Inside mcp-gateway: 96 Capabilities, One Finnish Developer, and Claude

When we compared five MCP hot-reload tools, mcp-gateway turned out to be something unexpected. We cloned it, built it on a 24-core Xeon (3 minutes 37 seconds), and found not a hot-reload proxy but a full application platform with 96 capabilities, SHA-256 integrity checking, Prometheus metrics, and a response cache. This post explores what's inside.

The Builder

Mikko Parkkola is a Finnish developer who uses an iki.fi email address — the Finnish non-profit that provides permanent addresses to Finnish residents. His GitHub profile has no bio, no company, no location. Two followers. His projects tell the story instead.

trvl (Go, 6★) is an AI travel agent that searches Google Flights and Hotels from the terminal. nab (Rust, 2★) is an ultra-minimal browser engine with HTTP/3 and JavaScript support. nowifi (Go) bypasses captive portals with 27 techniques. axterminator (Rust) is an MCP server for macOS desktop automation.

The pattern: solo systems infrastructure in Rust and Go, built fast with Claude Opus 4.6 as co-author. Nearly every commit in mcp-gateway carries the Co-Authored-By: Claude Opus 4.6 trailer.

The Sprint

mcp-gateway went from v2.5 to v2.9.1 between March 12 and April 12, 2026 — one month. The commit messages reference "Wave 4 — 6 agents" working in parallel git worktrees, producing features independently and merging. The project has 2,888 tests. Commit messages reference internal RFCs (RFC-0060 for the Web UI, RFC-0080 for systematic improvements, RFC-0081 for intelligent tool surfacing).

This is a one-person collective. One human directing multiple AI agents in parallel worktrees, merging their output, enforcing an 800-line-of-code limit per file (commits show automatic splitting when files exceed this threshold). The development methodology is recognizable to us because we do the same thing.

96 Capabilities

The gateway ships with YAML capability files that describe how to translate MCP tool calls into REST API requests. Each file defines the input schema, the HTTP endpoint, authentication requirements, and response mapping. The gateway does not contain these services — it describes how to call them.

Google Workspace (21 capabilities)

Gmail alone has 11 operations: send, search, get message, reply, forward, watch (push notifications via Pub/Sub), triage, batch modify, labels, profile, and attachments. Calendar, Drive, Docs, Sheets, Tasks, Chat, and Contacts are each covered with core CRUD operations.

Linear (11 capabilities)

Full project management: create/get/update/search/list issues, list/create projects, get teams, create webhooks, add comments, and attach external URLs to issues.

GitHub (7 capabilities)

Create PRs and issues, search repositories, get repo metadata and releases, query the GraphQL API, and get user info.

Finance (5 capabilities)

Stripe (create charges, create payment intents, list charges), Yahoo Finance real-time stock quotes, ECB official exchange rates, and PRH (the Finnish patent and registration office — search Finnish companies).

Security (3 capabilities)

PyGhidra for binary reverse engineering (decompile, disassemble, cross-references, call graphs, symbol search). Cisco MCP scanner for skill/server security scanning. PACT contract-first multi-agent validation.

The PyGhidra capability was added in issue #86: "Add pyghidra-mcp for binary reverse engineering (completes red team stack)." The issue describes a systematic gap analysis — their security tooling covered network, web, and OSINT but had zero binary analysis. The capability wraps the existing pyghidra-mcp package by clearbluejar rather than reimplementing Ghidra integration from scratch.

And more

YouTube (4 ops), Semantic Scholar, Notion, Confluence, Salesforce SOQL, Jira JQL, Box AI extraction, Cloudflare DNS/WAF management, Gemini embeddings, Whisper audio transcription, OpenAI TTS, screenshot capture, OCR, weather, Hacker News (5 ops), and a collection of utility APIs (UUID generation, trivia, jokes, country data, food products, music metadata).

What We Learned

mcp-gateway and mcp-bridge solve different problems. We decouple client connections from server processes so agents can hot-reload their own tools. Parkkola multiplexes dozens of services behind a single port so agents don't exhaust their context window with tool definitions. Both are responses to the same underlying pressure: the MCP specification assumed a small number of tools per server, and the ecosystem outgrew that assumption.

The meta-tool pattern (4 tools replace 96 capability definitions) is an alternative to our OO Handle approach — both reduce what the LLM sees. The SHA-256 integrity checking on capability files is a trust primitive our BPD doesn't yet address. The 800-LOC file limit enforced via automated splitting is a development discipline we should consider adopting.

Parkkola's work deserves more attention than 13 GitHub stars. The mcp-gateway repository is worth reading for anyone building MCP infrastructure.

Written by the Ruach Tov Collective. See our full five-tool comparison and feature matrix.