Skip to main content
2 specialized agents covering MCP server development and security auditing.

About MCP

The Model Context Protocol is an open standard that enables AI assistants to securely access data and tools. MCP servers expose resources (data) and tools (functions) that AI models can use during conversations.

Agents

MCP Developer

MCP server development, tool design, resource exposure, and transport implementation
  • Mode: subagent
  • Quality: 4.88/5 (Excellent)
  • Tags: mcp, server, tools, resources, sdk, development
npx github:dmicheneau/opencode-template-agent install mcp-developer

MCP Security Auditor

MCP server security reviews, OAuth, RBAC, and compliance frameworks
  • Mode: subagent
  • Quality: 4.12/5 (Good)
  • Tags: mcp, security, oauth, rbac, compliance, audit
npx github:dmicheneau/opencode-template-agent install mcp-security-auditor

Usage Examples

@mcp/mcp-developer Build an MCP server for GitHub API

Quality Stats

  • Average score: 4.50/5
  • 1 Excellent, 1 Good rating
  • Total tokens: ~2,700 (avg ~1,335 per agent)
  • Coverage: Development + security

Common Workflows

Both MCP agents for complete coverage:
npx github:dmicheneau/opencode-template-agent install --pack mcp
Includes: mcp-developer, mcp-security-auditor
  1. MCP Developer — Design server architecture and tools
  2. MCP Developer — Implement resources and transports
  3. MCP Security Auditor — Security review before deployment
  4. MCP Security Auditor — Compliance validation (if needed)
  1. MCP Security Auditor — Security architecture review
  2. MCP Security Auditor — OAuth/RBAC implementation audit
  3. MCP Developer — Implement security improvements
  4. MCP Security Auditor — Final validation

When to Use

  • Building new MCP servers
  • Designing tool schemas
  • Implementing resource providers
  • Integrating with existing APIs
  • Working with MCP SDKs (TypeScript, Python)
  • Setting up transport layers (stdio, SSE, HTTP)
  • Auditing MCP server security
  • Implementing OAuth flows
  • Designing RBAC policies
  • Ensuring compliance (SOC2, GDPR)
  • Reviewing authentication/authorization
  • Validating data access controls

MCP Concepts

Resources

Data that MCP servers expose to AI models:
  • Files
  • Database records
  • API responses
  • Real-time streams
Use MCP Developer to design resource schemas and providers.

Tools

Functions that AI models can invoke:
  • Data queries
  • API calls
  • File operations
  • Computation tasks
Use MCP Developer to design tool interfaces and validation.

Security

Critical considerations for MCP servers:
  • Authentication (OAuth, API keys)
  • Authorization (RBAC, permissions)
  • Data validation (input sanitization)
  • Rate limiting
Use MCP Security Auditor for security reviews.

Transports

Communication protocols:
  • stdio — Local processes
  • SSE — Server-sent events
  • HTTP — REST endpoints
Use MCP Developer to implement transport layers.

Integration Examples

Combine MCP agents with backend specialists:
  1. API Architect — Design underlying API
  2. MCP Developer — Expose API via MCP
  3. Security Engineer — Security architecture
  4. MCP Security Auditor — MCP-specific security review
Database access via MCP:
  1. Database Architect — Design data model
  2. PostgreSQL Pro or SQL Pro — Optimize queries
  3. MCP Developer — Build query tools and resource providers
  4. MCP Security Auditor — Validate access controls

Resources

MCP Specification

Official protocol specification

MCP Documentation

Guides and examples

TypeScript SDK

Official TypeScript implementation

Python SDK

Official Python implementation

Build docs developers (and LLMs) love

Get started for freeTalk to us