MCP Workflows & Troubleshooting

Individual MCP servers are useful. Combining them into workflows is where the real power lives. This guide covers four battle-tested workflows, security best practices, and a comprehensive troubleshooting reference.

Workflow 1: Database-Driven Development

MCP servers used: PostgreSQL + GitHub

The "query, investigate, fix, ship" loop — all from Claude Code.

Database-Driven Development

The Workflow

Step 1: Investigate with data

Bash

Connect to the analytics database. Show me users who signed up
in the last 7 days but never completed onboarding. What step
are they dropping off at?

Step 2: Find the code

Bash

Based on that data, it looks like step 3 (email verification)
has a 60% drop-off. Find the code that handles email verification
in our codebase and look for potential issues.

Step 3: Fix and ship

Bash

Fix the race condition in the email verification handler.
Write a test that reproduces the bug. Then create a PR with
a clear description of what we found and fixed.

Team Sharing

Share your database MCP config with your team via .mcp.json:

JSON

1{
2  "mcpServers": {
3    "analytics": {
4      "command": "npx",
5      "args": ["-y", "@modelcontextprotocol/server-postgres"],
6      "env": {
7        "DATABASE_URL": "${ANALYTICS_DB_URL}"
8      }
9    }
10  }
11}

Each team member sets their own ANALYTICS_DB_URL environment variable.

Workflow 2: Full-Stack Debugging

MCP servers used: Sentry + GitHub + Filesystem

The "error to fix" pipeline for production bugs.

Full-Stack Debug Loop

The Workflow

Step 1: Identify the error

Bash

What are the top 5 unresolved Sentry errors from the last 24 hours?
Show frequency, affected users, and stack traces.

Step 2: Correlate with code

Bash

The TypeError in checkout.ts looks related to the payment refactor
from last week. Show me the recent commits that touched checkout
and payment files.

Step 3: Fix and verify

Bash

I see the issue — the optional chaining was removed in commit abc123.
Fix it, add a regression test, and create a PR that references
the Sentry issue.

Workflow 3: Research-to-Code Pipeline

MCP servers used: Fetch + Memory

For academic and data users building API integrations.

The Workflow

Step 1: Research an API

Bash

Fetch the GBIF API documentation at https://www.gbif.org/developer/summary.
I need to understand how to query occurrence records by species and
location. Save the key endpoints and auth patterns to memory.

Step 2: Build on prior knowledge (later session)

Bash

What do we know about the GBIF API from our earlier research?
Now implement a Python function that queries coral reef species
occurrences within a bounding box around Mo'orea.

Step 3: Iterate with context

Bash

The API is returning 400 errors. Fetch the error codes documentation
and update our memory with the common error patterns. Then fix the query.

Memory MCP Architecture

The Memory MCP stores a knowledge graph of entities connected by typed relationships. Claude can query specific entities and their relationships, making it excellent for building domain knowledge over time.

Workflow 4: CI/CD Integration

MCP servers used: GitHub + Shell Commands

Debug failing CI without leaving the terminal.

CI/CD Debug Loop

The Workflow

Bash

Check the CI status on my current branch. If there are failures,
show me the failing test names and error messages.

Bash

Run just the failing test locally so we can see the full output.

Bash

Fix the test. Run the full suite to make sure nothing else broke.
Push when it's green.

MCP Security Best Practices

Security is the most important consideration when connecting AI to real systems.

Security is Not Optional

In mid-2025, a Supabase agent running with privileged service-role access processed support tickets containing user-supplied input as commands. Attackers embedded SQL instructions that exfiltrated sensitive tokens. MCP security incidents are real.

