

도구	입력	언제 호출	비용
execute_code	code: str (JavaScript, access to injected MCP SDK)	Anytime the task needs >2 tool calls that compose	upstream tool calls inside the code
list_upstream_tools	(none)	Agent discovery — what's available to call from code	free

비용 및 제한

운영 비용

API 쿼터: No pctx quota; upstream calls inside code incur their own
호출당 토큰: Code Mode is far cheaper token-wise than many sequential tool calls
금액: Free, open source
팁: For tasks over 5 tool calls, Code Mode typically saves 50%+ tokens vs sequential calling.

보안

권한, 시크릿, 파급범위

자격 증명 저장: Env vars, OS keychain, or external command — LLM never sees credentials

데이터 외부 송신: Only to hosts explicitly allowlisted per upstream

절대 부여 금지: Allowlist the open internet in the sandbox — pin to specific hosts

Review what upstream tools the LLM-generated code calls — sandbox is network-scoped, not semantic.
Deno sandbox is strong but not infinite — treat it as defense in depth, not the only control.

문제 해결

자주 발생하는 오류와 해결

Network denied in sandbox

Add the host to the upstream's allowlist in pctx config.

확인: pctx config show

Credential not injected

Credential name mismatch; pctx logs the resolved key on startup.

확인: pctx run --debug

Code Mode returns a vague 'sandbox violation'

Enable verbose logs; most violations are env or FS access attempts the LLM shouldn't make.

확인: pctx logs --tail

대안

pctx 다른 것과 비교

대안	언제 쓰나	단점/장점
proxy-2 / 1mcp-agent	You want aggregation but not Code Mode / sandboxing	LLM calls each tool separately; can see whatever the MCP returns
Bare execution via shell MCP	You want code execution but don't need MCP proxying	No credential isolation, no allowlist

pctx