MCP Server Architecture
System Overviewβ
Supernal Coding provides a comprehensive MCP (Model Context Protocol) server architecture that enables seamless connection between Claude Code, local development workflows, and compliance management systems.
graph TB
subgraph "User Interface"
User[User/Developer]
Claude[Claude Code Interface]
end
subgraph "MCP Protocol Layer"
MCP[MCP Server<br/>stdio/JSON-RPC]
end
subgraph "Tool Layer"
ReqMgr[Requirement<br/>Manager]
KanbanMgr[Kanban<br/>Manager]
GitMgr[Git<br/>Manager]
AgentMgr[Agent<br/>Manager]
ValidationMgr[Validation<br/>Manager]
RulesMgr[Rules<br/>Manager]
SyncMgr[Sync<br/>Manager]
end
subgraph "Synchronization Layer"
ChangeDetect[Change Detection]
ConflictRes[Conflict Resolution]
EventEmit[Event Emission]
end
subgraph "Data Layer"
LocalFS[Local File System]
GitRepo[Git Repository]
ConfigFiles[Configuration Files]
end
User --> Claude
Claude --> MCP
MCP --> ReqMgr
MCP --> KanbanMgr
MCP --> GitMgr
MCP --> AgentMgr
MCP --> ValidationMgr
MCP --> RulesMgr
MCP --> SyncMgr
ReqMgr --> ChangeDetect
KanbanMgr --> ChangeDetect
GitMgr --> ChangeDetect
ChangeDetect --> ConflictRes
ConflictRes --> EventEmit
EventEmit --> LocalFS
EventEmit --> GitRepo
EventEmit --> ConfigFiles
Backend Integration Optionsβ
graph TB
subgraph "MCP Server"
Sync[Synchronization Layer]
Webhook[Webhook Integration]
end
subgraph "Backend Options"
REST[REST Backend]
GraphQL[GraphQL Backend]
WebSocket[WebSocket Backend]
end
subgraph "Data Storage"
API[REST API Server]
DB[Database Direct]
end
Sync --> REST
Sync --> GraphQL
Sync --> WebSocket
Webhook --> REST
Webhook --> GraphQL
Webhook --> WebSocket
REST --> API
GraphQL --> API
WebSocket --> API
REST --> DB
GraphQL --> DB
WebSocket --> DB
Higher-Level System Integrationβ
graph TB
subgraph "MCP Server Layer"
MCP[MCP Server]
end
subgraph "Higher-Level Systems"
Enterprise[Enterprise Systems]
Cloud[Cloud Platforms]
CICD[CI/CD Pipelines]
Monitoring[Monitoring Systems]
end
MCP --> Enterprise
MCP --> Cloud
MCP --> CICD
MCP --> Monitoring
Integration Capabilitiesβ
- Project Management (Jira, Asana, Linear)
- Quality Systems (QMS platforms)
- Compliance Tracking (GRC systems)
- Analytics/Metrics (Business Intelligence)
- Team Collaboration (Slack, Teams, Discord)
Integration Layersβ
Layer 1: Claude Code β MCP Serverβ
Protocol: Model Context Protocol (MCP) over stdio/JSON-RPC
Capabilities:
- Tool-based operations (requirements, kanban, git, etc.)
- Resource access (bulk data retrieval)
- Real-time context awareness
- Structured error handling
Benefits:
- Native integration with Claude Code
- No HTTP overhead
- Type-safe communication
- Bidirectional streaming
Layer 2: MCP Server β Local Systemβ
Integration Points:
- File system operations
- Git repository access
- Shell command execution
- Configuration management
Managers:
- RequirementsManager - Requirements CRUD operations
- KanbanManager - Task board management
- ValidationManager - Quality gate enforcement
- GitManager - Git workflow automation
- AgentManager - Agent handoff/collaboration
- RulesManager - Context-aware rule application
Layer 3: Local System β Higher-Level Systemsβ
Synchronization:
- Bidirectional change propagation
- Conflict detection and resolution
- Event-driven webhooks
- Metrics collection
Backends:
- REST API - Standard HTTP/HTTPS
- GraphQL - Query-based API
- WebSocket - Real-time bidirectional
- Custom - User-defined implementations
Data Flowβ
Read Operationsβ
1. Claude Code β Tool Request β MCP Server
2. MCP Server β Manager β Local Files
3. Local Files β Parse/Validate β Manager
4. Manager β Structured Data β MCP Server
5. MCP Server β JSON Response β Claude Code
Example:
User: "Show critical requirements"
β sc_req_list(priority="Critical")
β RequirementsManager.list({priority: "Critical"})
β Read from supernal-coding/requirements/**/*.md
β Parse YAML frontmatter + Gherkin scenarios
β Return filtered list
Write Operationsβ
1. Claude Code β Tool Request β MCP Server
2. MCP Server β Manager β Validation
3. Validation OK β Local Files Updated
4. Update Detection β Sync Manager
5. Sync Manager β Change Queue
6. [Auto-sync enabled] β Backend.push()
7. Backend β Higher-Level System
Example:
User: "Create authentication requirement"
β sc_req_new(title="User Auth", epic="security")
β RequirementsManager.create({...})
β Execute: sc req new "User Auth" --epic=security
β File created: requirements/security/req-XXX-user-auth.md
β SyncManager.addPendingChange({type: "requirement", ...})
β [Auto-sync] β Backend.push([change])
β POST https://api.example.com/supernal/push
Synchronization Flowβ
ββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Sync Cycle (Every N seconds) β
ββββββββββββββββββββ¬ββββββββββββββββββββββββββββββββ
