MCP setup for agents

ShipVeryFast ships a ready-to-copy Model Context Protocol config so MCP-aware coding agents (Claude Code and others) can read the repo through a scoped filesystem server. This page covers enabling it, what the bundled server does, how to add more servers, and how to keep secrets out of the committed config.

Copying .mcp.json.example to .mcp.json

The repo tracks a single example file, .mcp.json.example, at the project root. MCP-aware agents look for an .mcp.json file, so enabling MCP is a one-line copy:

cp .mcp.json.example .mcp.json

That's the whole setup. The example is intentionally minimal, it wires up one server (filesystem) scoped to the project so an agent can browse and read files without any extra credentials. As AGENTS.md puts it: copy .mcp.json.example → .mcp.json to give MCP-aware agents a filesystem server scoped to the project, and add more servers as needed.

The bundled filesystem server

Here is the example config in full. It registers a single server under mcpServers named filesystem, launched with npx so there is nothing to install ahead of time:

{
  "_comment": "Starter MCP config for Claude Code / MCP-aware agents. Copy to .mcp.json to enable. The filesystem server scopes file access to the project root; add more servers (GitHub, Postgres, etc.) as needed.",
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-filesystem", "."]
    }
  }
}

The server is @modelcontextprotocol/server-filesystem, and the final "." argument is the directory it is allowed to touch, the project root. Because the package is fetched with npx -y at launch time, it is not listed in package.json and you do not need a separate npm install step. The scope is what matters: the agent can read and write inside the boilerplate, but the server has no path outside it.

Adding more servers (GitHub, Postgres)

Every entry under mcpServers is just a command the agent spawns, so you extend the config by adding more keys. Two common additions are a GitHub server (for issues and pull requests) and a Postgres server (so the agent can introspect your schema, handy alongside the Supabase tables this boilerplate expects):

{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-filesystem", "."]
    },
    "github": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-github"],
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_your_token_here"
      }
    },
    "postgres": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-postgres",
        "postgresql://test:test@localhost:5433/shipveryfast_test"
      ]
    }
  }
}

The Postgres connection string above points at this repo's local test database, Postgres 15 on host port 5433, database shipveryfast_test, which you start with npm run db:test:up. Swap in your own connection string for any other database.

The exact server package names and their environment variables vary by MCP server. Treat the GitHub and Postgres blocks above as a template, check each server's own README for the precise command, args, and env it expects.

Which agents read .mcp.json

.mcp.json is the convention for MCP-aware tooling, Claude Code reads it from the project root, and other MCP-aware agents follow the same pattern. This repo is built to be driven by agents in general: it ships AGENTS.md, CLAUDE.md, and .cursorrules as guidance files (for Codex, Cursor, Claude Code, and others), and the MCP config is the data-access half of that story. AGENTS.md explicitly calls out the copy step under its MCP note, so an agent reading the repo will know to enable it.

File	Role
`.mcp.json.example`	Starter MCP config, copy to `.mcp.json` to enable the filesystem server
`AGENTS.md`	Cross-agent guidance (commands, layout, conventions); mirrors `CLAUDE.md`
`CLAUDE.md`	Claude-specific project guide kept in sync with `AGENTS.md`
`.cursorrules`	Cursor rules pointing back to `AGENTS.md` / `CLAUDE.md`

Keeping secrets out of the committed config

Only .mcp.json.example is meant to live in version control. Once you copy it to .mcp.json and start adding servers with real tokens, like the GITHUB_PERSONAL_ACCESS_TOKEN above, that file holds credentials and should never be committed.

The repo's .gitignore does not currently ignore .mcp.json, only the .example file is tracked. Before you add any server that carries a token, add the real file to .gitignore yourself so it can never be pushed.

# .gitignore, keep your real MCP config (with tokens) out of git
.mcp.json

With that line in place, .mcp.json.example stays as the shared, secret-free template and your local .mcp.json can hold whatever credentials your extra servers need.

Next steps

Working with AI coding agents, the guidance files agents follow and the repo conventions they enforce
AI assistant & LLM layer, the @anthropic-ai/sdk (model claude-opus-4-8) and openai integration behind libs/ai/
Project structure, what the filesystem server will be browsing