What does it mean that a form schema is a tool contract?

The Model Context Protocol requires every tool to declare an inputSchema in JSON Schema: parameter names, types, which are required, enums, descriptions. A form builder already collects exactly that information when you define a field as required text, a numeric range, or a dropdown. So the form definition you would build anyway carries enough structure to be compiled into a valid MCP tool contract. The form is not a metaphor for the contract; it contains the same facts the contract needs.

Why is no-code able to produce a correct MCP server and not just a toy?

Because the parts that make an MCP server correct are identical for every server: the protocol handshake, tools/list and tools/call wiring, schema validation, auth, rate limits, and the audit log. Those are compiled once and reused. The only things that differ from server to server are the data binding and the tool design, and those are exactly the parts a visual builder is good at capturing. When the plumbing is solved in one place, the no-code surface only has to get the differentiated part right.

How is this different from hand-rolling with the MCP SDKs?

The official TypeScript and Python SDKs give you the transport, the handshake, and the request types, then leave you to hand-write the inputSchema, the validation, the auth, the rate limiting, and the audit log for every tool. AppElixir treats that surface as a compiler target: you describe the tool as a form, and the engine emits the same SDK-grade server with the plumbing already attached. You write the contract once, visually, instead of restating it in code for every server.

How AppElixir Compiles a Form Into an MCP Server

Most no-code tools generate something that looks like the real thing and behaves like a sketch of it. This series is about the opposite claim: that for MCP servers specifically, a no-code layer can emit the genuinely correct artifact, not an approximation of one. The reason is narrow and worth stating precisely before we open the case.

An MCP server is small. The protocol specification asks a server to do three things: advertise the tools it offers, accept typed calls to those tools, and return typed results. The interesting part is the word typed. Every tool must publish an inputSchema expressed in JSON Schema. That schema is the contract the agent reads before it decides whether and how to call your tool.

Here is the observation the entire engine is built on. A form already is that schema. When you mark a field required, you have declared a required parameter. When you set a field to a numeric range, you have declared a number with a minimum and a maximum. When you make a field a dropdown, you have declared an enum. When you write helper text under a field, you have written the parameter description an LLM will read to decide whether to call the tool. The form is not a friendly front end bolted onto a contract. The form contains the contract.

By hand vs with the engine

By hand

You install the TypeScript SDK, which gives you the transport, the initialize handshake, and the request types. Then you hand-write the inputSchema for each tool as a literal JSON Schema object, wire a handler, add a validator so bad arguments do not reach your database, add an auth check, add a rate limiter, and add an audit log. Every one of those is correct only if you remembered to write it, and you write it again for the next server. The SDK is excellent at the protocol and silent about everything around it.

With the engine

You describe the tool as a form, point it at a data source, and press deploy. The engine reads the form schema, compiles it into the same JSON Schema the SDK would have wanted you to write by hand, attaches the validation, auth, rate limiting, and audit log that every server needs, and serves it over the protocol. You authored the differentiated part (the tool and its inputs) and inherited the identical part (the plumbing). That division is the product.

The pipeline

The engine is a straight line with one loop at the end. Every server that AppElixir produces travels the same six stages, and the test harness verifies the result before it ships:

SCHEMA   the form definition: fields, types, required flags, enums, descriptions
   |
COMPILE  schema becomes an MCP tool contract (name, inputSchema, output type)
   |
BIND     the contract is wired to a data source (spreadsheet, SQL table, REST)
   |
SERVE    a generated MCP runtime answers initialize, tools/list, tools/call
   |
SECURE   auth, per-tool rate limits, schema validation, the audit log
   |
SHIP     hosted URL + token, or an exported Docker image
   |
TEST     the built-in inspector calls the contract: empty, valid, malformed

Notice what does not appear in the diagram: anything specific to your domain except the schema at the top and the binding in the middle. Everything from SERVE downward is the same code for a customer-lookup tool and a create-invoice tool. That sameness is not a limitation. It is the thing that makes the output correct.

