{"slug": "sparda-turn-any-express-fastapi-app-into-an-mcp-server-in-3-minutes", "title": "Sparda – Turn any Express/FastAPI app into an MCP server in 3 minutes", "summary": "Sparda launches a tool that converts Express and FastAPI applications into MCP servers in three minutes without requiring OpenAPI specs, accounts, or hosting. The tool uses AST scanning to inject a reversible MCP router, disables write operations by default, and runs entirely on the user's machine with no telemetry.", "body_md": "**Your AI can write code. It still can't operate your app.**\n\nClaude, Cursor & friends read your *files* — not your *running product*. They can\nrefactor a controller, but they can't create an order, fetch a real user, or see why\nproduction is failing. And giving an AI real access to your API usually means: write\nan OpenAPI spec, build an MCP server, host it, secure it, keep it in sync with every\nroute change — and pray it never `DELETE`\n\ns the wrong row. Days of glue code, per\nproject, forever drifting.\n\nSPARDA deletes that work:\n\n```\nnpx sparda-mcp init   # scan your Express/FastAPI app, inject the MCP router — 3 minutes\nnpx sparda-mcp dev    # connect Claude Desktop / Claude Code. Done.\n```\n\nNo OpenAPI spec. No account. No API key. No server to host.\n\n-\n**Scan + inject**— run once, from your app's directory:\n\n```\nnpx sparda-mcp init\n```\n\nSPARDA parses your routes (AST), generates a marked\n\n`/mcp`\n\nrouter, injects it into your app (with a backup), and writes`sparda.json`\n\n. Every step is reversible. -\n**Start your app, then start the bridge:**\n\n```\nnpx sparda-mcp dev\n```\n\n-\n**Connect your client.**`init`\n\nprints a ready-to-paste block for`claude_desktop_config.json`\n\n, pre-filled with your app's name and path:\n\n```\n{\n  \"mcpServers\": {\n    \"your-app\": {\n      \"command\": \"npx\",\n      \"args\": [\"sparda-mcp\", \"dev\"],\n      \"cwd\": \"/absolute/path/to/your-app\"\n    }\n  }\n}\n```\n\nClaude Code connects to the same bridge. That's it — your running app is now a set of MCP tools your AI can call.\n\nTo undo everything: ** npx sparda-mcp remove** restores your code byte-for-byte.\n\n**Three minutes, one command.** AST scan, router generation, reversible injection — no config.**Try it for free, leave for free.**`npx sparda-mcp remove`\n\nrestores your code**byte-for-byte**(tested on JS, TS, Python, even Windows CRLF files). No trace, no lock-in.** The AI cannot write until you say so.**Every POST/PUT/DELETE is disabled by default; you enable per tool, and your choice survives every re-run.** Your app defends itself.**A route failing 3 times in a row is quarantined — the AI can't hammer your broken production. Latency anomalies are flagged. Zero LLM needed.**Nothing leaves your machine.** No telemetry to us, no cloud, local key auth, 4 exact-pinned dependencies.**What it learns is never lost.** Diagnoses, descriptions, settings — versioned with your git, surviving every re-init.\n\nWhat we *don't* promise: the honest limits in [docs/SECURITY.md](/zyx77550/sparda/blob/main/docs/SECURITY.md).\n\n`npx sparda-mcp init`\n\nparses your codebase (AST), extracts every route, and injects a tiny marked router (`/mcp`\n\n) into your app — fully reversible with`npx sparda-mcp remove`\n\n.- Tool calls run\n**inside your live app process**— warm DB pools, real auth chain, real data. SPARDA adds no infrastructure: compute comes from your host process, intelligence from your AI client's own model (MCP sampling), storage from`sparda.json`\n\n+ git. - Write tools (POST/PUT/DELETE) are\n**disabled by default**. You opt in per tool in`sparda.json`\n\n— your choices survive re-runs. - Suspicious docstrings are sanitized before they ever reach the AI (prompt-injection defense).\n\nEvery route becomes a tool that runs against your live process — real auth, real data,\nwarm connections. One call to ** sparda_get_context** hands the AI the whole living\npicture: enabled tools, suggested workflows, runtime telemetry, quarantine state, and\nimmune memory — so every session resumes where the last one stopped.\n\n- Writes (POST/PUT/DELETE) ship\n**disabled**. Enable them per tool in`sparda.json`\n\n; your choice survives every re-init. - An enabled write is\n**never executed on the first call**. SPARDA returns an`awaiting_confirmation`\n\nenvelope — a single-use token plus a preview of the action — and commits only after an explicit confirm step. - When your client supports MCP elicitation, that confirmation prompt appears\n**in the AI's own UI**. **Proof-after-write**: every successful write is followed by a read-back of the same resource, so the AI — and you — see the real effect, not a hopeful guess.\n\n**Quarantine.** A tool that returns 3 consecutive 5xx is quarantined: further calls get a`503`\n\nwith a reason and a retry delay instead of hammering your broken route. After a cooldown it half-opens for a single probe.