Educational Tutor MCP Server

02_main.md•20.6 kB

# Debugging, Testing, and Advanced Development for MCP Integrations This module provides a comprehensive guide to advanced development practices within the Model Context Protocol (MCP) ecosystem, focusing on effective debugging, robust testing, and leveraging cutting-edge tools like Large Language Models (LLMs) for accelerated development. It also reinforces critical aspects of security, error handling, and performance monitoring. ## Debugging MCP Integrations Effective debugging is crucial for identifying and resolving issues in MCP servers and client integrations. The MCP ecosystem offers several tools and strategies to facilitate this process. ### Debugging Tools Overview MCP provides a layered approach to debugging, utilizing specialized tools for different levels of inspection: 1. **MCP Inspector**: An interactive developer tool designed for direct testing and debugging of MCP servers. It allows you to connect to a server, inspect its capabilities (resources, prompts, tools), and monitor message exchanges. 2. **Claude Desktop Developer Tools**: When integrating with Claude Desktop, these tools enable integration testing, log collection, and provide access to Chrome DevTools for client-side analysis. 3. **Server Logging**: Custom logging implementations within your MCP server are essential for tracking internal operations, errors, and performance. ### Debugging in Claude Desktop When your MCP server is integrated with Claude Desktop, specific features are available for debugging: #### Checking Server Status The Claude.app interface offers quick insights into your connected servers: * Click the MCP plug icon (<img src="/images/claude-desktop-mcp-plug-icon.svg" style={{display: 'inline', margin: 0, height: '1.3em'}} />) to see a list of connected servers and their available prompts and resources. * Click the hammer icon (<img src="/images/claude-desktop-mcp-hammer-icon.svg" style={{display: 'inline', margin: 0, height: '1.3em'}} />) to view the tools exposed to the model. #### Viewing Logs Detailed MCP logs from Claude Desktop can be reviewed in real-time using the terminal: ```bash tail -n 20 -F ~/Library/Logs/Claude/mcp*.log ``` These logs capture critical information such as server connection events, configuration issues, runtime errors, and the full message exchanges between the client and server. #### Using Chrome DevTools For client-side debugging within Claude Desktop, you can access Chrome's developer tools: 1. **Enable DevTools**: Create a `developer_settings.json` file in `~/Library/Application Support/Claude/` with the content `{"allowDevTools": true}`. ```bash echo '{"allowDevTools": true}' > ~/Library/Application\ Support/Claude/developer_settings.json ``` 2. **Open DevTools**: Press `Command-Option-Shift-i`. You will typically see two DevTools windows: one for the main content and one for the app title bar. 3. **Inspect**: Use the **Console** panel to inspect client-side errors and the **Network** panel to examine message payloads and connection timing. ### Common Debugging Issues Several common issues can arise during MCP server development and integration: * **Working Directory**: When servers are launched via `claude_desktop_config.json`, their working directory might be undefined (e.g., `/` on macOS). Always use absolute paths for configurations and `.env` files to ensure reliable operation. For direct command-line testing, the working directory is where the command is executed. * **Example**: Instead of `"./data"`, use `"/Users/username/data"` in `claude_desktop_config.json`. * **Environment Variables**: MCP servers inherit only a subset of environment variables. To provide custom or override default variables, use the `env` key in `claude_desktop_config.json`. ```json { "myserver": { "command": "mcp-server-myapp", "env": { "MYAPP_API_KEY": "some_key" } } } ``` * **Server Initialization Problems**: * **Path Issues**: Incorrect server executable paths, missing required files, or permission problems. Always try using an absolute path for the `command` in your configuration. * **Configuration Errors**: Invalid JSON syntax, missing required fields, or type mismatches in `claude_desktop_config.json`. * **Environment Problems**: Missing or incorrect environment variable values, or permission restrictions. * **Connection Problems**: If servers fail to connect, check Claude Desktop logs, verify the server process is running, test the server standalone with the MCP Inspector, and confirm protocol compatibility. ## Implementing Robust Logging Logging is fundamental for monitoring, troubleshooting, and understanding the behavior of your MCP integrations. ### Server-Side Logging For MCP servers using the local stdio transport, messages logged to `stderr` (standard error) are automatically captured by the host application (e.g., Claude Desktop). <Warning> Local MCP servers **must not** log messages to `stdout` (standard out), as this stream is reserved for protocol operation and will interfere with communication. </Warning> For all transports, servers can send log messages directly to the client using a log message notification: <Tabs> <Tab title="Python"> ```python server.request_context.session.send_log_message( level="info", data="Server started successfully", ) ``` </Tab> <Tab title="TypeScript"> ```typescript server.sendLoggingMessage({ level: "info", data: "Server started successfully", }); ``` </Tab> </Tabs> **Important events to log include**: * Initialization steps * Resource access * Tool execution * Error conditions * Performance metrics ### Client-Side Logging In client applications, ensure debug logging is enabled to monitor network traffic, track message exchanges, and record error states. ### Logging Best Practices * **Structured Logging**: Use consistent formats, include context (e.g., request IDs), and add timestamps for easier analysis. * **Error Handling**: Log stack traces, include error context, track error patterns, and monitor recovery processes. * **Performance Tracking**: Log operation timing, monitor resource usage, track message sizes, and measure latency to identify bottlenecks. ## Utilizing the MCP Inspector The MCP Inspector is an indispensable interactive developer tool for testing and debugging MCP servers in isolation. ### Installation and Basic Usage The Inspector runs directly via `npx`, requiring no prior installation: ```bash npx @modelcontextprotocol/inspector <command> ``` #### Inspecting Servers from NPM or PyPi To inspect server packages distributed via NPM or PyPi: <Tabs> <Tab title="NPM package"> ```bash npx -y @modelcontextprotocol/inspector npx <package-name> <args> # Example: npx -y @modelcontextprotocol/inspector npx server-postgres postgres://127.0.0.1/testdb ``` </Tab> <Tab title="PyPi package"> ```bash npx @modelcontextprotocol/inspector uvx <package-name> <args> # Example: npx @modelcontextprotocol/inspector uvx mcp-server-git --repository ~/code/mcp/servers.git ``` </Tab> </Tabs> #### Inspecting Locally Developed Servers For servers developed locally or from a repository: <Tabs> <Tab title="TypeScript"> ```bash npx @modelcontextprotocol/inspector node path/to/server/index.js args... ``` </Tab> <Tab title="Python"> ```bash npx @modelcontextprotocol/inspector \ uv \ --directory path/to/server \ run \ package-name \ args... ``` </Tab> </Tabs> Always refer to the server's `README` for the most accurate instructions. ### Feature Overview The MCP Inspector interface provides several panes for comprehensive interaction: * **Server Connection Pane**: Selects the transport (e.g., stdio) and allows customization of command-line arguments and environment variables for local servers. * **Resources Tab**: Lists available resources, displays their metadata (MIME types, descriptions), allows content inspection, and supports subscription testing. * **Prompts Tab**: Shows available prompt templates, their arguments and descriptions, enables testing with custom arguments, and previews generated messages. * **Tools Tab**: Lists available tools, displays their schemas and descriptions, enables testing with custom inputs, and shows execution results. * **Notifications Pane**: Presents all logs recorded from the server and notifications received. ### Best Practices with Inspector * **Development Workflow**: Use the Inspector for initial development to verify basic connectivity and capability negotiation. * **Iterative Testing**: After making server changes, rebuild, reconnect the Inspector, and test affected features while monitoring messages. * **Test Edge Cases**: Use the Inspector to test invalid inputs, missing prompt arguments, and concurrent operations, verifying proper error handling and responses. ## Comprehensive Testing Strategies Testing is an integral part of advanced development, ensuring the reliability, security, and performance of MCP integrations. ### General Testing Practices * **Transport Testing**: Verify communication across different transport mechanisms (stdio, HTTP with SSE). * **Error Handling Verification**: Systematically test how your server handles various error conditions, ensuring graceful degradation and informative error messages. * **Edge Case Analysis**: Test unusual or boundary conditions to uncover unexpected behavior. * **Load Testing**: Evaluate server performance under heavy load to identify bottlenecks and ensure scalability. ### Specific Testing for Tools Tools, being executable functions, require a rigorous testing approach: * **Functional Testing**: Verify that tools execute correctly with valid inputs and handle invalid inputs gracefully according to their defined schemas. * **Integration Testing**: Test tool interactions with external systems. Use both real and mocked dependencies to ensure proper data exchange and state changes. * **Security Testing**: Validate authentication, authorization, input