Reliable Agent Execution
Scoped MCP servers with role-based permissions ensure agents execute reliably without over-permission or context confusion
What Are Agent Members?
Agent Members are organizational roles with permissions for accessing MCP tools and resources. Agiflow provides agent-agnostic MCPs with tightened security and role-based access control, ensuring agents only access tools they're permitted to use.
How It Works
Assign Agent Members to Tasks
Agent-Agnostic MCP Tools
Secure by Default
This approach makes MCP tools more secure and provides better access control compared to traditional setups where all agents share the same MCP configuration.
The Problem: Unreliable Agent Execution
When working with AI agents on production systems, traditional MCP setups create reliability and security issues:
Over-Permissioned MCP Access
All agents share the same MCP configuration with full access to all tools. A junior-level task agent can accidentally access project-wide settings or production resources.
Context Confusion Across Projects and Tasks
Agents receive context from all projects and tasks simultaneously, leading to hallucinated IDs, cross-contamination, and incorrect tool calls with wrong parameters.
No Audit Trail or Access Control
Without role-based MCP access, you can't track which agent performed which action or enforce least privilege principles. All agents have identical capabilities regardless of their purpose.
How Agiflow Provides Reliable Execution
1. Scoped MCP Servers by Project and Task
Each project and task gets its own dedicated MCP server with automatically scoped context. Agents connecting to a task MCP can only access that specific task's resources - no hallucinated IDs or cross-contamination possible.
2. Role-Based MCP Tool Access
Agent members have permission-based access to MCP tools. A task agent assigned to LXX-4 only receives the scoped MCP connection for that specific task with tools limited by their role's permissions.
Example: Task Assignment with Scoped MCP
Permitted Tools: get-task, update-task, create-comment
Blocked: Cannot access LXX-5, cannot create new tasks, cannot modify project settings
3. Agent-Agnostic MCP Architecture
Any AI agent (Claude Code, Cursor, GPT-5, Gemini, custom agents) can connect via standard MCP protocol. Agiflow automatically provisions the correct scoped MCP server based on the agent member's assigned task or project.
Two Connection Methods
Configure your AI client with task-specific MCP URL. Works with any MCP-compatible agent.
Launch agents via CLI - MCP servers are automatically configured and scoped based on assigned tasks.
4. Audit Trail and Access Control
Every MCP tool call is logged with agent member identity, timestamp, and parameters. Enforce least privilege by assigning different permission levels (Owner, Admin, Member, Agent) to control which tools each agent member can access.
Consistent Agent Context with Scoped MCPs
Agiflow enables any AI agent (Claude, GPT-5, Gemini, or custom agents) to work consistently across your projects through our scoped Model Context Protocol (MCP) system. Whether you're using Claude Code, Cursor, or building your own AI agents, Agiflow provides precise context through project, work-unit, and task-scoped MCP servers.
Two Ways to Use Agiflow MCPs
Option 1: Direct MCP Connection
Configure MCP servers directly in your AI client (Claude Code, Cursor, etc.) with project or task-specific connection strings. Works with any MCP-compatible AI client.
"project-mcp": {
"url": "your-project-mcp-url"
}Option 2: agent-cli with Daemon (Recommended)
Use agent-cli to launch agents with automatic MCP configuration via our daemon. No manual MCP setup required - just launch agents for specific tasks with zero MCP config and automatic task context.
agent-cli claude \
--agent-session-id LXX-4What Makes Agiflow MCPs Unique?
Unlike standard MCPs where all agents share the same MCP server, Agiflow creates dedicated MCP servers per project and per task. This scoped architecture ensures AI agents automatically know exactly which project and task they're working with, preventing hallucination and cross-contamination between workstreams.
How Scoped MCPs Work
Unique MCP Server Per Project and Task
Automatic Context Awareness
Inheritance and Override
MCP Proxy Integration (Coming Soon)
Available MCP Building Blocks
Agiflow provides core MCP building blocks plus open-source development MCPs. Each MCP integrates with the scoped architecture, providing precise context and capabilities.
Project MCP
Provides AI agents with deep project context including file structure, dependencies, configuration, and codebase understanding for intelligent development assistance.
Task MCP
Enables AI agents to create, manage, and track development tasks, issues, and workflows. Integrates with project management tools and provides intelligent task prioritization.
