Code-generated MCP workflows: what it means for AI agent teams

TL;DR: Cloudflare’s Code Mode cuts token usage by 32% for a simple task and 81% for a 31-event batch workflow by having agents generate code from MCP server schemas instead of calling tools directly, according to WorkOS. The efficiency gain matters because it shifts MCP design toward hybrid execution models where code generation becomes part of the control surface, not just the model output.

NHIMG editorial — based on content published by WorkOS: Cloudflare: Code Mode Cuts Token Usage by 81%

By the numbers:

• Code Mode used 32% fewer tokens for the simple single-event task.
• Code Mode used 81% fewer tokens for the complex 31-event task.

Questions worth separating out

Q: How should security teams govern MCP agents that can switch between tool calls and generated code?

A: Security teams should treat tool calls and generated code as separate execution modes with different control requirements.

Q: Why does code generation change the risk profile of MCP workflows?

A: Code generation changes the risk profile because it lets an agent loop, branch, and reuse state inside a sandbox instead of exposing every step as a discrete tool call.

Q: What breaks when MCP governance only models tool permissions?

A: When governance only models tool permissions, it misses the authority created by generated code.

Practitioner guidance

• Classify agent execution modes separately Inventory which MCP workflows use direct tool calls and which use generated code inside a sandbox.
• Restrict code-generation authority to bounded tasks Allow generated code only for workflows where loops, conditionals, or repeated calls are necessary and where the allowed APIs are tightly scoped.
• Instrument the sandbox as a governed runtime Capture execution IDs, code payloads, outbound calls, and completion status from the Worker layer.

What's in the full article

WorkOS's full article covers the implementation detail this post intentionally leaves for the source:

• The side-by-side demo mechanics for direct MCP tool calls versus generated code execution.
• The Worker and Code Executor flow used to run generated code in a sandboxed environment.
• The execution ID and runtime setup details that show how Cloudflare tracks each agent run.
• The practical beta-access context for teams evaluating Code Mode in their own environments.

👉 Read WorkOS's analysis of Cloudflare Code Mode and MCP efficiency →

Code-generated MCP workflows: what it means for AI agent teams?

Explore further

View Full Forum →  |  NHI Foundation Course →