Setting up your first AI agent with MCP tools takes about an hour on a normal laptop. You install Claude Desktop, drop the Anthropic filesystem server into the config, point it at a directory, and the model can suddenly read and write your files. From there, every additional server you add (GitHub, Notion, Slack, your own custom one) compounds the agent's reach. This guide walks the eight steps end to end.
What is MCP and why does the first agent matter?
MCP stands for Model Context Protocol. Anthropic released it in November 2024 as an open standard for connecting language models to tools and data sources. The full conceptual breakdown lives in the cluster head What is MCP (Model Context Protocol)? Why AI agents use it in 2026. The short version: before MCP, every AI tool integration was a custom one-off. After MCP, a single server works across every compliant client.
Your first agent matters because it changes what you believe is possible. Reading about agents is one thing. Watching Claude open a file in your project, edit it, and save it back is another. After ten minutes of working agent, the abstract conversation about AI in your workflow becomes a concrete one. The bar from zero to first working agent is lower than most people think, which is why we keep this guide tight on the practical steps. If you are also picking your coding stack alongside this, the Cursor vs Claude Code vs Continue review covers the editor side.
How do I install Claude Desktop or another MCP client?
Step one is picking and installing a client. Claude Desktop is the easiest in 2026 because Anthropic ships first-party MCP support and a clean config file. Download it from claude.ai/download, install for your operating system, and sign in with your Anthropic account. The free tier is enough to test MCP. You only need a paid plan if you hit message limits or want longer context.
Other MCP clients exist if you prefer them. Cursor and Zed both support MCP servers natively. Continue and several open source agents do too. The configuration shape is similar across all of them: a JSON file listing the servers to launch, with command and arguments. For this guide we will use Claude Desktop because the path from zero to first tool call is the shortest. Once you understand the pattern, switching clients is trivial.
What is the difference between an MCP server and a client?
This is the one concept worth getting right before you go further. The client is the app you interact with. It talks to the model, shows the chat interface, and decides when to call tools. Claude Desktop is a client. Cursor is a client. Zed is a client.
The server is a small program that exposes tools or data through the protocol. The Anthropic filesystem server exposes read and write tools for a directory. The GitHub server exposes tools for issues, PRs, and code search. The Notion server exposes tools for pages and databases. Servers run as local processes (or remote ones in advanced setups), and the client launches them on demand. Clients are general purpose. Servers are specific. You connect one client to many servers, and each server gives the model a new capability.
How do I install the Anthropic filesystem server?
The filesystem server is the canonical first install. It gives the model read and write access to one or more local directories, and it is published by Anthropic with no third-party trust required. Open the Claude Desktop config file. On macOS it lives at ~/Library/Application Support/Claude/claude_desktop_config.json. On Windows the path is %APPDATA%\Claude\claude_desktop_config.json.
Add a mcpServers block with the filesystem server pointed at a directory you actually use:
{
"mcpServers": {
"filesystem": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "/Users/yourname/projects/test"]
}
}
}
Restart Claude Desktop. You should see a small tools indicator in the chat input showing the filesystem server is connected. If it does not appear, check the Claude Desktop log for the error message and confirm Node.js is installed. Most first-install issues are missing Node, a typo in the path, or a permission problem on the directory.
How do I test the agent works on real files?
Open a new chat in Claude Desktop and ask the model to do something concrete. Try: "List the files in the test directory and tell me what is in the first one." The model will request permission to call the filesystem tool, you approve it, and within a few seconds you should see the directory listing followed by a summary of the first file's contents.
If you want to see the agent loop fully, ask it to make a change. Try: "Create a file called hello.txt with the text 'first MCP agent worked' in the test directory." The model calls the write tool, the file appears on disk, and Claude tells you it is done. Open the file in Finder or your editor to confirm. That round trip (model decides, server executes, file changes on disk) is the entire agent pattern. Everything more sophisticated is the same loop with bigger tools.
How do I add a second MCP server?
The first server proves the pattern. The second server proves it composes. Pick something that touches a system you actually work in. The two best second-server choices in 2026 are the GitHub server (if you ship code) and the Notion server (if you live in Notion docs).
For GitHub, you generate a personal access token at github.com/settings/tokens with the scopes you want the agent to have (repo and read:user is a sane starting set), then add the server to your config:
"github": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": { "GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_yourtokenhere" }
}
Restart, and now the model can search your repos, read issues, and (if you gave it write scopes) open PRs. The Notion server follows the same shape with a Notion integration token. Once you have two servers running, you can ask the model to do cross-system tasks. "Find the open issues in this repo and write a summary to a Notion page." That is a real agent doing real work.
How do I write my own MCP server in 30 lines?
