Agents that use the Model Context Protocol MCP have a scaling problem. Every tool definition and every intermediate result is pushed through the context window, which means large workflows burn tokens and hit latency and cost limits fast. Anthropic’s new ‘code execution with MCP’ pattern restructures this pipeline by turning MCP tools into code level APIs and asking the model to write and run code instead of calling tools directly.
The problem, MCP tools as direct model calls
MCP is an open standard that lets AI applications connect to external systems through MCP servers that expose tools. These tools let a model query databases, call APIs, or work with files through a unified interface.
In the default pattern, an agent loads many tool definitions into the model context. Each tool definition contains schema information and metadata. Intermediate results from each tool call are also streamed back into the context so the model can decide the next call.
Anthropic describes a typical case where an agent uses an MCP server for Google Drive to fetch a long sales meeting transcript and then uses another MCP server for Salesforce to update a record with that transcript. The full transcript is first returned through the model, then sent back again when the Salesforce tool is called. For a long meeting this can add tens of thousands of extra tokens that do not change the logic of the task.
When there are many MCP servers and many tools, this pattern does not scale. The model pays to read large tool catalogs and to move large payloads between tools. Latency increases, costs grow, and context limits become a hard cap on system behavior.
The shift, represent MCP servers as code APIs
Anthropic’s proposal is to place MCP inside a code execution loop. Instead of letting the model call tools directly, the MCP client exposes each server as a set of code modules in a filesystem. The model writes TypeScript code that imports and composes those modules, and this code runs in a sandboxed environment.
The pattern has three main steps.
- The MCP client generates a directory such as
serversthat mirrors the available MCP servers and tools. - For each MCP tool, it creates a thin wrapper function implemented in a source file, for example
servers/google-drive/getDocument.ts, that internally calls the MCP tool with typed parameters. - The model is instructed to write TypeScript code that imports these functions, runs them, and handles control flow and data movement inside the execution environment.
The earlier Google Drive and Salesforce workflow becomes a short script. The script calls the Google Drive wrapper once, manipulates or inspects the data locally, then calls the Salesforce wrapper. The large transcript does not pass through the model, only the final status and any small samples or summaries do.
Cloudflare’s ‘Code Mode’ work uses the same idea in its Workers platform. It converts MCP tools into TypeScript APIs and runs model generated code inside an isolate with restricted bindings.
Quantitative impact, token usage drops by 98.7 percent
Anthropic reports a concrete example. A workflow that previously consumed about 150,000 tokens when tools and intermediate data were passed directly through the model was reimplemented with code execution and filesystem based MCP APIs. The new pattern used about 2,000 tokens. That is a 98.7 percent reduction in token usage for that scenario, which also reduces cost and latency.
Design benefits for agent builders
Code execution with MCP introduces several practical benefits for engineers who design agents:
Progressive tool discovery: The agent does not need all tool definitions in context. It can explore the generated filesystem, list available servers, and read specific tool modules only when needed. This shifts tool catalogs from the model context into code, so tokens are spent only on relevant interfaces.
Context efficient data handling: Large datasets remain inside the execution environment. For example, TypeScript code can read a large spreadsheet through an MCP tool, filter rows, compute aggregates, and log only small samples and summary statistics back to the model. The model sees a compact view of the data while the heavy lifting happens in code.
Privacy preserving operations: Anthropic describes a pattern where sensitive fields such as email or phone are tokenized inside the execution environment. The model sees placeholders, while the MCP client maintains a secure mapping and restores real values when calling downstream tools. This lets data move between MCP servers without exposing raw identifiers to the model.
State and reusable skills: The filesystem lets agents store intermediate files and reusable scripts. A helper script that transforms a sheet into a report can be saved in a skills directory and imported in later sessions. Anthropic connects this idea to Claude Skills, where collections of scripts and metadata define higher level capabilities.
Editorial Comments
Anthropic’s ‘code execution with MCP’ approach is a sensible next step for MCP powered agents. It directly attacks the token costs of loading tool definitions and routing large intermediate results through the context, by presenting MCP servers as code APIs and pushing work into a sandboxed TypeScript runtime. This makes agents more efficient, while also forcing teams to take code execution security seriously. This launch turns MCP from a tool list into an executable API surface.
The post Anthropic Turns MCP Agents Into Code First Systems With ‘Code Execution With MCP’ Approach appeared first on MarkTechPost.
