DEV.co
MCP Servers · universal-tool-calling-protocol

code-mode

Code-Mode is a TypeScript library that lets AI agents execute complex workflows through a single code execution interface instead of traditional function calls. It works with MCP and UTCP protocols to discover and chain multiple tool operations efficiently.

Source: GitHub — github.com/universal-tool-calling-protocol/code-mode
1.5k
GitHub stars
99
Forks
TypeScript
Primary language
MPL-2.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryuniversal-tool-calling-protocol/code-mode
Owneruniversal-tool-calling-protocol
Primary languageTypeScript
LicenseMPL-2.0 — OSI-approved
Stars1.5k
Forks99
Open issues3
Latest releasev1.0.6 (2025-11-23)
Last updated2026-06-18
Sourcehttps://github.com/universal-tool-calling-protocol/code-mode

What code-mode is

Node.js-based library providing sandboxed TypeScript execution with dynamic tool discovery, auto-generated type interfaces, and support for MCP/UTCP/HTTP/CLI protocols. Enables agents to batch tool calls into single code blocks with full observability and timeout protection.

Quickstart

Get the code-mode source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/universal-tool-calling-protocol/code-mode.gitcd code-mode# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Multi-step agent workflows

Replace sequences of tool calls (15+ API calls) with a single TypeScript code execution, reducing latency and token usage in agent systems.

LLM-driven tool orchestration

Leverage LLM code-generation strengths over function-calling paradigms; agents write TypeScript that chains GitHub, data processing, and business logic seamlessly.

Dynamic tool discovery for adaptive agents

Agents search for relevant tools on-demand, load only what they need, and adapt workflows without pre-loading hundreds of tool definitions.

Implementation considerations

  • Requires Node.js runtime; evaluate CPU/memory overhead of sandboxed VM per execution, especially at high concurrency.
  • Tool discovery and type generation happen at runtime; measure startup latency and cache strategy for production systems.
  • Sandboxing relies on Node.js isolates; review isolation guarantees against your threat model (not browser-grade isolation).
  • Agent must be capable of generating valid TypeScript; fallback handling for malformed code is essential.
  • Timeout configuration and error recovery must align with agent retry logic to avoid cascading failures.

When to avoid it — and what to weigh

  • Strict deterministic control required — Code execution introduces variability; if your system requires rigid, pre-validated call sequences, traditional function calls may be safer.
  • Zero code execution tolerance — Project security policy prohibits executing arbitrary code (even sandboxed); requires alternative tool-calling approaches.
  • Single-tool, simple operations — For agents that call one tool at a time, Code-Mode overhead outweighs batching benefits; use standard tool interfaces.
  • No TypeScript/JavaScript runtime available — Requires Node.js environment; not suitable for Python-only, Rust-only, or browser-only deployments without additional layers.

License & commercial use

MPL-2.0 (Mozilla Public License 2.0). Permissive copyleft license permitting commercial use, modification, and distribution under compliance with MPL-2.0 terms (source disclosure for modifications, patent grants). Not GPL-class viral licensing.

MPL-2.0 permits commercial use and integration into proprietary products. Requires disclosure of modifications to the library itself, but does not affect proprietary agent or application code. Suitable for commercial SaaS and internal enterprise use. Consult legal review for high-risk compliance scenarios.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityLow
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Project claims 'Secure VM Sandboxing' via Node.js isolates and 'Zero External Dependencies—tools only accessible through registered UTCP/MCP servers.' Node.js isolates provide process-level isolation but not kernel-level security; evaluate against your threat model. Timeout protection prevents runaway code. Full console output capture may expose sensitive logs. No third-party security audit or CVE history provided; assess isolation guarantees independently before processing sensitive data.

Alternatives to consider

OpenAI Function Calling / Tool Use (Claude, Gemini)

Standard LLM function-calling interface; lower latency for single calls but requires multiple round-trips for multi-step workflows; better for deterministic, pre-defined tool sets.

Anthropic Computer Use / Tool Use with Vision

Visual agent capability; not optimized for code-driven orchestration; better for GUI automation, screenshot interpretation, and click-based workflows.

LangChain / LlamaIndex Agent Frameworks

Higher-level abstractions for agent loops, memory, and tool orchestration; more ecosystem integrations; less focused on code execution efficiency; steeper learning curve.

Software development agency

Build on code-mode with DEV.co software developers

Evaluate Code-Mode for multi-step agent orchestration. Start with the CLI, review isolation guarantees, and pilot in non-critical environments before production deployment.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

code-mode FAQ

Is the sandbox truly secure for untrusted code?
Node.js isolates provide process-level isolation but not kernel-level security. For untrusted agent-generated code, assume defense-in-depth: isolate processes, monitor resource usage, and enforce strict timeout. No third-party security audit documented.
Does Code-Mode work with non-JavaScript agents?
Core library is TypeScript/Node.js. Python agents can call the CLI via shell. Non-JavaScript backends would need custom integrations or CLI wrappers.
What if the agent generates invalid TypeScript?
Not clearly stated. Evaluate error handling, fallback strategies, and how agent retry loops interact with execution failures.
How does tool discovery scale with large tool catalogs?
README mentions 'Progressive Tool Discovery' and reducing '500 tool definitions → 3 relevant tools,' but concrete performance metrics for large catalogs not provided. Requires load testing.

Custom software development services

Adopting code-mode is usually one piece of a larger software development effort. As a software development agency, DEV.co provides software development services and web development expertise — pairing senior software developers and web developers with your team to design, build, and operate mcp servers software in production.

Ready to streamline agent workflows?

Evaluate Code-Mode for multi-step agent orchestration. Start with the CLI, review isolation guarantees, and pilot in non-critical environments before production deployment.