Summary
A conformance test harness that validates your MCP server against the spec before you ship it. Run it as a CLI to check JSON-RPC 2.0 compliance, protocol version handshakes, OAuth 2.1 PKCE flows, tool schema validity, and capability advertisement accuracy across stdio and HTTP transports. It covers three spec versions (2024-11-05 through 2025-06-18) and exports both pass/fail reports and breaking-change diffs between releases. You can also run it as an MCP server itself, exposing 12 tools that let Claude validate other servers interactively. Built by StudioMeyer as the foundation layer for their MCP Factory builds, where every server runs through this harness before publishing.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Part of the StudioMeyer MCP Stack — Built in Mallorca 🌴 · ⭐ if you use it
mcp-protocol-conformance
This is a Foundation build of the StudioMeyer MCP Factory: every other Factory build runs through this harness before promotion (npm publish, marketplace submit, upstream PR).
A note from us
We have been building tools and systems for ourselves for the past two years. The fact that this repo is small and has few stars is not because it is new. It is because we only just decided to share what we have built. It is not a fresh experiment, it is a long story with a recent commit.
We love building things and sharing them. We do not love social media tactics, growth hacks, or chasing stars and followers. So this repo is small. The code is real, it gets used, issues get answered. Judge for yourself.
If it helps you, sharing, testing, and feedback help us. If it could be better, an issue is more useful. If you build something with it, tell us at hello@studiomeyer.io. That genuinely makes our day.
From a small studio in Palma de Mallorca.
Install
npm install --save-dev mcp-protocol-conformance
The package ships both a CLI (mcp-conformance) and a TypeScript library entry (import ... from "mcp-protocol-conformance").
CLI usage
Run against a stdio server
mcp-conformance run \
--target stdio \
--cmd node \
--cmd-arg dist/server.js \
--spec 2025-06-18 \
--suite all \
--format terminal
Run against an HTTP server (Streamable HTTP, 2025-03-26+)
mcp-conformance run \
--target http \
--url https://memory.studiomeyer.io/mcp \
--header "Authorization:Bearer ${TOKEN}" \
--spec 2025-06-18 \
--suite full \
--format json --out report.json
Run only a subset of suites
mcp-conformance run --target stdio --cmd ./server --spec 2025-06-18 \
--suite jsonrpc,version,schema
Compare two manifests
mcp-conformance compare \
--expected manifests/v1.json \
--actual manifests/v2.json
Assert no breaking changes between two reports
mcp-conformance assert-no-breaking \
--baseline reports/main.json \
--current reports/pr-42.json
Exit codes: 0 clean, 1 failures, 2 invocation error.
Library usage
import {
runFullSuite,
generateReport,
} from "mcp-protocol-conformance";
const report = await runFullSuite(
{ kind: "stdio", cmd: "node", args: ["dist/server.js"] },
"2025-06-18",
{ suite: "all" },
);
console.log(generateReport(report, "terminal"));
if (report.status === "fail") process.exit(1);
MCP server usage
The harness is itself an MCP server. Start it over stdio and any MCP client can call its 12 tools:
node dist/server.js
Tools (all read-only, all destructiveHint: false):
| # | Tool | Purpose |
|---|---|---|
| 1 | runJsonRpcCompliance | JSON-RPC 2.0 error-code matrix + response-envelope (result/error mutual exclusivity) |
| 2 | runSpecVersionAssertion | Verify advertised protocolVersion |
| 3 | runTransportSuite | Transport-layer ping + session-id |
| 4 | runOauthPkceFlow | OAuth 2.1 PKCE S256 (mock-AS or real-tenant) |
| 5 | runToolSchemaValidation | inputSchema (+ 2025-11-25 outputSchema / title) is valid JSON-Schema |
| 6 | runCapabilityIntrospection | initialize.capabilities matches behaviour (+ 2025-11-25 tasks) |
| 7 | runRoundtripSmoke | One tools/call per advertised tool |
| 8 | runAnnotationsAudit | readOnlyHint / destructiveHint hygiene |
| 9 | runFullSuite | All suites + summary |
| 10 | generateReport | Render JUnit / JSON / terminal |
| 11 | compareManifests | Diff two tool manifests |
| 12 | assertNoBreakingChanges | Diff two FullReports |
Compatibility matrix
| 2024-11-05 | 2025-03-26 | 2025-06-18 | 2025-11-25 | |
|---|---|---|---|---|
| jsonrpc | yes | yes | yes | yes |
| version (handshake) | yes | yes | yes | yes |
| transport (stdio) | yes | yes | yes | yes |
| transport (http) | n/a | yes | yes | yes |
| oauth (mock) | n/a | yes | yes | yes |
| oauth (real) | n/a | yes | yes | yes |
| schema | yes | yes | yes | yes |
| capability | yes | yes | yes | yes |
| smoke | yes | yes | yes | yes |
| annotations | warn-only | warn-only | yes | yes |
| tasks (capability) | n/a | n/a | n/a | yes |
| tool title/output | n/a | n/a | n/a | warn-only |
yes = suite runs and produces actionable results.
n/a = capability not in spec; suite skips automatically.
warn-only = suite runs but the spec does not formally require the feature.
The 2026-07-28 RC (stateless core, SEP-2575/2567) is intentionally not here — it ships final on 2026-07-28; conformance for it lands in a later release against the final SDK.
Integration in Factory builds
In every Factory build's package.json:
{
"scripts": {
"factory:conformance": "mcp-conformance run --target stdio --cmd 'node dist/server.js' --spec 2025-06-18 --suite full"
}
}
In CI:
- run: npm run factory:conformance
Spec references
- JSON-RPC 2.0: https://www.jsonrpc.org/specification
- MCP 2024-11-05: https://modelcontextprotocol.io/specification/2024-11-05
- MCP 2025-03-26: https://modelcontextprotocol.io/specification/2025-03-26
- MCP 2025-06-18: https://modelcontextprotocol.io/specification/2025-06-18
- MCP 2025-11-25: https://modelcontextprotocol.io/specification/2025-11-25
- RFC 7636 (PKCE): https://datatracker.ietf.org/doc/html/rfc7636
About StudioMeyer
StudioMeyer is an AI and design studio based in Palma de Mallorca, working with clients worldwide. We build custom websites and AI infrastructure for small and medium businesses. Production stack on Claude Agent SDK, MCP and n8n, with Sentry, Langfuse and LangGraph for observability and an in-house guard layer.
License
MIT — Copyright (c) 2026 Matthias Meyer (StudioMeyer)
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Categories
Registryactive
Packagemcp-protocol-conformance
TransportSTDIO
UpdatedApr 27, 2026