The Threat Landscape

Attack Type	How It Works	Primary Defense
Tool Poisoning	Malicious instructions hidden in MCP tool metadata that AI models follow but humans cannot see	Review third-party MCP source code
Prompt Injection	User-supplied data contains instructions the AI executes	Least-privilege access; never use admin credentials
Rug Pull	MCP tool silently changes its definition after installation	Pin MCP versions; audit tool descriptions
Credential Exfiltration	Malicious MCP reads environment variables or credentials	Sandbox processes; use scoped tokens

Security Principles

1. Principle of Least Privilege

SQL

1-- GOOD: Read-only database user
2CREATE ROLE mcp_readonly WITH LOGIN PASSWORD 'secure-password';
3GRANT SELECT ON ALL TABLES IN SCHEMA public TO mcp_readonly;
4 
5-- BAD: Using your admin connection string — NEVER do this

2. Environment Variables for Secrets

JSON

1{
2  "mcpServers": {
3    "database": {
4      "command": "npx",
5      "args": ["-y", "@bytebase/dbhub", "--dsn"],
6      "env": {
7        "DATABASE_URL": "${DB_READONLY_URL}"
8      }
9    }
10  }
11}

Set actual values in your shell profile (which is in .gitignore):

Bash

# In ~/.zshrc
export DB_READONLY_URL="postgresql://readonly:pass@localhost:5432/myapp"

3. Review Third-Party MCP Code

Bash

# Clone and read the source before trusting it
git clone https://github.com/some-author/some-mcp-server
# Review: What does it access? Does it phone home?
# Are tool descriptions honest? Does it request more permissions than needed?

4. Auditing and Monitoring

Bash

claude mcp list               # Check active servers
claude mcp get <server-name>  # Inspect tools and permissions
claude --mcp-debug            # Verbose MCP logging

Security Checklist

Security Check	Required
Read-only database connections	Always
Environment variables for secrets	Always
Review third-party MCP source code	Always
Scoped API tokens (minimum permissions)	Always
Pin MCP server versions	Recommended
Regular credential rotation	Recommended
Audit tool descriptions periodically	Recommended
Container isolation for sensitive MCPs	For production

MCP Troubleshooting Guide

Problem: Server Won't Connect

This is the most common MCP issue. Follow these steps systematically:

1
Check config file location
Claude Code reads MCP config from:
- Project-level: .mcp.json in project root
- User-level: ~/.claude.json
Claude Code does NOT read servers from ~/.claude/settings.json.
Bash
cat .mcp.json # Project-level cat ~/.claude.json # User-level
2
Validate JSON syntax
Bash
cat .mcp.json | python3 -m json.tool
Watch for trailing commas and missing quotes.
3
Use the /mcp command
Type /mcp in Claude Code to see which servers are connected and which failed.
4
Enable debug logging
Bash
claude --mcp-debug
Shows full JSON-RPC message exchange.

Test the server directly

Bash

npx -y @bytebase/dbhub --dsn "postgresql://readonly:pass@localhost:5432/mydb"
# If this crashes, the problem is the server, not Claude Code

Problem: Error -32000 "Connection Closed"

The most common runtime error — the transport lost the connection.

Cause	Fix
Server writes to stdout	Use console.error() instead of console.log()
Node.js version mismatch	Some MCPs need Node 18+. Check with node --version
Server crashes on startup	Run the server command manually to see the error
Missing environment variables	Ensure env vars are set in your shell profile

The stdout Trap

The #1 cause of error -32000: an MCP server using console.log() instead of console.error(). MCP's stdio transport uses stdout exclusively for JSON-RPC messages. Any non-protocol output corrupts the stream and kills the connection.

Problem: Server Loses Connection Mid-Session

Bash

1# Restart without restarting Claude Code
2claude mcp restart <server-name>
3 
4# Or restart all
5claude mcp restart

Quick Diagnostic Checklist

1
Verify config location
Is config in .mcp.json or ~/.claude.json? Not ~/.claude/settings.json.
2
Validate JSON
python3 -m json.tool < .mcp.json
3
Check /mcp status
Run /mcp — are servers connected?
4
Test server manually
Run the MCP command directly. Does it start?
5
Check env vars
env | grep YOUR_VAR
6
Enable debug mode
claude --mcp-debug
7
Isolate the problem
Disable all but one server. Add back one at a time.

