Parent Issue
#19 - Multi-language runtime support via base images
Depends On
Overview
Make MCP (Model Context Protocol) servers a first-class service type in Fabricks, with built-in understanding of the protocol, capability restrictions, and tooling.
Motivation
MCP servers are an ideal use case for Fabricks:
- Security critical: MCP servers have tool execution capabilities
- Trust problem: Users want to run third-party MCP servers safely
- WASM sandboxing: Perfect fit for capability-based security
Target User Experience
[info]
name = "my-mcp-server"
type = "mcp" # New service type
[from]
image = "fabricks.dev/runtimes/python:3.12"
[source]
entrypoint = "server.py"
[capabilities.mcp]
tools = ["read_file", "search"] # Allowed tool names
resources = ["file://*"] # Allowed resource patterns
max_context_size = "100KB" # Limit context window usage
Features
1. MCP-aware service type
New type = "mcp" that understands:
- JSON-RPC protocol over stdio or HTTP/SSE
- Tool definitions and invocations
- Resource access patterns
- Prompt/context handling
2. Capability restrictions for MCP
Fine-grained control over what an MCP server can do:
[capabilities.mcp]
# Which tools the server can expose
tools = ["read_file", "write_file", "search"]
# Resource URI patterns allowed
resources = [
"file:///allowed/path/*",
"https://api.example.com/*"
]
# Limits
max_tool_response_size = "1MB"
max_concurrent_tools = 5
3. MCP protocol proxy
The daemon can optionally proxy MCP traffic to:
- Audit tool calls
- Enforce capability restrictions
- Rate limit requests
- Log for compliance
4. MCP discovery
fabricks mcp list - Show available MCP serversfabricks mcp inspect <service> - Show tools/resources a server provides
5. Integration with Claude/AI clients
Easy connection string generation:
fabricks mcp connect my-mcp-server
# Outputs configuration for Claude Desktop, etc.
Implementation Phases
- Basic MCP type: Recognize
type = "mcp", treat as HTTP/stdio service
- MCP capability model: Add
[capabilities.mcp] section
- Protocol-aware proxy: Inspect and enforce MCP traffic
- Discovery and tooling: CLI commands for MCP management
Example: Running a Third-Party MCP Server
# Clone someone's MCP server
git clone https://github.com/someone/cool-mcp-server
cd cool-mcp-server
# Add a Fabrickfile
fabricks init --type mcp --runtime python
# Build and run with restricted capabilities
fabricks build
fabricks run .
References
Acceptance Criteria
Parent Issue
#19 - Multi-language runtime support via base images
Depends On
Overview
Make MCP (Model Context Protocol) servers a first-class service type in Fabricks, with built-in understanding of the protocol, capability restrictions, and tooling.
Motivation
MCP servers are an ideal use case for Fabricks:
Target User Experience
Features
1. MCP-aware service type
New
type = "mcp"that understands:2. Capability restrictions for MCP
Fine-grained control over what an MCP server can do:
3. MCP protocol proxy
The daemon can optionally proxy MCP traffic to:
4. MCP discovery
fabricks mcp list- Show available MCP serversfabricks mcp inspect <service>- Show tools/resources a server provides5. Integration with Claude/AI clients
Easy connection string generation:
fabricks mcp connect my-mcp-server # Outputs configuration for Claude Desktop, etc.Implementation Phases
type = "mcp", treat as HTTP/stdio service[capabilities.mcp]sectionExample: Running a Third-Party MCP Server
References
Acceptance Criteria
type = "mcp"recognized as valid service type[capabilities.mcp]section parsed and validatedexamples/directory