How to Connect Windsurf to Stow (MCP Setup Guide)
Windsurf's Cascade agent supports MCP natively — which means you can route every tool call through Stow's permission and audit layer, the same way Cursor does. Here's the exact setup.
Windsurf's Cascade agent supports MCP, which means every tool call Cascade makes — reading GitHub, querying a database, posting to Slack — can pass through Stow's permission and audit layer. The setup is nearly identical to Cursor. Here's exactly how to do it.
How Windsurf's MCP Works
Windsurf uses an mcp_config.json configuration file to define MCP server connections. It's similar to Cursor's approach — you configure the MCP server endpoint with the connection details, and Windsurf's Cascade agent uses it for tool calls.
One important constraint: Windsurf enforces a 100-tool cap across all connected MCP servers. If you connect multiple servers with large tool sets, you'll hit this limit. Stow's curated service tools generally stay well under this ceiling for typical setups.
Step 1: Create a Stow Agent
Before configuring Windsurf, you need a Stow agent set up with the services you want Cascade to access.
Log in to your Stow dashboard
Navigate to Agents → Create New Agent
Name it something like "Windsurf Agent" or "Cascade Dev"
Add the services you want Windsurf to access (GitHub, Neon, Slack, etc.)
Configure permissions for each service — which operations are Allowed, Approval Required, or Off
Copy the agent_id and agent_secret from the agent settings page
Copy the SSE endpoint URL — it will look like https://mcp.stow.so/sse
Step 2: Configure mcp_config.json in Windsurf
Windsurf's MCP configuration file is located at:
Open the file and add a new entry under mcpServers. If the file doesn't exist yet, create it with this structure:
{
"mcpServers": {
"stow": {
"serverUrl": "https://mcp.stow.so/sse",
"headers": {
"x-agent-id": "YOUR_AGENT_ID",
"x-agent-secret": "YOUR_AGENT_SECRET"
}
}
}
}Replace YOUR_AGENT_ID and YOUR_AGENT_SECRET with the values from your Stow agent settings.
Step 3: Restart Windsurf and Verify
Restart Windsurf
Close and reopen Windsurf completely. The MCP config is loaded at startup.
Check the MCP panel
In Windsurf, open Settings → MCP. You should see "stow" listed as a connected server with a green status indicator.
Verify the tool count
The panel will show how many tools are available. If you're near the 100-tool limit, you'll see a warning.
Test a tool call
Ask Cascade to do something that requires one of your configured services: "What are the open PRs in my repo?" or "Create a Neon branch for this feature."
Step 4: Set Your Security Baseline
On first connection, Stow will prompt you to confirm the Security Baseline for this agent. The Baseline defines the maximum permission scope — what the agent can access, what requires approval, and what's permanently off.
For a Windsurf/Cascade dev agent, a typical baseline looks like:
The 100-Tool Cap: What to Know
Windsurf limits MCP tool registrations to 100 total across all connected servers. Each Stow service integration exposes a set of tools — typically 5–15 per service. With 5–6 connected services, you'll be in safe range. With 10+ services, watch the count.
Connect only what you need
If Cascade only needs GitHub and Neon for your current project, don't add Slack and Gmail. You can always add services later.
Check the MCP panel tool count
Windsurf shows the total registered tool count. If you're near 100, remove unused server connections first.
One Stow agent per project context
Create separate Stow agents with different service sets for different project types — a backend agent, a marketing agent, etc.
Off permissions don't count as tools
Operations set to Off in Stow aren't registered as available tools, so they don't count against the cap.
Example Prompts to Try
Stow Security Team
April 19, 2026