Show HN: Mcp-use – Connect any LLM to any MCP (github.com)
When the first MCP servers came out we were very excited about the technology, but as soon as we wanted to get our hands dirty, we found out that MCP could be used only through Claude Desktop or Cursor. As engineers, we did not like that. MCP seemed like something you wanted to use to build products and applications yourself, not something to hide behind a closed source application.
So we approached the SDK but were pretty dissatisfied with the developer experience (double async loops, lots of boilerplate). We decided to write mcp-use to make our lives easier.
mcp-use lets you connect any LLM to any MCP server in just 6 lines of code. We provide a high level abstraction over the official MCP SDK that makes your life easier and supports all the functionalities of the protocol.
Demo video here: https://www.youtube.com/watch?v=nL_B6LZAsp4.
The key abstractions we provide are called MCPClient and MCPAgent.
MCPClient takes in a set of server configurations, automatically detects the transport type and creates a background task which handles the stream from/to the server.
MCPAgent is a combination of the MCPClient, an LLM, and a custom system prompt. It consumes the MCP client by transforming the tools, resources and prompts into model agnostic tools that can be called by the LLM.
The library also contains some cool utilities:
- secure sandboxed execution of MCP servers (we know the protocol doesn't shine for security)
- meta-tools that allow the agent to search over available servers and tools (to avoid context flooding) and connect dynamically to the server it needs (you could create the omnipotent agent with this).
Some cool things we did with this: - write an agent that can use a browser and create/read linear tickets updated with latest information on the internet
- write an agent that has access to the metrics of our company to automatically create weekly reports.
- I connected an agent to an IKEA curtain I hacked an MCP on to adapt the lighting of my room from images of the lighting situation.
- recreated am open source claude code like CLI, with full MCP capability but with custom models and BYOK (https://github.com/mcp-use/mcp-use-cli).
We recently crossed 100,000 download and we are used by many organizations, including NASA!
We’d love to hear what you think of it, most importantly how we can improve it! We are happy to answer any questions and look forward to your comments.
24 comments
[ 4.8 ms ] story [ 52.9 ms ] threadHowever, the agent is really just a wrapper of Langchain AgentExecutor. This doesn't seem like something someone would want to put into production.
One: dependence on langchain.
Two: Security? Observability?
Three: You have never asked yourself, why would someone want to connect an LLM to infinite random mcp servers. The vast majority (of mcp tools and servers) are insecure, vibe coded, basically terrible.
Four: There needs to be way more focus on quality versus quantity. It’s easy to connect LLMs to MCP servers, it’s not a problem companies are willing to spend much money on, the issue is ensuring LLMs call the right tools 98%+ of the time with the right parameters.
Five: There are tons and tons of existing projects for connecting LLMs to 1000s of MCP servers, it’s not a novel project, has no technical moat, and importantly, doesn’t solve a super valuable problem.
The better question to ask or problem to solve is this, given a high value problem, how do you get high values of accurate tool use, first time, while providing security and protection against side effects, jail breaking, random issues etc.
Most companies using “mcp” have a model which is using one or two tools (max) at a time and struggling making it work consistently. Giving them a meta tool to connect to 1000s of (mostly useless) tools isn’t helpful and won’t be taken seriously.
One: We've heard similar feedback on Langchain dependency. We also heard it is still widely used in enterprise settings despite its limitations. We're actively exploring alternatives, but it is a pretty crowded space and we could not find the best alternative yet. I'm curious: is there a specific solution you'd recommend? Shall we have our own LLM layer ?
Two: Agreed on observability client-side, improvements are on our roadmap, though currently prioritized lower based on user needs. Regarding security, we manage server-side risks via sandboxes, tool restrictions, and upcoming access control features. Preventing tool poisoning client-side is something we'll look into further. You have any other specific suggestions client side ?
Three: The "infinite server" scenario is not the main focus on the library, I am sorry if that is how is sounded. It is more of an interesting solution to an interesting problem that we wanted to share.
Four: Totally agree on prioritizing quality over quantity. mcp-use emphasizes flexibility and ease of integration, not necessarily connecting to numerous servers. Reliability is a server-client joint effort, when we work with companies this is one of our main focuses.
Five: While similar solutions exist, we've found our approach resonates well with users based on adoption and feedback. That said, this is not the end of the road, we are working and talking with many companies and solving many of the issues you mentioned, most are not so easy to integrate in the library and we offer only as part of our cloud offering.
Thanks again for challenging our thinking! And please if you have inputs it'd be great to have them
If you want to support a local and privacy friendly sandboxed environment for code execution, you may consider something I have built, Coderunner - https://github.com/instavm/coderunner - it uses Apple's native container for hosting a jupyter server and a headless browser.
Https://github.com/langroid/langroid
MCP integration:
https://langroid.github.io/langroid/notes/mcp-tools/
[explained at https://news.ycombinator.com/item?id=44752814]
What’s still missing is structured error semantics. Right now, when a tool explodes the LLM only sees a raw stack trace, so it can’t decide whether to retry or bail. Today, I saw another Show HN post on MCP here: https://news.ycombinator.com/item?id=44778968 which converts exceptions into a small JSON envelope (error, details, isRetryable, etc.) that agents can interpret. Dropping that into mcp-use’s client loop would give you observability + smarter retries for almost free.
I might be missing some important nuances here between client side and server side MCP error handling, which I’ll leave to the authors to discuss. Just thought there might be a good open source collab opportunity here.
The problem with the package above is that it is server side, and I think it should be. Server is the one that knows (has responsibility to know) if a tool is retryable and has informations about the error, and fairly so.
I see though how some sort of improved error formatting could be introduced in the client as well, but it shouldn't contain any logic about the error, rather format the error in the best way possible (in the direction in which it is best understandable by LLMs).