The practitioner's guide to building and running Model Context Protocol servers in production. Out today. PDF, EPUB, $59, free updates as the spec evolves.
The first version of @yawlabs/aws-mcp exposed every AWS API operation it could find. The reasoning was straightforward: a wrapper server should not pre-decide what the model does or does not need. Let the model see everything. Let the model choose.
The tool list was forty thousand tokens.
The model could not reason about it. It would call the right tool maybe a third of the time, the wrong-but-adjacent tool another third, and time out staring at the menu the rest. Token cost per task was four dollars. The "let the model see everything" version of the server was, technically, a working MCP server. It was also unusable. That afternoon is the day the schema-design chapter started.
This book is what fourteen MCP servers - tailscale-mcp, aws-mcp, npmjs-mcp, lemonsqueezy-mcp, and the rest - taught us we needed to write down. It is out today. PDF, EPUB, free updates.
Part 1 - Foundations. Chapters 1-3 set up the protocol model. Why MCP exists and what it solved that Plugins and function-calling didn't (Chapter 1 is the free preview). The four architectural shapes a real server takes: stdio adapter, HTTP service, in-process embedded, and the trade-offs between them. Then a worked example - npm init through npm publish - that the rest of the book refers back to.
Part 2 - Surface. Chapters 4-7. The auth chapter (the four common patterns, the LLM-vs-human identity-flow problem, what to do when your upstream API has a token model that does not match any of the four). The longest chapter, schema design (naming, parameter modeling, description-writing, the tool-list size problem - the forty-thousand-token version of aws-mcp shows up here). Tool composition (output-shape-as-input-shape, list-then-detail, idempotency under retries, cross-server composition). Error handling the model can act on (the throw-discipline rule, trigger phrases, transient vs terminal retry, a six-axis grading rubric).
Part 3 - Lifecycle. Chapters 8-10. Testing a probabilistic consumer (unit, integration, end-to-end; the harness pattern that makes E2E tolerable; golden-file tests for tools whose formatted output matters). Hosting without going broke on idle (six realistic options for HTTP servers, an honest comparison of managed MCP platforms, container packaging, reproducible builds off your laptop). Security review survival (threat model, mitigations, the questions a competent reviewer will ask, a checklist you can run yourself).
Part 4 - In practice. Chapters 11-12. Four case studies from the @yawlabs portfolio: tailscale-mcp (the first one, what we got right and wrong), npmjs-mcp (the auth-shaped one), aws-mcp (schema-design lessons), lemonsqueezy-mcp (errors and money). Each one walks through the architecture, the surprises, the bugs that shipped, and what a v2 would look like. Then what's next - in-flight spec changes, ecosystem gaps, and the bets I'd make today.
The MCP spec is good. The reference SDKs are good. The "hello world" tutorials are good. None of them tell you what happens between "my server returns a tool list" and "my server has been running in production for six months, the auth model survives a security review, and when it breaks I know within four minutes."
That is the gap. It is full of decisions the spec does not make for you - because it is correct that the spec does not make them - and that the docs do not cover - because they cannot, without anchoring to a stack. This book anchors to fourteen real, shipping @yawlabs/* servers and reads back what each one taught us.
You ship code for a living. You have read the MCP spec and shipped at least one server. You know what tools/list and notifications/initialized are without looking them up. You want to know why your aws-mcp tool list is forty thousand tokens, what to do about it, and how to keep your auth model from buckling the moment a security reviewer reads it.
You are somewhere between mid and senior on the IC ladder, or a tech lead deciding how to invest your team's MCP work.
If you are looking for a spec walkthrough, modelcontextprotocol.io does that better than this book would. If you are looking for "what is MCP" - this book will be over your head. The disciplines port across stacks; the examples here are TypeScript-and-Node-shaped because that is what the @yawlabs servers are.
MCP in Production is Volume I of the Yaw Labs Production Series. Volume II, Claude Code in Production, covers the operator side - running the agent that calls these servers. Together they bracket the agentic-tooling stack: the builder's view of MCP and the operator's view of Claude Code.
@yawlabs/* server repositories the book references. Every example is grounded in shipping code you can read.If you want to read before you buy, the free preview at mcp.hosting/mcp-in-production/why-mcp is the full Chapter 1. The shape of the book matches the shape of the preview.
Published by Yaw Labs.
Buy MCP in Production
Twelve chapters. PDF + EPUB. Free updates. $59 one-time payment, secure checkout.
We write about AI tools and terminal workflows weekly. Subscribe to Token Limit News.