**Latency & anomaly flags.** The router learns each route's baseline and flags deviations locally, in a few lines of math.**Adaptive diagnosis, only on surprise.** A genuinely new failure wakes your AI client's own model to diagnose it once; the diagnosis is cached as an \"antibody\" in`sparda.json`\n\n, so the same failure later costs zero tokens. Cloning your code doesn't clone its immune memory.\n\nOn first connection your AI client's own model (via MCP sampling) rewrites raw routes\ninto business-language tool descriptions and proposes multi-step workflows — cached in\n`sparda.json`\n\nand exposed as MCP prompts. Nothing to configure, nothing to pay.\n\n**Response recycling.** When a read keeps returning the same answer, SPARDA serves the next identical call straight from memory — without touching your host app. Reads only; writes always hit the host.**A recycling gauge.**`GET /mcp/stats`\n\ncounts how many calls were answered from SPARDA's own knowledge vs. how many paid the host route. It reads 0% on day one and fills with usage — a measure, never a promise.\n\nTurn it on with `\"labs\": { \"recordSequences\": true }`\n\nin `sparda.json`\n\n. SPARDA then\nnotices when one tool's output feeds the next tool's input and records the *circuit* —\nstructure only (tool names, argument names, counts), never your data. A read-only\ncircuit seen enough times **crystallizes into a composite tool**, announced\nmid-session: one call runs the whole chain, auto-feeding each step from the previous\nstep's real response. Write routes are never absorbed — their per-call confirmation\nalways stands.\n\n`GET /mcp/stats`\n\n(per-tool calls/errors, tool \"purity\", quarantine state) and\n`GET /mcp/events`\n\n(errors, latency anomalies, cached diagnoses) expose exactly what\nyour app is doing — surfaced to the AI as live notifications.\n\nSPARDA ships with an Agent Skill ([ SKILL.md](/zyx77550/sparda/blob/main/SKILL.md)) that teaches any compatible\nAI client how to drive a SPARDA server to its\n\n**full potential**— call\n\n`sparda_get_context`\n\nfirst, exploit response recycling, honor quarantine, prefer\ncrystallized circuits over re-walking a chain, and follow the two-phase write-confirm\nprotocol. The live, per-project tool list always comes from `sparda_get_context`\n\nat\nruntime, so the guidance never goes stale.Express 4/5 (JS/TS, ESM/CJS) and FastAPI today. We are actively expanding SPARDA internally to support more Node.js environments (including NestJS, Fastify, and Next.js API routes) in the near future.\n\n- 4 runtime dependencies, exact-pinned.\n- Local key on every router call; self-reference loop protection; 30s timeouts; 8 KB output truncation.\n- AST-positioned injection with backup and post-injection re-parse;\n`npx sparda-mcp remove`\n\nleaves a clean git diff. - Persistence is\n**value-free**: SPARDA records structure (tool names, field names, fingerprints), never your payloads.\n\nFull threat model and known gaps: [docs/SECURITY.md](/zyx77550/sparda/blob/main/docs/SECURITY.md).\n\n[docs/ARCHITECTURE.md](/zyx77550/sparda/blob/main/docs/ARCHITECTURE.md)— how`init`\n\n, the injected router, and the bridge fit together, plus the`sparda.json`\n\nschema.[docs/SECURITY.md](/zyx77550/sparda/blob/main/docs/SECURITY.md)— threat model, defenses, and honest known gaps.[docs/TESTING.md](/zyx77550/sparda/blob/main/docs/TESTING.md)— how the promises above are kept honest in CI.[docs/ERRORS.md](/zyx77550/sparda/blob/main/docs/ERRORS.md)— the error knowledge base.\n\nSPARDA is free, including in production (see License). Team-scale capabilities — fine-grained per-person access policies and a signed, tamper-evident audit log — are planned for a future paid tier. The open core stands on its own; nothing here is crippled to upsell you.\n\n[Business Source License 1.1](/zyx77550/sparda/blob/main/LICENSE) — free to use, including in production.\nYou may not resell SPARDA or offer it as a competing commercial service.\nEach version converts to Apache 2.0 four years after its release.", "url": "https://wpnews.pro/news/sparda-turn-any-express-fastapi-app-into-an-mcp-server-in-3-minutes", "canonical_source": "https://github.com/zyx77550/sparda", "published_at": "2026-06-16 23:27:33+00:00", "updated_at": "2026-06-16 23:52:36.943477+00:00", "lang": "en", "topics": ["developer-tools", "ai-tools", "ai-agents", "ai-infrastructure", "ai-safety"], "entities": ["Sparda", "Express", "FastAPI", "Claude Desktop", "Claude Code", "Cursor", "MCP"], "alternates": {"html": "https://wpnews.pro/news/sparda-turn-any-express-fastapi-app-into-an-mcp-server-in-3-minutes", "markdown": "https://wpnews.pro/news/sparda-turn-any-express-fastapi-app-into-an-mcp-server-in-3-minutes.md", "text": "https://wpnews.pro/news/sparda-turn-any-express-fastapi-app-into-an-mcp-server-in-3-minutes.txt", "jsonld": "https://wpnews.pro/news/sparda-turn-any-express-fastapi-app-into-an-mcp-server-in-3-minutes.jsonld"}}