An MCP server for AI agent orchestration is useful when one agent needs a structured way to start, prompt, or inspect other agent runs.
That sounds abstract until you hit a real workflow: one Claude Code session is investigating a bug, another Codex session should test a narrower hypothesis, and you want the parent session to ask for status without scraping terminal output. At that point, agent control becomes a tooling problem.
Junction includes an in-process MCP server that exposes agent-management tools such as creating agents, sending prompts, and checking agent status. The goal is not to make agents autonomous without review. The goal is to give local agents a cleaner control channel for coordinating local work.
What MCP does in plain terms
The Model Context Protocol gives AI applications a standard way to connect to external tools and context providers. The official MCP architecture overview describes a client-server model: an MCP host, such as an AI application, connects to one or more MCP servers, and those servers provide context or tools the host can use.
For coding agents, this matters because many useful actions are not just text generation. An agent may need to inspect files, query a system, start another process, or ask another agent for work.
Junction's MCP server is focused on agent management inside Junction's local-first model. It is not a general replacement for every MCP server. It is a way for agents running near your repository to interact with Junction's agent control layer.
Why agent orchestration needs structure
You can coordinate agents manually with copy and paste:
- Ask Claude Code to investigate.
- Copy part of the answer.
- Open a second terminal.
- Start Codex with a narrower prompt.
- Wait.
- Copy the result back.
- Try to remember which terminal changed which files.
That works once. It breaks down as soon as there are several runs, worktrees, machines, or review checkpoints.
Structured orchestration gives you better handles:
- create a new agent run for a bounded subtask,
- send that run a precise prompt,
- query whether it is running, blocked, failed, or done,
- inspect output and status without hunting through terminal tabs,
- and keep the human review path visible.
Junction already has the local daemon that owns agent sessions. The MCP server lets an agent ask that control layer to do controlled work.
A practical orchestration example
Imagine a Claude Code session is working on a failing setup flow. It discovers two likely causes:
- the setup page copy no longer matches the pricing copy,
- and one route test still assumes the old featured blog article.
Instead of expanding one session into a broad change, the parent agent can split the work:
Create a Codex agent for the route-test issue.
Prompt it to inspect only the blog route test and make the smallest data-driven update.
Keep the setup copy issue in this Claude Code session.The value is not parallelism by itself. The value is controlled separation. Each run has a clearer purpose and review path.
In Junction, those runs still execute on the daemon machine. The browser control surface can show output, approvals, Git state, and diffs. The MCP path adds a structured channel for the agent-to-agent part of the workflow.
Where MCP fits with Claude Code and Codex
Claude Code has broad MCP support in its ecosystem, and the current docs describe MCP as one of the ways Claude Code connects to tools. Codex also documents MCP as a way to give the CLI access to third-party tools and context from the local workflow; the Codex CLI docs list Model Context Protocol as part of the CLI's tool surface.
Junction's public content for this workflow should stay provider-specific: Claude Code and Codex. The product value is not that MCP belongs to one provider. It is that both local agent workflows benefit from a structured tool boundary when the work becomes multi-agent.
What the Junction MCP server should be used for
Use Junction's MCP server for tasks where agent control is itself part of the work.
Good fits:
- spawn a second local agent for a bounded investigation,
- ask another run for status,
- coordinate one implementation run and one review run,
- split independent tasks into separate worktrees,
- check whether a background run is blocked,
- or let an agent query recent session state before deciding what to do next.
Poor fits:
- bypassing human approvals,
- hiding destructive actions inside agent-to-agent calls,
- turning vague product requests into a swarm of unclear runs,
- or giving every agent every possible tool without thinking about scope.
MCP makes tools easier to expose. It does not make every tool safe to expose.
The trust boundary still matters
Recent MCP security discussion has made one point obvious: tool access changes the threat model. Even when a protocol is useful, developers still need to reason about which tools an agent can call, what inputs they accept, and what side effects they create.
For Junction, the practical rule is simple: orchestration should preserve reviewability.
That means:
- use bounded prompts,
- keep runs in separate worktrees when they can change files,
- inspect status and output before trusting results,
- keep high-risk commands behind approval,
- review diffs before accepting work,
- and avoid giving vague tasks access to broad automation.
The MCP server is a control channel, not a reason to remove controls.
Orchestration is different from automation
It is useful to separate three concepts:
| Concept | Meaning |
|---|---|
| Manual run | A human starts and steers one agent session |
| MCP orchestration | An agent can use tools to start or inspect other agent runs |
| Switchboard automation | Linear issues become structured agent runs and pull request paths |
These can work together, but they are not the same.
For example, a manual Claude Code session might use Junction's MCP server to spawn a Codex review run. Switchboard might later handle a set of Linear issues as automated, isolated worktree runs. Both workflows use local agents, but the trigger and control model are different.
If you want the issue-to-pull-request path, read How Switchboard Turns Linear Issues Into Pull Requests. If you want the manual-vs-automation decision framework, read Manual AI Agent Runs vs Switchboard Automation.
A safe starting pattern
Start with a two-agent pattern:
- One primary agent investigates or implements.
- One secondary agent reviews or tests a narrow claim.
- Each agent has a separate session.
- File-changing work uses separate branches or worktrees.
- A human reviews the diff before merge.
That is enough to prove whether orchestration helps your workflow. You do not need a complicated swarm to get value.
A good first prompt might be:
Create a second local agent to review this diff for missing tests only.
Do not ask it to edit files.
Return its findings here before making more changes.That keeps the orchestration narrow and reviewable.
Where Junction fits
Junction's daemon owns local execution. Junction's browser app owns visibility and human control. The MCP server gives agents a way to use that control layer programmatically.
That combination is useful because orchestration without visibility is hard to trust. If agents can create or prompt other agents, you need to see what happened, which run owns which task, whether anything changed, and what review step comes next.
Junction keeps those questions close to the local sessions instead of scattering them across terminals.
Start with the Junction setup guide if you have not paired a daemon yet. For multi-daemon or many-open-chat orchestration, compare pricing so the limits match the workflow.