Google releases colab-mcp: how agents automate Colab notebooks in production

Google released an open-source colab-mcp server that allows AI agents to manage Google Colab notebooks through MCP and execute code at runtime without manual work in the interface.

How colab-mcp works

colab-mcp is an MCP server for Google Colab that turns a browser notebook into a programmable work environment. An agent can not only read the notebook structure but also add cells, run code, and get results back as regular tool calls. The breakdown shows how this scheme is assembled from a basic tool registry to a full FastMCP server so developers understand not just the API but the internal mechanics of tool registration, JSON Schema, and asynchronous dispatching.

The authors start with a minimal MCPToolRegistry built manually in Python. This example shows how a function becomes a tool, how type hints build a parameter schema, and how the client calls a tool by name with arguments. This approach is useful beyond Colab: it explains the basic MCP model without framework magic and helps understand what FastMCP does under the hood when agents are shown the list of available actions.

Special emphasis is placed on Google's dual-mode architecture. In Session Proxy Mode, the agent works through a WebSocket bridge between a local MCP client and Colab open in the browser. In Runtime Mode, it goes directly to the kernel and executes Python code without visual actions in the interface.

This separation is important: the first mode is convenient for interactive notebook work, the second is for headless scenarios where direct computation execution and stable code execution on the runtime side are needed.

Five steps to an agent

The practical part is divided into five independent blocks that lead from demo to production patterns. First, the author assembles a minimal MCP registry manually and registers tools like execute_code, add_code_cell, add_text_cell, and get_cells. Then the same approach is transferred to FastMCP, where a more realistic server is launched with a set of proxy and runtime tools.

This provides not an abstract architecture but a sequential path: first understand the protocol, then replace homemade components with working infrastructure. Next, the tutorial shows what a live connection between an agent and Colab looks like. In the example, a secure WebSocket server is launched with a token, browser client connection is emulated, and JSON-RPC calls are verified between the frontend and MCP client.

After that, a runtime engine is built with persistent state, lazy initialization, and output handling in Jupyter style. That is, the agent sees not just the fact of code execution but a structured result, errors, and intermediate data that can be used to continue with the next step. The next level is a full agent cycle.

It receives a task in natural language, selects the right tool, executes code, analyzes the result, and if necessary, makes another step. This is exactly the pattern used in real integrations with Claude Code and Gemini CLI, according to the authors. As a result, Colab becomes not a separate tab for manual work but a computational backend that an LLM can manage as part of a general workflow.

• Basic MCP registry and schema generation
• Transition to FastMCP and a more realistic server
• Session Proxy Mode with WebSocket, token, and JSON-RPC
• Runtime Mode with direct code execution and kernel state
• Full agent loop with tool selection and result analysis

Reliability and launch

The most practical part is production orchestration on top of the runtime. The article shows RobustNotebookOrchestrator, which adds automatic retries with exponential backoff, timeouts via asyncio.wait_for, and dependent cell execution.

If one cell fails, downstream steps can be skipped, and individual blocks can be forced to run if necessary. This approach is useful for long notebooks, GPU tasks, and pipelines where an error in the middle shouldn't unpredictably break the entire process but should be correctly localized and logged. In the demonstration, a notebook with seven cells is executed: several pass successfully, one intentionally triggers a NameError, one is automatically skipped due to a dependency, and another runs despite the previous failure.

The system then outputs a structured report for each cell with status, duration, and number of retries. This is no longer the level of toy demos but a template for real research and engineering scenarios where observability, error control, and execution predictability matter. The author also shows a quick path to launch without major integration: install uv, add colab-mcp to the MCP config, open Colab in a browser, and give the agent a natural language command like building a notebook for data analysis.

Popular local clients like Claude Code, Gemini CLI, and Windsurf are supported, and for custom agents, a template for API connection is shown with tool descriptions and a tool_use processing loop. This lowers the barrier to entry: first you can connect a ready-made client, and then write your own agent wrapper.

What it means

colab-mcp moves Google Colab from manual notebook mode toward a programmable environment for AI agents. For developers, this is a direct path to automating data analysis, experiments, and model training without writing separate UI automation and without constantly switching between chat, code, and browser. If the tool takes hold in the MCP ecosystem, Colab could become one of the most convenient computational backends for agent scenarios.