sanitization, and rate limiting mechanisms for each tool. * **Performance Testing**: Check tool behavior under load, verify timeout handling, and ensure proper resource cleanup after execution. * **Error Handling**: Ensure tools properly report errors through the MCP protocol (using `isError: true` in the result) and clean up any resources. ## Leveraging Large Language Models (LLMs) for Development LLMs, such as Claude, can significantly accelerate the development and testing of custom MCP servers and clients by assisting with code generation, explanation, and debugging. ### Preparing the Documentation for the LLM Before engaging an LLM, provide it with comprehensive documentation about MCP: 1. **MCP Protocol Documentation**: Copy the full documentation text from `https://modelcontextprotocol.io/llms-full.txt`. 2. **SDK Documentation**: Copy `README` files and other relevant documentation from the MCP TypeScript SDK (`https://github.com/modelcontextprotocol/typescript-sdk`) or Python SDK repository (`https://github.com/modelcontextprotocol/python-sdk`). 3. **Paste into Conversation**: Provide these documents to your LLM in the conversation context. ### Describing Your Server to the LLM Clearly articulate the desired functionality of your MCP server to the LLM. Be specific about: * The **resources** your server will expose (e.g., table schemas). * The **tools** it will provide (e.g., running read-only SQL queries). * Any **prompts** it should offer (e.g., common data analysis tasks). * Any **external systems** it needs to interact with (e.g., PostgreSQL database). **Example Prompt**: ``` Build an MCP server that: - Connects to my company's PostgreSQL database - Exposes table schemas as resources - Provides tools for running read-only SQL queries - Includes prompts for common data analysis tasks ``` ### Working with the LLM Adopt an iterative approach when collaborating with an LLM: 1. **Start with Core Functionality**: Begin by implementing the essential features, then gradually add more complexity. 2. **Request Explanations**: Ask the LLM to clarify any parts of the generated code or concepts you don't understand. 3. **Iterate and Refine**: Request modifications or improvements to the code as needed based on your requirements. 4. **Leverage for Testing**: Have the LLM assist in generating test cases and handling edge cases for your server. LLMs can help implement all key MCP features, including resource management, tool definitions, prompt templates, error handling, and connection/transport setup. After the LLM generates code, always review it carefully, test it with the MCP Inspector, and connect it to actual MCP clients like Claude.app. ## Advanced Error Handling in MCP Robust error handling is critical for building resilient MCP integrations. MCP defines standard error codes and mechanisms for error propagation. ### Standard MCP Error Codes MCP utilizes standard JSON-RPC 2.0 error codes: ```typescript enum ErrorCode { ParseError = -32700, InvalidRequest = -32600, MethodNotFound = -32601, InvalidParams = -32602, InternalError = -32603 } ``` SDKs and applications can define their own custom error codes above -32000. ### Error Propagation Errors are propagated through: * **Error responses** to requests. * **Error events** on transports. * **Protocol-level error handlers**. ### Best Practices for Error Management * **Appropriate Error Codes**: Use the most fitting error code for the specific issue. * **Helpful Error Messages**: Provide clear and concise error messages that aid in diagnosis. * **Resource Cleanup**: Implement proper cleanup mechanisms to release resources even when errors occur. ### Specific Error Handling for Tools When a tool encounters an error, it should report it within its result object, rather than as a protocol-level error. This allows the LLM to interpret and potentially handle the error. * Set `isError` to `true` in the tool's result. * Include detailed error information in the `content` array of the result. <Tabs> <Tab title="TypeScript"> ```typescript try { // Tool operation const result = performOperation(); return { content: [ { type: "text", text: `Operation successful: ${result}` } ] }; } catch (error) { return { isError: true, content: [ { type: "text", text: `Error: ${error.message}` } ] }; } ``` </Tab> <Tab title="Python"> ```python try: # Tool operation result = perform_operation() return types.CallToolResult( content=[ types.TextContent( type="text", text=f"Operation successful: {result}" ) ] ) except Exception as error: return types.CallToolResult( isError=True, content=[ types.TextContent( type="text", text=f"Error: {str(error)}" ) ] ) ``` </Tab> </Tabs> ### Transport Error Handling Transport implementations should handle various error scenarios, including connection errors, message parsing errors, protocol errors, network timeouts, and ensure proper resource cleanup. ### Sampling Error Handling When using the sampling