You only need a custom server when no published one fits. When you do, the SDK makes it short. Here is a TypeScript server that exposes one tool, a function that returns the current time in any timezone:
import { Server } from "@modelcontextprotocol/sdk/server/index.js";
import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
const server = new Server({ name: "time-server", version: "1.0.0" });
server.tool("get_time", "Get current time in a timezone",
{ timezone: { type: "string" } },
async ({ timezone }) => ({
content: [{ type: "text",
text: new Date().toLocaleString("en-US", { timeZone: timezone }) }]
}));
await server.connect(new StdioServerTransport());
Save it, run tsc to compile, and add the path to your Claude Desktop config under mcpServers. Restart the client. The model now has a get_time tool. The Python SDK has a similar shape. The point of writing one is not the time tool itself. It is realizing that any internal API, database query, or workflow you have can become an agent tool in under an hour.
How do I deploy a custom server publicly?
Local servers cover most personal use. The moment you want a teammate to use your server, or you want it accessible from a phone, you need to deploy it. The MCP spec supports HTTP transport in addition to stdio. You wrap your server in a small HTTP wrapper, deploy it to any cloud (Cloudflare Workers, Fly.io, Vercel, your existing infra), and the client connects over the network instead of launching a local process.
Authentication is the part that matters most here. A locally launched server inherits your machine's trust. A network server has to authenticate the caller. The standard pattern in 2026 is OAuth 2.0 for human-facing servers and a long-lived API key for server-to-server use. Pick one based on your audience, document the auth flow in your README, and publish to the official MCP registry if you want others to find it. The deeper end-to-end agent walkthroughs live in the AI How-To pillar.
What becomes possible once your AI can read your stuff?
The single biggest unlock from your first agent is realizing that AI without your data is a clever toy, and AI with your data is a coworker. Once Claude can read your repo, your inbox, your CRM, your project tracker, the kind of question you ask it changes. Instead of "write me a generic email," you ask "read the last six emails with this client and draft a follow-up that picks up where we left off." Instead of "what is a good way to structure a CRM," you ask "audit my actual contacts and tell me which ones I have not touched in 90 days."
The honest part: this also raises the stakes. An agent that can write to your filesystem can also delete files. An agent with GitHub write access can push bad code. Treat your servers like you would treat a junior with admin access. Scope tightly, log everything, and review the model's decisions for the first few days. After that, the trust calibrates and the leverage compounds. We teach this discipline as part of the practical AI track in the community. Join AI Masterminds if you want the broader operator playbook beyond just MCP.
FAQ
What do I actually need to install before I can run an MCP agent?
You need an MCP client (Claude Desktop is the easiest in 2026, but Cursor, Zed, and several other editors also support MCP), Node.js or Python on your machine for running servers, and a code editor for editing the config file. That is the whole stack. The Claude Desktop app handles the agent loop. The MCP servers run as local processes that the app launches when needed. You do not need a server farm, a cloud account, or any paid infrastructure to get a working agent on your laptop.
What is the difference between an MCP server and an MCP client?
The client is the application that talks to the language model and orchestrates tool calls. Claude Desktop, Cursor, and Zed are clients. The server is a small program that exposes tools or data to the client through the Model Context Protocol. The Anthropic filesystem server is a server. The GitHub server is a server. A custom server you write in 30 lines is a server. Clients connect to servers, list available tools, and call them on behalf of the model. One client can talk to many servers at once.
Do I have to write code to use MCP?
No. You can run a useful agent setup in 2026 with zero code by combining published servers from the official Anthropic GitHub registry. The filesystem server, GitHub server, Slack server, Notion server, and Postgres server are all maintained and configurable through the Claude Desktop config file. You only need to write code if you want to expose a private API or a custom data source that does not have a published server. When you do, the SDKs make a working server about 30 lines.
Is MCP secure if I am giving an AI access to my files?
MCP itself is a transport protocol, not a security model. Security comes from how you scope each server. The filesystem server takes a directory path on launch and refuses to read outside it. The GitHub server uses a personal access token with whatever scopes you grant. Treat each server like you would a third-party app: give it the minimum scope it needs, run untrusted servers in containers, and audit what tools it exposes before installing. The Anthropic-published servers are the safest starting point.
What can I actually build once my AI can read my stuff?
The list gets long quickly. Personal knowledge agents that search your Obsidian vault and your inbox at the same time. Code agents that read your repo, run tests, and open pull requests. Operations agents that pull data from your CRM, write a summary, and post it to Slack. Research agents that read a folder of PDFs and answer questions across all of them. The pattern is always the same: a model with read or write access to one of your real systems, doing a job you used to do manually. MCP is what makes that pattern composable across tools.
Sources
- Introducing the Model Context Protocol · Anthropic · November 25, 2024
- Model Context Protocol Documentation · Model Context Protocol · June 1, 2025
- Official MCP Servers Repository · Anthropic · September 15, 2025