Anthropic turns MCP agents into code-first systems with a “code execution with MCP” approach

There is a scaling issue with agents using the Model Context Protocol MCP. Every tool definition and every intermediate result is pushed through the context window, which means large workflows consume tokens and quickly hit latency and cost limits. Humanity’s newExecute code using MCP’ mode Refactor this pipeline by turning the MCP tool into a code-level API and requiring the model to write and run code rather than calling the tool directly.

Problem, MCP tool calls as direct model

MCP is an open standard that allows AI applications to connect to external systems through an MCP server that exposes tools. These tools allow models to query databases, call APIs, or process files through a unified interface.

In default mode, the agent loads a number of tool definitions into the model context. Each tool definition contains schema information and metadata. The intermediate results of each tool call are also transferred back to the context so that the model can decide on the next call.

Anthropic describes a typical scenario where an agent uses Google Drive’s MCP server to obtain a longer sales meeting transcript and then updates the record with that transcript using another MCP server from Salesforce. The complete transcript is first returned through the model and then sent back again when the Salesforce tool is called. For long sessions, this could add tens of thousands of extra tokens that don’t change the logic of the task.

This model does not scale when there are many MCP servers and many tools. This model requires reading large tool directories and moving large payloads between tools. Latency increases, cost increases, and contextual constraints become a hard upper limit on system behavior.

Transformation that represents the MCP server as a code API

Anthropic’s recommendation is to place the MCP in the code execution loop. Rather than having the model call the tool directly, the MCP client exposes each server as a set of code modules in the file system. The model writes TypeScript code that imports and combines these modules, and the code runs in a sandbox environment.

This pattern has three main steps.

1. The MCP client generates a directory, for example servers Mirror available MCP servers and tools.
2. For each MCP tool, it creates a thin wrapper function implemented in the source file, e.g. servers/google-drive/getDocument.tswhich internally calls the MCP tool using typed parameters.
3. The model is instructed to write TypeScript code to import these functions, run them, and handle control flow and data movement within the execution environment.

The early Google Drive and Salesforce workflow became a short script. The script calls the Google Drive wrapper once, operates or inspects the data locally, and then calls the Salesforce wrapper. Large transcripts will not pass the model, only the final state and any small samples or summaries will.

Cloudflare’s “Code Patterns” effort uses the same idea in its Workers platform. It converts MCP tools into a TypeScript API and runs model-generated code within isolation with restricted bindings.

Quantitative impact, token usage dropped 98.7%

Anthropic reports on a specific example. The workflow, which previously consumed approximately 150,000 tokens when tools and intermediate data were passed directly through the model, is now reimplemented through code execution and a file system based on the MCP API. The new model uses approximately 2,000 tokens. This scenario has a 98.7% reduction in token usage, which also reduces costs and latency.

Benefits Designed for Agency Builders

Using MCP to execute code brings some practical benefits to engineers designing agents:

Progressive tool discovery:Agent does not require all tool definitions in the context. It can explore the generated file system, list available servers, and read specific tool modules only when needed. This moves the tool directory from the model context into the code, so tokens are only spent on relevant interfaces.

Contextually efficient data processing: Large data sets remain in the execution environment. For example, TypeScript code can read a large spreadsheet through the MCP tool, filter rows, calculate aggregates, and log only small sample and summary statistics back to the model. The model sees a compact view of the data, while the hard work happens in the code.

Privacy protection operations: Anthropic describes a pattern in which sensitive fields (such as email or phone) are tokenized in the execution environment. The model sees the placeholders, and the MCP client maintains the security map and restores the actual values ​​when downstream tools are called. This allows data to be moved between MCP servers without exposing the original identifier to the model.

Status and reusable skills: The file system allows agents to store intermediate files and reusable scripts. Helper scripts that convert worksheets into reports can be saved in skills directory and import it in a later session. Anthropic relates this idea to Claude Skills, where collections of scripts and metadata define higher-level functionality.

Anthropic’s “code execution with MCP” approach is a smart next step for MCP-backed agents. It directly attacks the token cost of loading tool definitions and routing large intermediate results through context by exposing the MCP server as a code API and pushing work to a sandboxed TypeScript runtime. This makes agents more efficient while also forcing teams to take code execution security seriously. This release transforms MCP from a list of tools into an executable API interface.