Integrating MCP Servers with VS Code Copilot: A Complete Guide
A Developer's Journey into the Model Context Protocol
Hey there! π
I want to share something exciting I've been working on that completely changed how I interact with my development tools. You know those moments when you're deep in code and need to quickly check if a server port is open, or verify an SSL certificate is valid? Usually, you'd switch to your terminal, run some commands, maybe google the right openssl syntax (because who memorizes that?), and then piece together the results.
What if your AI assistant could just... do that for you?
That's exactly what I built with SimplePortChecker MCP β a bridge that lets GitHub Copilot perform real security assessments, right in VS Code. And the best part? It took just 6 lines of configuration.
Let me show you what I learned along the way.
β‘ Quick Start (TL;DR)
For VS Code Users:
Create
.vscode/mcp.json:{ "servers": { "simplePortChecker": { "type": "sse", "url": "https://mcp.simpleportchecker.com/mcp" } } }Restart VS Code
Open Copilot Chat and ask:
Check if google.com has port 443 open
That's it! No installation required. The server is public and ready to use.
π€ First, Let's Talk About MCP (Model Context Protocol)
If you haven't heard of MCP yet, you're in for a treat. It's an open standard from Anthropic that's quietly revolutionizing how we think about AI assistants.
Here's the lightbulb moment for me:
Remember when APIs revolutionized software development? Before APIs, if you wanted to integrate with a payment system or a mapping service, you'd have to build everything from scratch. APIs gave us a standardized way for systems to talk to each other.
MCP does the same thing for AI assistants.
The Problem MCP Solves
Think about your typical workflow with an AI coding assistant:
You ask Copilot something like: "Is port 443 open on google.com?"
Copilot might generate a command:
nc -zv google.com 443You copy that command
Switch to your terminal
Run it
Copy the results back
Ask Copilot to interpret them
Sound familiar? It's like having a brilliant assistant who can't use a phone β they can tell you what to say, but you have to make the call yourself.
Enter MCP: Giving AI Assistants "Hands"
MCP changes the game completely. With MCP, your AI assistant can:
β Actually run security scans, not just suggest commands
β Fetch real-time data from live systems
β Interact with APIs and external services directly
β Return structured results that it can interpret and act on
β Chain multiple operations to accomplish complex tasks
It's like upgrading your assistant from "consultant" to "doer."
Why This Matters for Developers
Before MCP:
With MCP:
No context switching. No copy-pasting. No friction.
This is the future we're building towards, and it's available today.
π Building SimplePortChecker MCP: What It Does
So here's what I built. SimplePortChecker MCP is a production MCP server that brings comprehensive network security tools directly into your AI assistant's toolbelt.
The Vision: What if checking a server's security posture was as easy as asking a colleague?
Instead of this old workflow:
You now just ask:
And Copilot does everything, interprets the results, and gives you a clean summary. Magic? No, just MCP.
π οΈ The Toolbox: 6 Security Tools
I built these tools based on what I found myself doing repeatedly during development and security reviews:
1. Port Scanning Check if specific ports are open β the foundation of any security assessment.
2. L7 Protection Detection Ever wonder if a site is behind Cloudflare, AWS WAF, or Akamai? This detects it automatically with confidence scores.
3. SSL/TLS Certificate Analysis Validates certificates, checks expiration dates, and lists SANs. No more memorizing openssl commands!
4. Mutual TLS (mTLS) Verification Detects if a server requires client certificates β crucial for enterprise security.
5. Azure AD Hybrid Identity Detection Discovers ADFS and federation configurations for Microsoft authentication setups.
6. Full Security Scan Runs all checks in sequence and gives you a comprehensive security posture report.
π― The Public Server
Here's something cool: I'm hosting this publicly at:
No API keys. No authentication. No installation. Just add it to your config and start using it.
Why? Because I believe security tools should be accessible. If this helps even one developer catch a security issue faster, it's worth it.
