MCP turns your AI agent into a power tool. After an hour of setup, your agent can read GitHub, query Postgres, post to Slack, and 47 other things. Here's the practical guide.
For background see our MCP glossary entry.
Step 1: Pick your agent (2 minutes)
These agents support MCP natively in 2026:
For the rest of this guide we'll use Claude Code; Cursor has nearly identical syntax.
Step 2: Install the "starter trio" (15 minutes)
The three MCP servers every developer should install first:
1. Filesystem — read/write files 2. Git — local git operations 3. GitHub — repos, PRs, issues
In ~/.claude.json:
{
"mcpServers": {
"filesystem": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "/path/to/your/project"]
},
"git": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-git"]
},
"github": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_your_token"
}
}
}
}
Restart Claude Code. Verify with /mcp list.
Step 3: Add the high-value servers (20 minutes)
Based on your workflow, add 3-5 more from these:
For product/PM workflows: Linear, Notion, Slack For data work: Postgres, SQLite For ops: Sentry, AWS, Stripe For research: Brave Search, Fetch
For the full list see Best MCP servers in 2026.
Step 4: Verify with a real task (10 minutes)
Run a real workflow that exercises MCP:
"Read Linear ticket LIN-1234, look at the relevant code in our repo,
draft a fix, run tests, and prepare a PR description."
This exercises Linear MCP + Filesystem MCP + Git MCP + GitHub MCP in one workflow. If it works end-to-end, your setup is solid.
Security best practices (10 minutes — non-negotiable)
1. Use scoped tokens.
- GitHub: PAT with minimal scopes (read-only by default)
- Linear: API key scoped to specific workspace
- Slack: Bot token, not user token
- Postgres: Read-only role for analytics; never give write access to AI
2. Pin versions. Replace @modelcontextprotocol/server-github with @modelcontextprotocol/server-github@2.1.0 for production setups.
3. Audit community servers. Read the source before installing. MCP servers are small (under 500 lines usually) — auditable in 10 minutes.
4. Watch for prompt injection. Any MCP server that reads untrusted content (web pages, public repos, etc.) is an attack vector.
Troubleshooting common issues
Server doesn't show up after restart. Check JSON syntax. One trailing comma breaks the whole config.
Tools fail with auth errors. Verify the env var is set correctly. Try the underlying API call manually to confirm the token works.
Server hangs on first call.
First npx -y install downloads packages. Cold start is 30-60 seconds. Subsequent calls are fast.
Agent doesn't pick the right tool. Tool descriptions matter. Reduce installed servers to under 20; past that, agents lose accuracy on tool selection.
The verdict
MCP in an hour: pick agent → install starter trio → add workflow-specific servers → verify with real task → harden security. After setup, your agent gains 50+ external capabilities without writing code.
For more see Best MCP servers in 2026, Model Context Protocol glossary, and How to use Cursor.