# Sparda – Turn any Express/FastAPI app into an MCP server in 3 minutes > Source: > Published: 2026-06-16 23:27:33+00:00 **Your AI can write code. It still can't operate your app.** Claude, Cursor & friends read your *files* — not your *running product*. They can refactor a controller, but they can't create an order, fetch a real user, or see why production is failing. And giving an AI real access to your API usually means: write an OpenAPI spec, build an MCP server, host it, secure it, keep it in sync with every route change — and pray it never `DELETE` s the wrong row. Days of glue code, per project, forever drifting. SPARDA deletes that work: ``` npx sparda-mcp init # scan your Express/FastAPI app, inject the MCP router — 3 minutes npx sparda-mcp dev # connect Claude Desktop / Claude Code. Done. ``` No OpenAPI spec. No account. No API key. No server to host. - **Scan + inject**— run once, from your app's directory: ``` npx sparda-mcp init ``` SPARDA parses your routes (AST), generates a marked `/mcp` router, injects it into your app (with a backup), and writes`sparda.json` . Every step is reversible. - **Start your app, then start the bridge:** ``` npx sparda-mcp dev ``` - **Connect your client.**`init` prints a ready-to-paste block for`claude_desktop_config.json` , pre-filled with your app's name and path: ``` { "mcpServers": { "your-app": { "command": "npx", "args": ["sparda-mcp", "dev"], "cwd": "/absolute/path/to/your-app" } } } ``` Claude Code connects to the same bridge. That's it — your running app is now a set of MCP tools your AI can call. To undo everything: ** npx sparda-mcp remove** restores your code byte-for-byte. **Three minutes, one command.** AST scan, router generation, reversible injection — no config.**Try it for free, leave for free.**`npx sparda-mcp remove` restores your code**byte-for-byte**(tested on JS, TS, Python, even Windows CRLF files). No trace, no lock-in.** The AI cannot write until you say so.**Every POST/PUT/DELETE is disabled by default; you enable per tool, and your choice survives every re-run.** Your app defends itself.**A route failing 3 times in a row is quarantined — the AI can't hammer your broken production. Latency anomalies are flagged. Zero LLM needed.**Nothing leaves your machine.** No telemetry to us, no cloud, local key auth, 4 exact-pinned dependencies.**What it learns is never lost.** Diagnoses, descriptions, settings — versioned with your git, surviving every re-init. What we *don't* promise: the honest limits in [docs/SECURITY.md](/zyx77550/sparda/blob/main/docs/SECURITY.md). `npx sparda-mcp init` parses your codebase (AST), extracts every route, and injects a tiny marked router (`/mcp` ) into your app — fully reversible with`npx sparda-mcp remove` .- Tool calls run **inside your live app process**— warm DB pools, real auth chain, real data. SPARDA adds no infrastructure: compute comes from your host process, intelligence from your AI client's own model (MCP sampling), storage from`sparda.json` + git. - Write tools (POST/PUT/DELETE) are **disabled by default**. You opt in per tool in`sparda.json` — your choices survive re-runs. - Suspicious docstrings are sanitized before they ever reach the AI (prompt-injection defense). Every route becomes a tool that runs against your live process — real auth, real data, warm connections. One call to ** sparda_get_context** hands the AI the whole living picture: enabled tools, suggested workflows, runtime telemetry, quarantine state, and immune memory — so every session resumes where the last one stopped. - Writes (POST/PUT/DELETE) ship **disabled**. Enable them per tool in`sparda.json` ; your choice survives every re-init. - An enabled write is **never executed on the first call**. SPARDA returns an`awaiting_confirmation` envelope — a single-use token plus a preview of the action — and commits only after an explicit confirm step. - When your client supports MCP elicitation, that confirmation prompt appears **in the AI's own UI**. **Proof-after-write**: every successful write is followed by a read-back of the same resource, so the AI — and you — see the real effect, not a hopeful guess. **Quarantine.