Skip to main content
CodeCall transforms how LLMs interact with large toolsets. Instead of exposing hundreds of tool definitions that overwhelm the context window, CodeCall provides a small meta-API where the model discovers, describes, and orchestrates tools by writing JavaScript. CodeCall meta-API architecture CodeCall meta-API architecture

Scalable Discovery

Search across hundreds of tools using natural language with VectoriaDB embeddings

Code Orchestration

LLMs write JavaScript to combine tools, filter data, and build workflows in a single execution

Bank-Grade Security

Defense-in-depth with AST Guard validation and Enclave sandboxing

Any LLM, Any Cloud

Open source, self-hosted, works with any MCP-compatible client - not just Claude

The Problem: Tool Explosion

As MCP servers grow, list_tools becomes unmanageable: Early days vs today - tool explosion Early days vs today - tool explosion

Early Days

5-10 tools, clean schemas, instant model understanding

Growth Phase

Add OpenAPI adapters, multiple apps, per-tenant tools → 50-200+ tools

Pain Point

Context window fills with schemas, models struggle to find relevant tools, token costs explode
The cost is real:
  • Token waste: Listing 100 tools with schemas can consume 20,000+ tokens before the first query
  • Discovery failure: Models pick wrong tools or miss relevant ones buried in the list
  • No filtering: Standard MCP can’t filter results in-tool - you fetch everything, pay for all tokens, then filter
  • Round-trip latency: Multi-tool workflows require model round-trips between each tool call

The Solution: Code-First Meta-API

CodeCall collapses your entire toolset into 4 meta-tools:
Meta-ToolPurpose
codecall:searchFind relevant tools by natural language query
codecall:describeGet detailed schemas for selected tools
codecall:executeRun JavaScript that orchestrates multiple tools
codecall:invokeDirect single-tool calls (optional, no VM overhead)

How It Works

One round-trip executes a complex workflow that would otherwise require multiple model invocations.

Quick Start

Get CodeCall running in 5 minutes: 
npm install @frontmcp/plugins

Quick Start Guide

Step-by-step guide from install to first execution

Why CodeCall Over Direct Tool Calls?

Before: List 100 tools → ~20,000 tokens in context After: 4 meta-tools → ~2,000 tokens, load schemas on-demandFor a workflow fetching users and invoices:
  • Direct calls: 3+ model round-trips, each with full tool list
  • CodeCall: 1 round-trip, script handles orchestration
The killer feature: Filter, join, and transform data inside the MCP server instead of in the LLM context.
// This runs in CodeCall, not in the LLM
const users = await callTool('users:list', { limit: 1000 });
const active = users.filter(u =>
  u.status === 'active' &&
  u.firstName.startsWith('me') &&
  new Date(u.lastLogin) > tenDaysAgo
);
return active.slice(0, 10);
Without CodeCall, you’d either:
  1. Build complex REST endpoints for every filter combination
  2. Fetch all 1000 users into LLM context (~50K tokens) and filter there
  3. Make multiple paginated calls with model round-trips
Unlike Anthropic’s code execution which requires Claude, CodeCall runs on any MCP-compatible client:
  • Claude Desktop
  • OpenAI with MCP adapters
  • Open source models via LangChain/LlamaIndex
  • Custom agents
Your infrastructure, your choice.
  • No data leaves your VPC: Embeddings run locally via VectoriaDB
  • Bank-grade sandboxing: AST Guard + Enclave
  • Audit everything: Full logging of script execution and tool calls
  • You control the limits: Timeouts, iteration caps, tool allowlists

When to Use CodeCall

Use CodeCall When

  • You have 20+ tools or anticipate growth
  • Tools come from OpenAPI adapters (often 50-200+ endpoints)
  • Workflows require multi-tool orchestration
  • You need in-tool filtering without building custom endpoints
  • You want any-LLM compatibility (not locked to Claude)
  • Security and compliance require audit trails

Skip CodeCall When

  • You have < 10 simple tools
  • Workflows are single-tool operations
  • You’re building a quick prototype
  • Tools already have comprehensive filtering APIs

Architecture Deep Dive

CodeCall is built on three battle-tested FrontMCP libraries:

AST Guard

Static analysis validates JavaScript AST before execution. Blocks eval, dangerous globals, prototype pollution, and unbounded loops.

Enclave

Runtime sandbox executes validated code in isolated Node.js vm context with timeouts, iteration limits, and sanitized outputs.

VectoriaDB

Semantic search indexes tools with local embeddings. No external API calls, works offline, sub-millisecond queries.
Every script goes through this 6-layer pipeline:

Next Steps

Quick Start

Install, configure, and execute your first CodeCall script in 5 minutes

AgentScript Guide

Learn the AgentScript language: APIs, allowed syntax, and error handling patterns

API Reference

Complete reference for all 4 meta-tools with examples and response schemas

Configuration

Tool visibility modes, VM presets, embedding strategies, and per-tool metadata

Security Model

Deep dive into defense-in-depth security, AST validation rules, and sandbox configuration

Production & Scaling

Performance tuning, monitoring, multi-tenancy, and deployment best practices

Examples & Recipes

Real-world patterns: CRM, ETL, batch processing, and error-resilient workflows

CRM Demo

Explore the multi-tool CRM sample app that showcases CodeCall in action

Resources

Source Code

View the CodeCall plugin implementation

Code Execution with MCP

Anthropic’s original article on the code execution pattern

Advanced Tool Use

Anthropic’s beta features: Tool Search, Programmatic Calling, and Tool Examples

Blog: Why 100 Tools Breaks Your Agent

Deep dive into the tool explosion problem and how CodeCall solves it