diff --git a/CHANGELOG.md b/CHANGELOG.md
index c82b78d75..7b05f2a7f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,19 @@ All notable changes to OpenContracts will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [Unreleased] - 2025-12-28
+
+### Added
+
+#### MCP (Model Context Protocol) Interface Proposal (Issue #387)
+- **Comprehensive MCP interface design** (`docs/mcp/mcp_interface_proposal.md`): Read-only access to public OpenContracts resources for AI assistants
+- **4 resource types**: corpus, document, annotation, thread - with hierarchical URI patterns
+- **7 tools for discovery and retrieval**: `list_public_corpuses`, `list_documents`, `get_document_text`, `list_annotations`, `search_corpus`, `list_threads`, `get_thread_messages`
+- **Anonymous user permission model**: Operates as AnonymousUser with automatic filtering to `is_public=True` resources
+- **Synchronous Django ORM implementation**: Uses `sync_to_async` wrapper pattern for MCP server integration
+- **Performance optimizations**: Uses existing `AnnotationQueryOptimizer`, `prefetch_related` for threaded messages, and proper pagination
+- **Robust URI parsing**: Regex-based URI parsing with slug validation to prevent injection attacks
+- **Helper function implementations**: Complete `format_*` functions for corpus, document, annotation, thread, and message formatting
 ## [Unreleased] - 2025-12-27
 
 ### Added
diff --git a/config/asgi.py b/config/asgi.py
index 1185e54ea..557cbc18c 100644
--- a/config/asgi.py
+++ b/config/asgi.py
@@ -41,6 +41,7 @@
 from config.websocket.consumers.unified_agent_conversation import (  # noqa: E402
     UnifiedAgentConsumer,
 )
+from opencontractserver.mcp.server import mcp_asgi_app  # noqa: E402
 
 logger = logging.getLogger(__name__)
 
@@ -52,6 +53,28 @@
 # This application object is used by any ASGI server configured to use this file.
 django_application = get_asgi_application()
 
+
+def create_http_router(django_app, mcp_app):
+    """
+    Create an HTTP router that dispatches to MCP or Django based on path.
+
+    Routes /mcp and /mcp/* to the MCP ASGI app, everything else to Django.
+    The MCP server uses Streamable HTTP transport in stateless mode.
+    """
+
+    async def router(scope, receive, send):
+        path = scope.get("path", "")
+        # Match /mcp exactly or /mcp/* paths
+        if path == "/mcp" or path.startswith("/mcp/"):
+            await mcp_app(scope, receive, send)
+        else:
+            await django_app(scope, receive, send)
+
+    return router
+
+
+http_application = create_http_router(django_application, mcp_asgi_app)
+
 document_query_pattern = re_path(
     r"ws/document/(?P<document_id>[-a-zA-Z0-9_=]+)/query/(?:corpus/(?P<corpus_id>[-a-zA-Z0-9_=]+)/)?$",
     DocumentQueryConsumer.as_asgi(),
@@ -119,7 +142,7 @@
 # 4. URL routing
 application = ProtocolTypeRouter(
     {
-        "http": django_application,
+        "http": http_application,  # Routes /mcp/* to MCP, rest to Django
         "websocket": websocket_auth_middleware(URLRouter(websocket_urlpatterns)),
     }
 )
diff --git a/config/settings/base.py b/config/settings/base.py
index 0a407a1b8..73f95fbcd 100644
--- a/config/settings/base.py
+++ b/config/settings/base.py
@@ -720,7 +720,7 @@
     "http://127.0.0.1:5173",
 ]
 