π‘ Smart Prompts: Teaching the AI Common Patterns
One thing I learned while building this: just having tools isn't enough. The AI needs to know when and how to use them.
So I built in 5 intelligent prompts that guide Copilot through common security workflows:
1. Quick Security Scan "I need a fast security overview"
Scans common ports (80, 443, 22, etc.)
Checks for WAF/CDN protection
Validates SSL certificates
Perfect for rapid assessments
2. Certificate Health Check "When does this cert expire?"
Deep dive into SSL/TLS configuration
Expiration warnings
SAN validation
Great for monitoring production services
3. Compliance Assessment "Is this server configured securely?"
Security best practices check
Compliance verification
Risk assessment
4. Troubleshoot Connection Issues "Why can't I connect to this server?"
Port accessibility checks
Service detection
Firewall/network diagnostics
5. Hybrid Identity Discovery "Is this using Azure AD?"
ADFS detection
Federation configuration analysis
Enterprise authentication insights
These prompts make Copilot feel less like a tool and more like a colleague who knows what you're trying to accomplish.
βοΈ Getting Started: Your First 5 Minutes with MCP
Alright, enough theory. Let's get this running! I promise this is easier than configuring your first Docker container.
The Magic Configuration (Seriously, That's It)
VS Code 1.102+ introduced a dedicated mcp.json file for MCP servers. Here's all you need:
Step 1: Create MCP Configuration File
Create a new file at .vscode/mcp.json in your workspace or user settings folder:
For Workspace Configuration (recommended):
Create
.vscode/mcp.jsonin your project rootAdd this configuration:
For User Configuration (applies to all projects):
Press
Cmd+Shift+P(macOS) orCtrl+Shift+P(Windows/Linux)Type:
MCP: Open User ConfigurationAdd the same configuration above
Step 2: Quick Settings Check (Optional, but Recommended)
Make sure MCP access is enabled in your settings.json:
Pro tip: You can also set this to "registry" to only allow official MCP servers, or "none" to disable MCP entirely. I keep mine on "all" for maximum flexibility during development.
Step 3: Restart VS Code
This is the "turn it off and on again" step. Close all VS Code windows and reopen.
Step 4: The Moment of Truth β Verify It Works
Open the Command Palette (Cmd+Shift+P or Ctrl+Shift+P) and type:
You should see simplePortChecker listed. Click on it to peek at all the available tools. Feels good, doesn't it? π
Step 5: Take It for a Spin!
Open Copilot Chat (Ctrl+Cmd+I or Cmd+I) and let's do something cool:
Watch the magic happen. Copilot will:
Recognize it needs the
scan_portstoolAsk for your approval (security first!)
Run the actual scan on the MCP server
Parse the results
Give you a clean, human-readable answer
First time seeing this work feels amazing. Trust me, I still get a little thrill every time.
You can also explicitly reference MCP tools using the # symbol:
π§ Using MCP Commands
VS Code provides several commands to manage MCP servers:
MCP: List Servers- View all configured MCP servers and their statusMCP: Browse Resources- Explore resources provided by MCP serversMCP: Reset Cached Tools- Clear cached tool definitions and refreshMCP: Reset Trust- Reset trust settings for MCP serversMCP: Open User Configuration- Open user-level mcp.jsonMCP: Open Workspace Folder Configuration- Open workspace mcp.json
π― Using MCP Tools in Agent Mode
In agent mode (the default), Copilot automatically selects and invokes MCP tools as needed:
Open Copilot Chat
Simply ask questions naturally - Copilot will use the right tools automatically
Review and approve tool invocations when prompted
Example:
π How It Works: MCP Integration Flow
Here's how the MCP integration works when you ask Copilot to perform a security scan:
Key Components:
VS Code - Your development environment with MCP configuration
GitHub Copilot - AI assistant that decides when to use tools
MCP Server - Remote server at
https://mcp.simpleportchecker.comTarget Host - The system being scanned (e.g., google.com)
The Flow:
User Query β You ask a natural language question
Tool Selection β Copilot determines which MCP tool to use
Approval β VS Code prompts you to approve the tool invocation
Execution β MCP server performs the actual security scan
Results β Structured data is returned and interpreted by Copilot
Response β You get a clear, actionable answer
This architecture keeps the heavy lifting on the server side while giving you a seamless, conversational experience in your editor!