feature (requesting LLM completions), robust error handling should: * Catch sampling failures. * Handle timeout errors. * Manage rate limits. * Validate responses from the LLM. * Provide fallback behaviors. * Log errors appropriately. ## Security Considerations in MCP Development Security must be a paramount concern across all layers of MCP integration. ### Transport Security * **TLS for Remote Connections**: Always use Transport Layer Security (TLS) for any remote MCP connections to encrypt data in transit. * **Connection Origin Validation**: Validate the origin of incoming connections. * **Authentication and Authorization**: Implement robust authentication mechanisms and validate client credentials. * **Secure Token Handling**: Ensure secure handling of authentication tokens. ### Message Validation * **Validate All Incoming Messages**: Thoroughly validate all incoming messages against expected schemas. * **Sanitize Inputs**: Sanitize all inputs to prevent injection attacks (e.g., command injection, SQL injection). * **Check Message Size Limits**: Implement limits on message sizes to prevent denial-of-service (DoS) attacks. * **Verify JSON-RPC Format**: Ensure all messages conform to the JSON-RPC 2.0 specification. ### Resource Protection * **Access Controls**: Implement granular access controls for all exposed resources. * **Validate Resource Paths**: Sanitize and validate resource paths to prevent directory traversal vulnerabilities. * **Monitor Resource Usage**: Continuously monitor resource access patterns for suspicious activity. * **Rate Limit Requests**: Apply rate limiting to resource requests to prevent abuse and DoS attacks. * **Encrypt Sensitive Data**: Encrypt sensitive data both in transit and at rest. ### Tool Security * **Input Validation**: Validate all tool parameters against their JSON schemas, sanitize file paths and system commands, and check parameter sizes and ranges. * **Access Control**: Implement authentication and authorization checks for tool invocation, audit tool usage, and rate limit requests. * **Error Handling**: Avoid exposing internal errors to clients, log security-relevant errors, handle timeouts, and ensure proper resource cleanup after errors. ### Prompt Security * **Argument Validation**: Validate all arguments provided to prompts. * **Sanitize User Input**: Sanitize any user input that feeds into prompt arguments. * **Rate Limiting**: Consider rate limiting prompt requests. * **Access Controls**: Implement appropriate access controls for prompt usage. * **Audit Prompt Usage**: Monitor and audit how prompts are being used. * **Sensitive Data Handling**: Handle sensitive data within prompts appropriately. * **Validate Generated Content**: If prompts generate content that is then used elsewhere, validate it. * **Prompt Injection Risks**: Be aware of and mitigate prompt injection risks. ### Sampling Security (LLM Interactions) * **Message Content Validation**: Validate all message content sent for sampling. * **Sensitive Information Sanitization**: Sanitize any sensitive information before sending it to the LLM. * **Rate Limits**: Implement appropriate rate limits for sampling requests. * **Monitoring**: Monitor sampling usage for unusual patterns. * **Encryption**: Encrypt data in transit to the LLM. * **User Data Privacy**: Ensure user data privacy is maintained. * **Auditing**: Audit sampling requests. * **Cost Control**: Implement mechanisms to control cost exposure from LLM usage. * **Timeouts**: Implement timeouts for LLM responses. * **Model Error Handling**: Handle errors gracefully from the LLM. ### General Security Best Practices * **Don't Leak Sensitive Information**: Ensure error messages and logs do not expose sensitive internal details. * **Proper Cleanup**: Implement proper cleanup routines for all components. * **Handle DoS Scenarios**: Design your server to withstand and recover from denial-of-service attacks. ## Performance Monitoring and Diagnostics Monitoring the performance of your MCP integrations is crucial for maintaining responsiveness and efficiency. ### Logging for Performance * **Log Operation Timing**: Record the duration of key operations within your server. * **Monitor Resource Usage**: Track CPU, memory, and network usage. * **Track Message Sizes**: Monitor the size of messages exchanged to identify potential overhead. * **Measure Latency**: Measure the end-to-end latency of requests and responses. ### Diagnostics * **Health Checks**: Implement health checks for your server to ensure it's operational. * **Connection State Monitoring**: Track the state of MCP connections. * **Resource Usage Tracking**: Monitor how your server utilizes system resources. * **Performance Profiling**: Use profiling tools to identify performance bottlenecks in your server's code.

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/moarshy/mcp-tutor'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

02_main.md•20.6 kB