β
βββββββββββ΄ββββββββββ
β 1. Pull Remote β
β Changes β
βββββββββββ¬ββββββββββ
β
βββββββββββ΄ββββββββββ
β 2. Detect β
β Conflicts β
βββββββββββ¬ββββββββββ
β
βββββββββββ΄ββββββββββ
β 3. Resolve β β Strategy: manual/local/remote/latest
β Conflicts β
βββββββββββ¬ββββββββββ
β
βββββββββββ΄ββββββββββ
β 4. Apply β
β Changes β
βββββββββββ¬ββββββββββ
β
βββββββββββ΄ββββββββββ
β 5. Push Local β
β Changes β
βββββββββββ¬ββββββββββ
β
βββββββββββ΄ββββββββββ
β 6. Update β
β Status β
βββββββββββββββββββββ
Communication Patternsβ
Request/Response (Tools)β
Used for discrete operations:
{
"method": "tools/call",
"params": {
"name": "sc_req_validate",
"arguments": {
"id": "REQ-037"
}
}
}
Resource Access (Bulk Data)β
Used for large data sets:
{
"method": "resources/read",
"params": {
"uri": "requirements://list"
}
}
Event-Driven (Webhooks)β
Used for async notifications:
{
"event": "sync.conflict",
"data": {
"id": "REQ-037",
"local": {...},
"remote": {...}
},
"timestamp": "2025-10-27T20:00:00Z"
}
Scalability Considerationsβ
Caching Strategyβ
ββββββββββββββββββββββββββββββββββββββββ
β MCP Server Cache β
ββββββββββββββββββββββββββββββββββββββββ€
β Requirements List (TTL: 5min) β
β Kanban Boards (TTL: 2min) β
β Active Rules (TTL: 10min) β
β Config (TTL: 30min) β
ββββββββββββββββββββββββββββββββββββββββ
Invalidation:
- File system changes β Invalidate related cache
- Config updates β Invalidate config cache
- Manual invalidation via tool
Batch Operationsβ
Good:
Access requirements://list (all at once)
Process locally in Claude Code
Bad:
Loop: sc_req_read(id) for each requirement
Multiple tool calls
Sync Optimizationβ
[sync]
# Reduce frequency
syncInterval = 300000 # 5 minutes
# Filter what syncs
[sync.filters]
includeRequirements = true
includeKanban = true
includeRules = false
excludePatterns = ["*.draft.md", "*.local.md"]
# Batch changes
batchSize = 50 # Push 50 changes at once
batchDelay = 5000 # Wait 5s to accumulate changes
Security Architectureβ
Authenticationβ
βββββββββββββββ
β Claude Code β
ββββββββ¬βββββββ
β MCP (local, trusted)
ββββββββ΄βββββββ
β MCP Server β
ββββββββ¬βββββββ
β API Key (env var)
ββββββββ΄βββββββ
β Backend β
ββββββββ¬βββββββ
β Auth Header
ββββββββ΄βββββββ
β Remote API β
βββββββββββββββ
Data Privacyβ
Local Data:
- Stored in project directory
- Subject to
.gitignore - Not shared without consent
Sync Data:
- Filtered by configuration
- Encrypted in transit (HTTPS/WSS)
- API key required
- User consent respected
Consent Modes:
ai_agent_deny- No automatic sharingmanual- Ask every timenever- Never syncalways- Auto-sync (with filters)
Error Handlingβ
Resilience Strategyβ
ββββββββββββββββ
β Tool Call β
ββββββββ¬ββββββββ
β
βββββ΄βββββ
β Retry? β β Transient errors: network, timeout
βββββ¬βββββ
β
βββββ΄βββββ
βFallbackβ β Degraded mode: cache, local-only
βββββ¬βββββ
β
βββββ΄βββββ
β Error β β Structured error with guidance
ββββββββββ
Error Typesβ
- Tool Errors - Invalid parameters, not found
- Sync Errors - Network, conflicts, auth
- Validation Errors - Pre-commit hooks, validation
- System Errors - File access, permissions
Monitoring & Observabilityβ
Metrics Collectionβ
[metrics]
enabled = true
endpoint = "https://metrics.example.com"
reportInterval = 300000 # 5 minutes
collectToolUsage = true
collectSyncMetrics = true
collectValidationMetrics = true
collectPerformanceMetrics = true
Collected Metrics:
- Tool call frequency and latency
- Sync success/failure rates
- Conflict resolution outcomes
- Cache hit/miss rates
- Error rates by type
Health Checksβ
Backend Health Check (every sync cycle):
- GET /health
- Verify connectivity
- Check auth validity
- Report to sync status
Extension Pointsβ
Custom Toolsβ
Add domain-specific tools:
// tools/my-tool.js
class MyTool {
async myOperation(params) {
// Custom logic
}
}
Custom Backendsβ
Integrate with any system:
// sync/backends/my-backend.js
class MyBackend {
async push(changes) {
// Custom sync logic
}
async pull() {
// Custom retrieval
}
}
Custom Webhooksβ
React to events:
[sync.webhooks]
onPush = "https://api.example.com/webhook/push"
onConflict = "https://api.example.com/webhook/conflict"
Best Practicesβ
1. Use Appropriate Integration Layerβ
- Simple operations β MCP tools
- Bulk data β MCP resources
- External systems β Sync layer
2. Optimize Data Transferβ
- Use resources for bulk access
- Enable caching
- Filter synced data
- Batch operations
3. Handle Errors Gracefullyβ
- Provide clear error messages
- Offer recovery options
- Fall back to local-only
- Log for debugging
4. Secure Communicationsβ
- Use HTTPS/WSS only
- Store keys in env vars
- Respect consent settings
- Audit access
5. Monitor Performanceβ
- Track metrics
- Set up alerts
- Review logs
- Optimize bottlenecks