Claude Desktop Extensions: One-click MCP server installation for Claude Desktop

Source: Anthropic Engineering Date: 2025-06-26 URL: https://www.anthropic.com/engineering/desktop-extensions

Summary

Anthropic introduced Desktop Extensions (.mcpb files) — zip archives bundling an MCP server with a manifest.json declaring metadata, configuration requirements, and runtime details — enabling one-click installation via Claude Desktop without manual JSON config or dependency management. The toolchain (npx @anthropic-ai/mcpb) supports Node.js, Python, and binary servers. Anthropic open-sourced the spec and toolchain to position .mcpb as a cross-platform standard.

Implications

The MCP integration patterns thread. Desktop Extensions are the distribution layer that was missing from MCP — the protocol was technically sound but adoption required developer-level setup. One-click installation is the adoption unlock for non-technical users, which expands the addressable MCP market substantially.

Platform strategy via open-sourcing. Open-sourcing the .mcpb spec while controlling the Claude Desktop runtime is the App Store play: Anthropic owns the trusted distribution channel and sets the security model (keychain secrets, sandboxed installs), while an open format prevents lock-in criticism and encourages ecosystem contribution.

Security surface expansion. Each installed extension is an MCP server with local system access. The move from manual JSON config (developer-gated) to one-click install (consumer-accessible) increases the prompt injection and malicious extension attack surface significantly. The Agent Skills security warning (“only install from trusted sources”) applies here at higher stakes, since Desktop Extensions reach a broader, less security-conscious audience.