Scaffold MCP
Open SourceGenerate standardized code from templates for consistent project bootstrapping and feature addition. Supports Next.js 15, TypeScript libraries, and MCP packages with customizable boilerplates.
Architect MCP
Open SourceEnforce architectural patterns and coding standards through design pattern guidance and automated code review. Validates code against project-specific rules with severity-rated feedback.
Agent CLI Workflow
Step 1: Connect Daemon (Optional)
For backend-connected mode, start the Agiflow daemon to receive task assignments and sync session state.
# Authenticate and connect to Agiflow backend
agent-cli connect
# Daemon receives tasks from dashboard and routes to agentsStep 2: Start Chat
Start a chat for Project Plan, Work Unit, or Task - or run task autonomously. Choose your workflow based on your needs.
Step 3: Agent CLI Launches with Auto-Configuration
Agent CLI will launch the agent with MCP automatically configured and work with pre-configured spec commands. No manual setup required - everything is configured based on your chat context.
Frequently Asked Questions
Frequently Asked Questions
How does scoped MCP work?
A scoped MCP is a Model Context Protocol server that automatically provides context for a specific project or task. Unlike traditional MCPs where all agents share the same server, scoped MCPs use URL patterns and predefined variables to ensure agents have the right context.
URL Pattern Example:
https://api.agiflow.com/mcp/task/LXX-4The task ID (LXX-4) is automatically scoped in the URL, so the MCP server knows exactly which task the agent is working on.
Predefined Variables:
Task MCP already knows about task details (title, description, acceptance criteria, assignees) without the agent needing to provide context. This prevents hallucinated IDs and ensures reliable execution.
When should I use scoped MCP?
Scenario 1: Task-Level Development
Connect your AI agent directly to a task MCP (task-mcp-url-for-LXX-4). The agent can only access tools and resources for that specific task - perfect for focused implementation work.
Scenario 2: Project-Wide Planning
Connect to a project MCP (project-mcp-url) for cross-task planning, architecture decisions, and project management. Agents can create new tasks, update settings, and manage dependencies.
Scenario 3: Work Unit Execution
Use work-unit MCP for implementing epics or features that span multiple tasks. Agents can coordinate across related tasks while maintaining proper scoping.
Scenario 4: Autonomous Agent with agent-cli
Launch agents via agent-cli daemon - MCPs are automatically configured based on assigned tasks. No manual URL setup required.
What is MCP proxy and why do I need it?
MCP proxy is a backend service that aggregates multiple external MCP servers (SSE or HTTP connections) and presents them as a single unified MCP interface to AI agents. This solves several reliability problems:
1. Simplified Configuration
Instead of configuring 10+ MCP servers in .mcp.json, agents connect to one proxy that routes to all enabled MCPs. Projects choose which external MCPs to enable.
2. Authentication Management
External MCPs requiring authentication (API keys, OAuth) are handled by the proxy. Agents don't need to manage credentials.
3. Access Control
Proxy enforces which tools each agent member can access based on their role. Task agents can't accidentally use project-level MCP tools.
4. Connection Reliability
Proxy handles reconnection, rate limiting, and error handling for external MCP connections. Agents get consistent tool availability.
How do agent profiles work with sub agents?
Agent Profile defines the capabilities, permissions, and MCP tool access for a specific agent member. It determines which MCP servers the agent can connect to and what tools they can use.
Agent Profile Components:
- • Role (Owner, Admin, Member, Agent) - determines permission level
- • Scoped MCP access - which project/task MCPs the agent can connect to
- • External MCP permissions - which external tools the agent can use
- • Tool restrictions - specific MCP tools blocked or allowed
Sub Agent (also called Agent Member) is an AI agent assigned to a specific task or project with a defined agent profile. Multiple sub agents can work on different tasks simultaneously, each with their own scoped MCP servers and permissions.
Example: Backend Development Team
Profile: Task MCP access, database tools, API testing tools
Profile: Read-only Task MCP, code analysis tools, no write access
Profile: Project MCP access, create tasks, manage dependencies, full permissions
Each sub agent operates independently with their own scoped context, preventing cross-contamination and ensuring reliable execution through well-defined agent profiles.
Related Documentation
Build your specialized AI agent team
Configure agent members with domain expertise and start delegating work systematically.