What the compiler actually emits

To make this concrete, take a one-field form: a required text input named email, described as the customer email to look up. The compiler turns it into the tool contract the protocol expects:

{
  "name": "lookup_customer",
  "description": "Return the customer record for a given email address.",
  "inputSchema": {
    "type": "object",
    "properties": {
      "email": {
        "type": "string",
        "description": "Customer email, lowercase, no whitespace."
      }
    },
    "required": ["email"]
  }
}

Nothing in that object was invented by a human writing JSON. Every line was derived from a form field: the type from the field type, the required array from the required flag, the description from the field's helper text. When the agent calls the tool, the request that arrives is just as ordinary:

{
  "method": "tools/call",
  "params": {
    "name": "lookup_customer",
    "arguments": { "email": "ada@example.com" }
  }
}

The runtime validates those arguments against the same schema it published, binds the call to the data source, and returns a typed result. Chapter 2 takes this mapping apart field by field, including the harder cases (numeric ranges, enums, optional fields) and what happens to the contract when the form changes after agents are already calling it.

The component map

Six subsystems do the work, plus a test harness. Each gets its own chapter; here is the one-line role of each and where to read the detail.

The schema compiler. Turns a form into an MCP inputSchema and an output type, and versions the contract so a form edit does not silently break callers. See Chapter 2: the schema compiler.
The collection abstraction. One uniform notion of a "collection" over spreadsheets, SQL tables, and REST endpoints, with type inference, read versus write tools, and pagination. See Chapter 3: the collection abstraction.
The generated MCP runtime. The actual server the engine emits: stdio and streamable HTTP transports, the initialize handshake, tools/list, tools/call, structured results and errors. See Chapter 4: the MCP runtime.
The tool-ergonomics linter. The model-facing contract: tool names and descriptions an LLM will actually choose, enums over free text, per-field docs, and how the engine drafts a callable description from the schema. See Chapter 5: tool ergonomics.
The security plane. Per-agent keys and revocation, per-tenant isolation, per-tool rate limits that return structured errors an agent can reason about, schema validation as a boundary, and read-only by default with explicit write gating. See Chapter 6: the security plane.
Deploy and self-host. One compiled artifact, two runtimes: a hosted URL with limits and audit, or an exported Docker image for Fly, Railway, Render, or your own cluster. See Chapter 7: deploy and self-host.
The inspector. The test harness that closes the loop, a fake-agent UI that calls the contract three ways (empty, valid, malformed) before ship. It rides along in Chapter 7, and its ancestry is Anthropic's own MCP Inspector.

Why identical plumbing is the feature, not the compromise

The instinct is to assume a generated server must be weaker than a hand-built one, because generation usually trades correctness for speed. For MCP that instinct is wrong, and the reason is structural.

Split any MCP server into two halves. The first half is the protocol surface and the production surface: the handshake, the tool listing and call dispatch, JSON Schema validation, authentication, rate limiting, the audit log. The second half is the data binding and the tool design: which source you read, what the tool is named, which inputs it takes, what its description says. The first half is byte-for-byte the same for every server worth shipping. The second half is the only thing that legitimately differs between your server and someone else's.

Hand-rolling forces you to re-author both halves every time, which means the correctness of the first half depends on your discipline on a Tuesday afternoon. A compiler inverts that. It writes the first half once, proves it once, and reuses it for every server, so the only place a mistake can enter is the half a human should be thinking about anyway. The narrow scope of MCP, three responsibilities and a typed schema, is exactly what makes this clean. There is no sprawling surface where generation leaks. The protocol is small enough to be a compiler target.

This is also why the community catalog matters as a sanity check rather than a competitor. Anthropic's reference servers for filesystem, GitHub, Slack, and Postgres are hand-built and excellent, and they demonstrate the shape every server converges on: list tools, validate inputs, call a source, return typed output. AppElixir is not trying to beat those servers at their own data sources. It is observing that the shape they share is the shape a compiler can emit, and that most servers people actually need are a form and a binding away from existing.

Where this leaves you

If you take one idea from this chapter, take the inversion: stop thinking of the form as the easy version of the contract and start thinking of the contract as the compiled version of the form. The form is the source language. JSON Schema is the target. The engine is the compiler in between, and the six stages after COMPILE are a runtime you should never have to write twice.

The rest of the teardown opens each stage in turn. The next chapter starts where the engine starts, at the schema compiler, and shows exactly how a field becomes a parameter and a collection becomes an output type. If you would rather see the whole thing run before you read how it is built, the five-minute walkthrough below does that, and the comparison piece situates MCP against the other ways agents call tools.