π§ Understanding the MCP Configuration
Let's break down what the mcp.json configuration does:
Configuration Options
Server Types:
"sse"- Server-Sent Events (used for HTTP streaming, like our server)"http"- Standard HTTP (VS Code tries HTTP stream, falls back to SSE)"stdio"- Standard Input/Output (for local servers)
For Remote Servers (like SimplePortChecker):
For Local Servers:
π Troubleshooting
Server Not Appearing in VS Code?
Check MCP access setting:
Verify configuration file location:
Workspace:
.vscode/mcp.jsonin project rootUser: Use
MCP: Open User Configurationcommand
Restart VS Code completely:
Close all windows
Reopen VS Code
Check
MCP: List Serversagain
Check the output log:
Open
MCP: List ServersSelect your server
Click
Show Outputto see connection errors
Tools Not Working?
Clear cached tools:
Run command:
MCP: Reset Cached ToolsRestart the MCP server from the server list
Test server connectivity:
Should return a list of available tools.
Check tool approval settings:
VS Code prompts you to approve tool usage
Make sure you're clicking "Approve" when prompted
Check if tools are enabled in the Chat view tools picker
"Cannot have more than 128 tools per request" Error?
This happens when too many tools are selected:
Click the Tools button in Chat view
Deselect some tools or entire MCP servers
Or ensure virtual tools are enabled (default in VS Code 1.102+)
Trust Prompt Issues?
When you first start an MCP server, VS Code asks you to trust it:
Review the server configuration carefully
Click the link to view server details
Only trust servers from sources you know
Reset trust settings:
Configuration Format Changed?
VS Code 1.102+ introduced a new MCP configuration format:
β Old Format (deprecated):
β New Format (current):
If you're using an older VS Code version, you may need the old format. Check your VS Code version: Code > About Visual Studio Code
Real-World Stories: How I Actually Use This
Let me share some real scenarios where this tool saved my bacon (and sanity).
Story #1: The 3 AM Certificate Expiration
The Situation: I'm deploying a new microservice to production. It's late, I'm tired, and I just want to make sure the SSL cert is valid.
Old Way:
New Way:
Result: Deployed with confidence. Got to bed before 4 AM. Win.
Story #2: The Mystery of the Slow API
The Situation: Users reporting our API is slow. Is it us? Is it the CDN? Is it DNS? Who knows?
Old Way: Open multiple tabs, run various tools, piece together information from different sources, spend 20 minutes investigating.
New Way:
Result: Identified it was a Cloudflare rate limit in seconds. Fixed the issue before it became a real problem.
Story #3: Enterprise Client Integration
The Situation: Integrating with a large enterprise client. They mention "ADFS" and "hybrid identity" and I nod knowingly while internally panicking.
Old Way: Schedule a meeting, ask their IT team for documentation, wait 3 days for a response.
New Way:
Result: Had the information I needed immediately. Integration conversation was productive instead of full of questions.
Story #4: "Is It Just Me?"
The Situation: Can't connect to a service. Is the port closed? Is my VPN acting up? Am I losing my mind?
Old Way: Try different tools, ask in Slack "anyone else having issues?", feel embarrassed if it's just me.
New Way:
Result: Saved face. Switched to HTTPS. Moved on with life.
π¨ Using Built-in Prompts
The MCP server includes intelligent prompts that guide Copilot to perform structured assessments:
Example 1: Quick Security Scan
Example 2: Hybrid Identity Discovery
π Security & Privacy
No Data Stored: All scans are performed in real-time; no data is cached or logged
Public Information Only: The tools only check publicly available information
Read-Only: No modifications are made to any target systems
Rate Limited: Reasonable rate limits prevent abuse
π Why This is Game-Changing
Before MCP:
With SimplePortChecker MCP:
The difference?
