NEW v0.4.0 — now open source under MIT
// guide · mcp setup

Wire Joint Chiefs into any MCP client.

One JSON snippet, one path, no API keys in the config. Thirty seconds end-to-end.

01 Install the binary

If you haven't already, install Joint Chiefs. You need the jointchiefs-mcp binary on disk — the setup app drops it at your chosen path, or build from source and cp it into /opt/homebrew/bin/.

02 Add the server to your client's MCP config

The config is standard MCP — the same mcpServers key every MCP-aware client reads.

{
  "mcpServers": {
    "joint-chiefs": {
      "command": "/opt/homebrew/bin/jointchiefs-mcp"
    }
  }
}

Replace the command path if you installed somewhere other than /opt/homebrew/bin/.

03 Paste it where your client expects

The JSON shape is the same across clients — only the config file location differs.

Claude Code.mcp.json in your project root, or ~/.claude/claude.json globally
Claude Desktop~/Library/Application Support/Claude/claude_desktop_config.json
Cursor.cursor/mcp.json in your project root
WarpSettings → AI → MCP Servers
Cline / Continue / Zed / otherCheck your client's MCP docs — the mcpServers key is the standard

04 Restart your client and verify

Ask your AI: "Run a Joint Chiefs review on this file." It should invoke the joint_chiefs_review tool and stream back a consensus summary.

If the tool doesn't appear in your client's tool list, it's almost always one of:

  • Path in the JSON doesn't match where the binary actually lives.
  • No API keys set — the server will start but every provider will be "not configured." Open the setup app and add a key, or set OPENAI_API_KEY/ANTHROPIC_API_KEY/etc. in the environment your client launches in.
  • Client wasn't restarted after editing the config.
// how it works under the hood

Stdio only. No ports. No network.

When your client launches, it spawns jointchiefs-mcp as a child process and talks to it over stdin/stdout with JSON-RPC. The server never binds a port, never makes outbound connections except to the LLM providers you configured, and inherits its trust boundary from the parent process.

API keys live in your macOS Keychain. The MCP server doesn't read them directly — it shells out to jointchiefs-keygetter, the only binary with Keychain ACL access. Keys stay off the MCP wire and out of every log.

Read the full security model

Want the CLI too?

The same engine runs from your terminal — streaming output, JSON mode, exit codes for pre-commit and CI.

CLI reference Back to downloads