MCP Help 001

Project Overview

MCP Help 001 is a demonstration Model Context Protocol (MCP) server that showcases how to create custom MCP servers with integrated web interfaces, browser automation tools, and analytics tracking. This project serves as both a functional tool and a comprehensive learning resource for developers interested in MCP development.

What This Tutorial Covers: This comprehensive guide walks through the entire process of creating an MCP server from conception to deployment, including the conversation with AI assistance, research process, implementation details, and best practices. Updated for 2025 with the latest security considerations and best practices.

What is Model Context Protocol (MCP)?

The Model Context Protocol is a standardized way for AI assistants to interact with external tools and data sources. It enables AI systems like Cursor IDE to seamlessly integrate with custom servers that provide specific functionality. As of 2025, MCP has become integral to AI systems, facilitating interactions between large language models (LLMs) and external tools.

Key MCP Concepts

Servers: Python applications that implement the MCP protocol
Tools: Functions that the MCP server exposes to AI assistants
Configuration: JSON files that tell Cursor how to connect to MCP servers
Communication: Standardized protocol for tool calls and responses
Transport: Supports stdio for maximum compatibility and Streamable HTTP for networked servers (SSE transport deprecated as of June 2025)

Why Use MCP?

🔧 Custom Functionality

Extend AI capabilities with domain-specific tools and integrations

🌐 Web Integration

Connect AI assistants to web services, APIs, and browser automation

📊 Analytics & Tracking

Monitor usage patterns and gather insights from AI interactions

🔄 Real-time Data

Provide live data feeds and dynamic content to AI assistants

The Creation Process

This section documents the actual conversation and process that led to the creation of MCP Help 001, providing insight into how AI-assisted development works in practice.

Initial Request

User Request: "I want to create an example MCP that opens a custom web page that shows the details of that MCP. It doesn't need to do anything special. Maybe show the time, date, and some quick stats. Very simple and easy to understand, but with some style and design. It should have its own database file and have a tool to open the web page in the browser, a tool to open reddit.com in the browser, and a tool to open chatgpt.com in the browser. All of these should send analytics to the mcp to save in the local database file."

AI Research and Analysis

The AI assistant began by researching existing MCP implementations in the codebase to understand the proper structure and requirements:

Research Process:
1. Analyzed existing MCP servers (PostgreSQL, FTP, Validation)
2. Studied MCP configuration files and server structure
3. Identified common patterns and best practices
4. Determined required dependencies and imports
5. Planned the implementation architecture
6. Researched 2025 security best practices and vulnerabilities

Key Insights from Research

MCP servers require specific imports from the mcp package
Configuration files must follow a specific JSON structure
Error handling and logging are crucial for production use
Analytics integration should be modular and optional
Web servers need to run in separate threads to avoid blocking MCP operations
Security is paramount in 2025 - input validation, authentication, and monitoring are essential

Implementation Strategy

Modular Design: The implementation was designed with clear separation of concerns:

AnalyticsDB: Handles SQLite database operations
WebServer: Manages HTTP server and web page serving
MCPHelp001Server: Main MCP server with tool definitions

Implementation Details

This section provides a detailed breakdown of how each component of MCP Help 001 was implemented.

Core Architecture

MCP Help 001 Architecture:
├── MCPHelp001Server (Main MCP Server)
│   ├── AnalyticsDB (SQLite Database Handler)
│   ├── WebServer (HTTP Server with Threading)
│   └── Tool Handlers (Browser Automation)
├── mcp.json (Cursor Configuration)
├── README.md (Documentation)
└── analytics.db (SQLite Database - Auto-created)

Database Schema

CREATE TABLE analytics (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    timestamp TEXT NOT NULL,
    action TEXT NOT NULL,
    url TEXT,
    user_agent TEXT,
    ip_address TEXT,
    session_id TEXT
);

Tool Definitions

The MCP server exposes four main tools:

open_custom_web_page

Opens the custom web interface at localhost:8080 and logs the action to analytics.

open_reddit

Opens Reddit.com in the default browser and tracks the action.

open_chatgpt

Opens ChatGPT.com in the default browser and logs the interaction.

get_analytics_stats

Retrieves and returns analytics statistics from the database.

Web Interface Features

Real-time Clock: JavaScript updates time every second
Responsive Design: Works on desktop, tablet, and mobile
Modern Styling: Gradient backgrounds and glassmorphism effects
Analytics Display: Shows live statistics from the database
Auto-refresh: Button to refresh data and statistics

Key Features and Capabilities

🎨 Beautiful Web Interface

Modern, responsive design with gradient backgrounds, glassmorphism effects, and smooth animations.

📊 Analytics Tracking

Comprehensive tracking of all actions with timestamps, user agents, and IP addresses.

🌐 Browser Automation

Tools to open custom web pages and external sites with automatic analytics logging.

⚡ Real-time Updates

Live time display and dynamic statistics that update automatically.

🔧 Easy Configuration

Simple JSON configuration for Cursor IDE integration.

📱 Mobile Responsive

Fully responsive design that works perfectly on all device sizes.

Technical Specifications

Language: Python 3.8+
Dependencies: mcp, sqlite3, webbrowser, http.server
Port: 8080 (configurable)
Database: SQLite (file-based, no server required)
Web Server: Built-in Python HTTP server with threading
Browser Support: All modern browsers via webbrowser module
Transport: stdio (recommended for maximum compatibility)

Step-by-Step Implementation Tutorial

Follow this tutorial to create your own MCP server with similar functionality.

