AI
Primordial Tools: Letting Agents Configure Their Own MCPs
Clark started with an empty agent session and a catalog. The agent used MCP find to search for a log seek server, found one, and tried to add it. The server failed to start. The agent looped back, reconfigured it, and brought the server live with new tools in the session. Clark called this the beauty of an empty session: give the agent tools to make itself useful. The three primordial tools are MCP find, MCP add, and MCP config. They let the agent discover, configure, and activate MCP servers without the user leaving the agent to edit a JSON file.
Why Agents Should Not Leave the Session
Clark described the friction of stopping an agent, editing an MCP JSON file, and restarting. He argued the agent should discover all available content and help use it. Configuration is hard: secrets, authorization, installation, remote URLs. Docker’s MCP Gateway acts as a mediator. The agent connects to one endpoint. Behind it, the gateway proxies all MCP content. Clark compared this to Nix, where the environment is a function of inputs, and to Direnv, where tools change per project directory. The goal is relevant context for the task at hand.
Solving the Context Bloat Problem
Clark addressed complaints that MCP servers give agents 200 irrelevant tools. He called this an agent problem, not an MCP problem. Three solutions exist. Deferred tools, invented by Anthropic, mark tools as deferred and let the model ask which ones it actually needs. Sub-agents build an MCP profile for the task and hand it to the main agent. Code mode compresses many tools into one: the agent writes a JavaScript script in a sandbox that calls MCP servers, and the agent context sees only one tool.
Tool Foundries and Sandboxed Runtimes
Clark described live build agent loops where a tool gets written, loaded into the MCP session, tested, rewritten, and tested again. Sandboxed runtimes and catalogs make this safe. The agent receives a catalog and asks: can you use this to solve my problem? Clark noted that MCP catalog add needs red teaming because an agent could build a catalog that attacks another agent through the catalog. He recommended curated catalogs for now.
Notable Quotes
I really thought that we were going to go straight to something that looked a little bit like skills. I thought we’re going to have markdown files of some kind or we’re going to have content that just says, “Hey, this is the thing that I want to do.” Jim Clark · ▶ Watch (1:30)
The beauty of an empty session is if you give it the tools to help you the agent make that session useful for you Jim Clark · ▶ Watch (12:35)
It’s like going to a hardware store and walking in the electrical aisle and going, “These none of this stuff is relevant for the thing that I’m doing.” … It’s not MCP’s problem. MCP is doing a good job here getting tools out. This is an agent problem. Jim Clark · ▶ Watch (17:01)
Key Takeaways
- MCP Gateway gives agents primordial tools to find, add, and configure MCP servers from a catalog.
- Deferred tools, sub-agents, and code mode solve context bloat from hundreds of tools.
- Sandboxed runtimes let agents write, test, and rewrite tools in live loops.
About the Speaker(s)
Jim Clark is a Principal Engineer on the AI Tools and security team at Docker. He spent 25 years building developer tools, including co-founding Atomist (acquired by Docker in 2022). He now containerizes AI agents so they play nicely with humans.