-DEFAULT_IMAGE = """data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAgAAAAIACAYAAAD0eNT6AAAZjklEQVR4nO3d33HUWNMH4A1hbqbqdF85BGeAM3jJADKADHAGuxngDCADnAFkYDKwM9jvwvK35r89aukczTxPVdd7sVUvkkDq36iPpL/+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Kfv9/ry19iIz32Xm+4j49KhuMvNfpdSyFRE3j8+9zHyfme9aay/2+/157+sEcAQemv10kel+4VNKPa2mc/Zda+1F7+sIsAG73W7XWnsVER96X8CUUnUVER9aa692u92u93UGGEhm/i/vbyPe9r5QKaUWrdu8P9f/1/u6A3Q0/dq/GeCipJRauSLiprX2qvd1CFiRxq+UeihBAE5Aa+1C41dK/aymIHDR+zoFFGqtnVnYp5R6Sk0LBs96X7eAmSLiTVrcp5R6Xt1GxJve1y/gALvdbudXv1JqTkXEB48Owobs9/tzs36lVEVFxI03DMIGtNZe975gKKWOr1prr3tf34BfmOb93S8USqnjLOsCYEB5/3av7hcIpdTR1/ve1ztgkv2b/11EXCul1qnMvBMC4MSt2fwj4mtmXkXE29bahdXB0Nf0Aa+LiHg7nZtfhQA4AdNJv/RJ/mVq+Ge99xf4s+nFX28z88sKPwre9t5fODkLr/a/y8wrj/7Atu33+/PMvFoyBHg6AFY0ndRLNf5Lt/bhuOx2u11mXuZCawf8WIAVTG/4u1ngVt5HjR+O2zQe+LjA9ePG9QMWFsWv942Ir74ABqdlWjhYumAwIj703i84WtWL/vzqh9M13U0svRtgUSAsoLV2loVf9XOiAn/9Vf7D4tYTQ1Cs8Nb/nVW7wGPTU0UlCwSNAqBQa+2iqvlbrQv8zPR0UUkIsK4IihSt+tf8gd+qCgERcdN7X2Dzql7447Y/8BSuOTCIil//FvwBz1GxMNBdAJihIolHxMfe+wFsT8Ujgu4CwIHm/vqPiK+e8wcOMb0nYNbLgtwFgANk5suC9H3Rez+A7Sp6Aull7/2ATcmZX/By6x+oUDAKuOq9D7AZ05e75pxwd279AxWmt5DOeTTw1vUInqhg8d9l730Ajkfef0p4zjjyde99gE2YecvNr3+g1Ny7kkaS8ETmbcBocua6pN7bD8Obu+rW636BJUyvCZ4zBrjovQ8wtJmzti+9tx84Xpn5Zcb16bL39sPQMvPzjDmbV/4Ci5nziuCIuO69/TC0mbfYznpvP3C8pkcCrQOAanNmbBHxtff2A8dvzuuBrVGCX8h5r/+96r39wPHLGU8DWAgIv5AzFgCa/wNrmPmp4Mve2w9DkqyB0c18VPmq9/bDkCLi+tATy9v/gDXMWQjoSQD4hTkBoPe2A6dDAIBiMwLAXe9tB05HHvh1QAEAfiEzb51UwOhm/Fi57b3tMCS31YAtMK6EYgIAsAUCABQTAIAtEACgmAAAbIEAAMUEAGALBAAoJgAAWyAAQDEBANgCAQCKCQDAFggAUEwAALZAAIBiAgCwBQIAFBMAgC0QAKCYAABsgQAAxQQAYAsEACgmAABbIABAMQEA2AIBAIoJAMAWCABQTAAAtkAAgGICALAFAgAUEwCALRAAoJgAAGyBAADFBABgCwQAKCYAAFsgAEAxAQDYAgEAigkAwBYIAFBMAFjXfr8/b629aK292O12u97bA1shAEAxAWAZ+/3+PCLeRMSHzPz8h+N5GxGfIuLvzPyfYAA/EgCgmABQZ2r6f2fm7aHH9VF9bq29EgbgngAAxQSA+