** A tool that returns 3 consecutive 5xx is quarantined: further calls get a`503` with a reason and a retry delay instead of hammering your broken route. After a cooldown it half-opens for a single probe.**Latency & anomaly flags.** The router learns each route's baseline and flags deviations locally, in a few lines of math.**Adaptive diagnosis, only on surprise.** A genuinely new failure wakes your AI client's own model to diagnose it once; the diagnosis is cached as an "antibody" in`sparda.json` , so the same failure later costs zero tokens. Cloning your code doesn't clone its immune memory. On first connection your AI client's own model (via MCP sampling) rewrites raw routes into business-language tool descriptions and proposes multi-step workflows — cached in `sparda.json` and exposed as MCP prompts. Nothing to configure, nothing to pay. **Response recycling.** When a read keeps returning the same answer, SPARDA serves the next identical call straight from memory — without touching your host app. Reads only; writes always hit the host.**A recycling gauge.**`GET /mcp/stats` counts how many calls were answered from SPARDA's own knowledge vs. how many paid the host route. It reads 0% on day one and fills with usage — a measure, never a promise. Turn it on with `"labs": { "recordSequences": true }` in `sparda.json` . SPARDA then notices when one tool's output feeds the next tool's input and records the *circuit* — structure only (tool names, argument names, counts), never your data. A read-only circuit seen enough times **crystallizes into a composite tool**, announced mid-session: one call runs the whole chain, auto-feeding each step from the previous step's real response. Write routes are never absorbed — their per-call confirmation always stands. `GET /mcp/stats` (per-tool calls/errors, tool "purity", quarantine state) and `GET /mcp/events` (errors, latency anomalies, cached diagnoses) expose exactly what your app is doing — surfaced to the AI as live notifications. SPARDA ships with an Agent Skill ([ SKILL.md](/zyx77550/sparda/blob/main/SKILL.md)) that teaches any compatible AI client how to drive a SPARDA server to its **full potential**— call `sparda_get_context` first, exploit response recycling, honor quarantine, prefer crystallized circuits over re-walking a chain, and follow the two-phase write-confirm protocol. The live, per-project tool list always comes from `sparda_get_context` at runtime, so the guidance never goes stale.Express 4/5 (JS/TS, ESM/CJS) and FastAPI today. We are actively expanding SPARDA internally to support more Node.js environments (including NestJS, Fastify, and Next.js API routes) in the near future. - 4 runtime dependencies, exact-pinned. - Local key on every router call; self-reference loop protection; 30s timeouts; 8 KB output truncation. - AST-positioned injection with backup and post-injection re-parse; `npx sparda-mcp remove` leaves a clean git diff. - Persistence is **value-free**: SPARDA records structure (tool names, field names, fingerprints), never your payloads. Full threat model and known gaps: [docs/SECURITY.md](/zyx77550/sparda/blob/main/docs/SECURITY.md). [docs/ARCHITECTURE.md](/zyx77550/sparda/blob/main/docs/ARCHITECTURE.md)— how`init` , the injected router, and the bridge fit together, plus the`sparda.json` schema.[docs/SECURITY.md](/zyx77550/sparda/blob/main/docs/SECURITY.md)— threat model, defenses, and honest known gaps.[docs/TESTING.md](/zyx77550/sparda/blob/main/docs/TESTING.md)— how the promises above are kept honest in CI.[docs/ERRORS.md](/zyx77550/sparda/blob/main/docs/ERRORS.md)— the error knowledge base. SPARDA is free, including in production (see License). Team-scale capabilities — fine-grained per-person access policies and a signed, tamper-evident audit log — are planned for a future paid tier. The open core stands on its own; nothing here is crippled to upsell you. [Business Source License 1.1](/zyx77550/sparda/blob/main/LICENSE) — free to use, including in production. You may not resell SPARDA or offer it as a competing commercial service. Each version converts to Apache 2.0 four years after its release.