β‘ 10x faster - No context switching
π― More accurate - AI interprets results correctly
π Iterative - Can ask follow-up questions instantly
π Better insights - AI can correlate findings across multiple scans
π Getting Started Today
3 Simple Steps:
Create
.vscode/mcp.jsonin your project root with:Restart VS Code completely
Open Copilot Chat (
Ctrl+Cmd+IorCmd+I) and start asking!
That's it! No installation, no API keys, no complex setup. The public MCP server at https://mcp.simpleportchecker.com is ready and waiting.
π‘ Pro Tips from the Trenches
Here are some tricks I've learned that make this even more powerful:
1. Be Explicit When You Need Speed
Agent mode is smart, but sometimes it's faster to directly call tools:
The # prefix tells Copilot exactly which tool you want. No ambiguity, instant results.
2. Chain Investigations Like Sherlock Holmes
Don't ask one thing at a time. Ask for everything:
Copilot will orchestrate all the checks and give you a comprehensive report. It's like having a junior DevOps engineer who never gets tired.
3. Generate Monitoring Scripts
This blew my mind when I discovered it:
Create a script that checks certificate expiry for these domains: api.example.com, www.example.com, cdn.example.com
Think of it as a pre-flight checklist, but automated and smart.
5. Explore All the Tools
Don't just use what you know. Discover what's available:
Command Palette β
MCP: List ServersClick
simplePortCheckerBrowse all 6 tools and their descriptions
You might find something perfect for a problem you didn't even know you had.
6. Use MCP Resources (Advanced)
Access cached results and structured data:
MCP: Browse ResourcesPick a resource type
Add to chat context
This is great for building on previous scans without repeating work.
π Reflections: Why This Matters
I've been coding for several years, and I've seen a lot of "revolutionary" tools come and go. Most are incremental improvements dressed up as breakthroughs.
MCP feels different.
It's not just making AI assistants slightly better at generating code. It's fundamentally changing the relationship between developers and their tools. We're moving from:
"AI that suggests" β "AI that does"
This shift is profound. When your AI assistant can:
Actually run security scans
Fetch real-time data
Interact with live systems
Chain multiple operations
Learn from the results
...it stops being a smart autocomplete and becomes a genuine collaborator.
The Bigger Picture
SimplePortChecker is just one example. Imagine MCP servers for:
ποΈ Database queries and schema analysis
βοΈ Cloud infrastructure management
π Log analysis and debugging
π Code repository insights
π Performance monitoring
π Secret management
The ecosystem is just getting started, and we're already seeing amazing possibilities.
An Invitation
If this blog post inspired you, I'd love to see what you build. MCP is an open standard β anyone can create a server. Got a workflow that involves switching between your editor and another tool? That's a perfect candidate for an MCP server.
The code for SimplePortChecker MCP is open source. Learn from it, improve it, build your own. Let's make development better together.
π Try It Yourself
Ready to get started? Here's everything you need:
π Public MCP Server: Available for demonstration purposes
π MCP Protocol Docs: https://modelcontextprotocol.io
π» Source Code: Private repository for security reasons
Quick Start Reminder:
Create
.vscode/mcp.jsonwith the config from aboveRestart VS Code
Ask Copilot: "Check if google.com has port 443 open"
Watch the magic happen β¨
π¬ Let's Connect
Built something cool with MCP? Found a clever use case I didn't mention? Hit a snag and need help?
I'd love to hear from you!
Drop a comment below
Open an issue on GitHub
Share your MCP servers with the community
The future of AI-assisted development is being built right now, and you're part of it.
What will you build with MCP? π
Thanks for reading! If this helped you, consider sharing it with your team. The more developers discover MCP, the better the ecosystem becomes for everyone.
β Happy coding! π
Last updated