Claude Desktop Integration Guide

Overview

Claude Desktop commonly connects to local MCP servers. Cup’n’String can govern MCP server registration, tool calls, local file access, command execution paths, and credential exposure.

Support level

Active Proxy & Shielding

What Cup’n’String detects

• Claude Desktop process
• MCP server configuration files where available
• Local MCP server processes
• Tool-call proxy paths

What it governs

• MCP tool calls
• File-read and command-execution tools
• Secrets passed to prompts/tools
• Outbound calls from MCP servers

Recommended policies

• Require managed MCP proxy
• Allowlist approved MCP servers
• Block sensitive paths by default
• Audit tool calls and arguments

Setup outline

1. Verify the Cup’n’String agent is active.
2. The agent configures a local proxy listener specifically for Claude’s MCP connections.
3. Update Claude Desktop config files (claude_desktop_config.json) to point local servers to the Cup’n’String gateway.

Verification

Trigger an MCP tool execution (e.g. read a file or search the web) and verify that the tool call parameters are audited and reported in the dashboard.

Troubleshooting

If Claude Desktop fails to connect, check the path configuration in the JSON file and verify that the proxy port matches.

Known limitations

Unproxied MCP servers may offer reduced tool-level visibility.