Performance & Cost Considerations

API Rate Limits

MCP Server	Rate Limit	Mitigation
GitHub	5,000 requests/hour	Cache repo data; batch operations
Slack	Tier-based rate limits	Avoid polling; use targeted queries
Sentry	Org-level limits	Query specific issues, not broad searches
Postgres	Connection pool exhaustion	Use read replicas; set statement timeout

Context Window Costs

Every MCP tool call adds tokens to the conversation:

Tool descriptions loaded at start: ~500-2,000 tokens per server
Each tool call result: Variable (100-10,000+ tokens)

Fewer Servers = Better Performance

AI performance degrades as tool count increases. Connect only the servers you need for the current task rather than loading everything at once.

When NOT to Use an MCP

Scenario	Simpler Alternative
Read a single API response	Paste the curl output into the conversation
Check one database value	Run the query in terminal, paste the result
Simple file operations	Claude Code has built-in file access
One-off git operations	Claude Code has built-in git and gh CLI

The MCP Decision Rule

Use an MCP when you need repeated, automated access to an external resource. If you only need something once, pasting it into the conversation is faster.

The MCP Ecosystem in 2026

Adoption

97M+ monthly SDK downloads across Python and TypeScript
Backed by Anthropic, OpenAI, Google, and Microsoft
Integrated into VS Code, Cursor, Windsurf, Replit, and most AI IDEs
Governed by the Agentic AI Foundation (Linux Foundation)

Server Discovery

GitHub MCP Registry — Official collection
mcp.so — Community directory with search
PulseMCP — Curated directory with stats
Smithery.ai — 2,200+ servers, marketplace-style

Emerging Patterns

Multi-agent MCP workflows — Multiple Claude instances sharing servers
MCP gateways — Proxy layers adding auth, rate limiting, and caching
Multimodal MCP — 2026 roadmap includes images, audio, video as resource types
Policy-as-Code — OPA-style rules controlling what tools can be called

Essential Commands Reference

Command	What It Does
claude mcp add	Add a new MCP server
claude mcp list	List all configured servers
claude mcp get <name>	Show details for a specific server
claude mcp remove <name>	Remove a server
claude mcp restart	Restart MCP servers
/mcp	Interactive status and auth in Claude Code
claude --mcp-debug	Verbose MCP logging

Next Steps

Pick one workflow from this page that matches a real problem
Set up the MCP servers needed for that workflow
Run through it end-to-end, noting friction
Share .mcp.json with your team
Review security — read-only credentials and environment variables

Related Topics:

Essential MCP Servers → — Server installation reference
Building Custom MCPs → — Create your own
MCP Fundamentals → — Protocol deep-dive

From Tools to Workflows

The real power of MCP is composing multiple servers into workflows that handle entire tasks. Start with one server that solves a genuine pain point. Use it for a week. Then add a second and connect them. That is how production MCP usage develops — incrementally, driven by real needs.

MCP Workflows & Troubleshooting

Workflow 1: Database-Driven Development

The Workflow

Workflow 2: Full-Stack Debugging

The Workflow

Workflow 3: Research-to-Code Pipeline

The Workflow

Workflow 4: CI/CD Integration

The Workflow

MCP Security Best Practices

The Threat Landscape

Security Principles

Security Checklist

MCP Troubleshooting Guide

Problem: Server Won't Connect

Check config file location

Validate JSON syntax

Use the /mcp command

Enable debug logging

Test the server directly

Problem: Error -32000 "Connection Closed"

Problem: Server Loses Connection Mid-Session

Quick Diagnostic Checklist

Verify config location

Validate JSON

Check /mcp status

Test server manually

Check env vars

Enable debug mode

Isolate the problem

Performance & Cost Considerations

API Rate Limits

Context Window Costs

When NOT to Use an MCP

The MCP Ecosystem in 2026

Adoption

Server Discovery

Emerging Patterns

Essential Commands Reference

Next Steps