Step 1: Environment Setup

# Install required dependencies
pip install mcp

# Create project directory
mkdir my-mcp-server
cd my-mcp-server

Step 2: Create the MCP Server

Create a server.py file with the following structure:

#!/usr/bin/env python3
import asyncio
import json
from mcp.server import Server
from mcp.server.stdio import stdio_server
from mcp.types import Tool, TextContent

# Initialize server
server = Server("my-mcp-server")

@server.list_tools()
async def list_tools():
    return [
        Tool(
            name="my_tool",
            description="Description of what the tool does",
            inputSchema={
                "type": "object",
                "properties": {},
                "required": []
            }
        )
    ]

@server.call_tool()
async def call_tool(name: str, arguments: dict):
    if name == "my_tool":
        return [TextContent(type="text", text="Tool executed successfully")]
    return [TextContent(type="text", text=f"Unknown tool: {name}")]

async def main():
    async with stdio_server() as (read_stream, write_stream):
        await server.run(read_stream, write_stream, server.create_initialization_options())

if __name__ == "__main__":
    asyncio.run(main())

Step 3: Create MCP Configuration

Create a mcp.json file:

{
  "mcpServers": {
    "my-mcp-server": {
      "command": "python",
      "args": ["/path/to/your/server.py"],
      "env": {
        "PYTHONPATH": "/path/to/your/project"
      }
    }
  }
}

Step 4: Add to Cursor Configuration

Copy the contents of your mcp.json to Cursor's MCP configuration file, typically located at:

Windows: %APPDATA%\Cursor\User\globalStorage\cursor.mcp\mcp.json
macOS: ~/Library/Application Support/Cursor/User/globalStorage/cursor.mcp/mcp.json
Linux: ~/.config/Cursor/User/globalStorage/cursor.mcp/mcp.json

Step 5: Test Your MCP Server

Testing Steps:

Restart Cursor IDE after adding the MCP configuration
Open a new chat session
Try using your custom tools through the MCP interface
Check the Cursor logs for any error messages

Security Considerations for 2025

As of 2025, MCP security has become a critical concern. This section covers the latest security best practices and emerging threats.

⚠️ Critical Security Alert: MCP implementations in 2025 face significant security challenges including prompt injection attacks, tool poisoning, and OAuth vulnerabilities. Always implement comprehensive security measures.

Essential Security Measures

🔒 Input Validation

Strictly validate and sanitize all inputs to prevent prompt injection attacks and malicious code execution.

🛡️ Authentication & Authorization

Implement OAuth 2.1, role-based access controls, and the principle of least privilege.

🔐 Data Encryption

Use AES-256 encryption for data at rest and mandate TLS 1.3 for all communications.

📊 Monitoring & Detection

Deploy MCP-specific security scanning tools and implement real-time anomaly detection.

Known Vulnerabilities (2025)

Critical Vulnerabilities to Address:

CVE-2025-6514: Critical RCE vulnerability in mcp-remote project
Retrieval-Agent Deception (RADE): Attacks corrupting publicly available data
OAuth Endpoint Vulnerabilities: Insecure OAuth implementations leading to RCE
Tool Poisoning: Malicious tools infiltrating MCP servers

Security Best Practices

Security Implementation Checklist:

✅ Input Validation & Sanitization
✅ Principle of Least Privilege
✅ Secure Tool Registry Management
✅ Continuous Monitoring & Detection
✅ Incident Response Preparedness
✅ Regular Security Audits
✅ Data Classification & Encryption
✅ Authentication & Access Controls
✅ Request Cancellation & Timeouts
✅ Structured Logging with Correlation IDs

Pro Tip: Use tools like McpSafetyScanner to assess and mitigate vulnerabilities in your MCP implementations. Regular security audits are essential in 2025.

Creating MCP Servers with AI Assistance

This section explains how to effectively use AI assistants like ChatGPT, Claude, or Cursor's built-in AI to create custom MCP servers.

Effective AI Prompting for MCP Development

1. Be Specific About Requirements

Clearly define what you want your MCP server to do, including specific tools, data sources, and integration requirements.

2. Provide Context and Examples

Share existing MCP implementations or similar projects to help the AI understand your preferred patterns and architecture.

3. Request Step-by-Step Implementation

Ask for detailed explanations of each component, including error handling, logging, and best practices.

AI-Assisted Development Workflow

Research Phase: Ask AI to analyze existing MCP implementations and identify patterns
Planning Phase: Request architecture recommendations and technology choices
Implementation Phase: Get code generation with detailed explanations
Security Phase: Request security best practices and vulnerability assessments
Testing Phase: Request testing strategies and debugging assistance
Documentation Phase: Ask for comprehensive documentation and tutorials

Common AI Prompts for MCP Development

Effective Prompts for 2025:

"Create an MCP server that [specific functionality] with [specific requirements] and 2025 security best practices"

"Analyze this MCP implementation and suggest security improvements for [specific aspect]"

"Help me debug this MCP server error: [error message and code]"

"Generate a comprehensive tutorial for creating secure MCP servers with [specific features]"

"Review this MCP configuration and ensure it follows 2025 best practices and security standards"

"Assess the security vulnerabilities in this MCP implementation"

Pro Tip: Always ask AI assistants to explain their reasoning and provide multiple implementation options. In 2025, specifically request security assessments and vulnerability analysis for any MCP implementation.