6 of 8 · 35 min

MCP Servers and Integrations

What is MCP?

Model Context Protocol (MCP) is like USB for AI. Just as USB lets you plug any device into your computer, MCP lets you plug any tool into Claude Code. GitHub, Slack, databases, web search — they all connect through the same standard protocol. One interface, unlimited integrations.

Installing Your First MCP Server

Start with the GitHub MCP server. Add it to your .mcp.json file in your project root. Once configured, Claude can create issues, open pull requests, review code, and manage repositories — all from conversation. Setup takes under two minutes.

The process: create a .mcp.json file, add the server configuration with your GitHub token as an environment variable, and restart Claude Code. That is it. Claude automatically discovers the new tools and starts using them.

Essential MCP Servers

GitHub: Issues, PRs, code search, repository management
Slack: Send messages, read channels, manage threads
Databases: Query PostgreSQL, SQLite, or MongoDB directly
Web Search: Search the internet and fetch live data
File Systems: Read and write files across your machine

Configuring .mcp.json

The .mcp.json file lives in your project root and tells Claude which MCP servers to connect to. Each entry specifies the server command, arguments, and environment variables. Keep secrets in env vars — never hardcode tokens in this file.

Using MCP Tools in Conversation

Once connected, just ask naturally: "Create a GitHub issue for this bug", "Query the users table for active accounts", or "Send a Slack message to the team channel." Claude picks the right MCP tool automatically. You talk to one AI, and it talks to all your tools.

The power of MCP is composition. In a single conversation, Claude can find a bug in your code, create a GitHub issue for it, write the fix, open a pull request, and notify your team on Slack. One request, five tools, zero context switching.

Security Best Practices

MCP servers have real access to real systems. Treat them with the same care as any API integration:

Environment variables: Store all tokens and secrets in env vars, never in config files
Read-only tokens: Use minimal permissions — read-only unless write access is needed
Auditing: Review which MCP tools Claude uses and what actions it takes
Scope limiting: Restrict database MCP servers to specific tables or read-only access
Token rotation: Rotate MCP tokens regularly and revoke any that are no longer needed

A well-secured MCP setup gives you superpowers without risk. A careless one gives an AI write access to your production database. Take the five minutes to set it up correctly.

← Previous Lesson Next: Skills, Hooks, and Customization →

Installing Your First MCP Server

Using MCP Tools in Conversation

Security Best Practices

MCP servers have real access to real systems. Treat them with the same care as any API integration:

Environment variables: Store all tokens and secrets in env vars, never in config files

Read-only tokens: Use minimal permissions — read-only unless write access is needed

Auditing: Review which MCP tools Claude uses and what actions it takes

Scope limiting: Restrict database MCP servers to specific tables or read-only access

Token rotation: Rotate MCP tokens regularly and revoke any that are no longer needed

A well-secured MCP setup gives you superpowers without risk. A careless one gives an AI write access to your production database. Take the five minutes to set it up correctly.