VprFxHxqaDp//TuQGa+b62d9d5P6EkAgGICwOEWbvw/q3fuCHCqBAAoJgA832632023+tdq/N/fEXjZ+xjA2gQAKCYAPM9+vz/PPy/qW7wi4u/exwLWJABAMQHg6Vprr3s3/u/qs5EAp0IAgGICwNMM2PyFAE6KAADFBIA/G7j5CwGcDAEAigkAv5eZLwdo8E8KAb2PFSxJAIBiAsCvTQv+Kl7qs1a9733MYCkCABQTAH5ut9vtcoDV/gf8vbztfexgCQIAFBMAfi4i/undzA+sW28N5BgJAFBMAPhRa+1sgEZ+cEXEh97HEKoJAFBMAPjRQq/3vYuI64j4mJmXmXk5XdC+LBQEvC2QoyIAQDEB4FuttYviRnz1p2Y8vVr4bUR8rfpzI+LTWscM1iAAQDEB4FvTL/SKBny93+/PD/jz32bmXcU2tNYuFjhE0IUAAMUEgP9Uzf4j4p+C7agYDVwVHRroTgCAYgLAf/J+Nj/3V/frim2ZHkOcHQK8IZBjIQBAMQHgPxFx0/OX//emtQGz1gVUBRLoTQCAYgLAvbm3/5c6HgWLEq+W2C5YmwAAxUZreL3M/eDPkgvu8v5JgkP/nm6W2i5YkwAAxQSAe3Pe/BcRH5fctrl3Jw55GgFGIwBAMQHg3pyLyxpz9pyxINDjgBwDAQCKCQD35iwAXGOlfc54QsEHgjgGAgAUEwDujX4cZi4GvFxjG2FJAgAUG73xrWX04zBzHcDlGtsISxIAoNjojW8tM5rr1Qa28XKtbYSlCABQTAC4N/pxmN4MKABwsgQAKDZ641vL6MfBGgBOnQAAxUZvfGuZ0Vxv19i+mS8qulxjG2FJAgAUEwDu5Yzn7Nd40c7MzxS/XHr7YGkCABQTAO7NabDVHwH63jT/vx05oMDSBAAoJgDcy3mfAr5d8mVAEfF2xra5+HEUBAAoJgDcK/jq3uUS2zX3139mflliu2BtAgAUEwD+MzMALHKrPSI+zNkmrwHmWAgAUEwA+E/O+OzuVKWjgJw3lvg3M/9trZ1VbQ/0JABAMQHgP5n5cm7DzczbijsBEfF3wba4/c/REACgmADwrcy8qwgBh34ieLfb7ebe9n/0d+T2P0dDAIBiAsC3suC2+6Nj9Km1dvGUP3da7Pcu5y34e1x3a3ymGNYiAEAxAeBbUyOuuAvw+FjdZOb71tqr1tqLxxURbyLiU+WfN9Vl72MJlQQAKCYA/Gjuc/cDlF//HB0BAIoJAD+XM14N3LsOXX8AIxMAoJgA8HP7/f68dyM/8O/lY+9jB0sQAKCYAPBrWxsFRMRXt/45VgIAFBMAfi/nvxxorbrz0R+OmQAAxQSAP5tz4VmxfPKXoyYAQDEB4M+mRwOHXRRo0R+nQACAYgLA00whYLRxwJ3mz6kQAKCYAPA8EfHPAI3/38z8YubPKREAoJgA8Hx5/9Gg0rcFPvPYf7Tan1MjAEAxAeAw00d7Vr0bEBFf02I/TpQAAMUEgHlaaxcR8XHh5n/ny36cOgEAigkANVprZ3m/SLBsNBAR1xb5wT0BAIoJAPUy8+U0Hnjuo4N3EfExIt621s567weMRACAYgLA8lprF62115l5+X211l5P//2s93bCyAQAKCYAAFsgAEAxAQDYAgEAigkAwBYIAFBMAAC2QACAYgIAsAUCABQTAIAtEACgmAAAbIEAAMUEAGALBAAoJgAAWyAAQDEBANgCAQCKCQDAFggAUEwAALZAAIBiAgCwBQIAFBMAgC0QAKCYAABsgQAAxQQAYAsEACgmAABbIABAMQEA2AIBAIoJAMAWCABQTAAAtkAAgGICALAFAgAUy8w7AQAY3YwAcNd722FIM06q297bDpyOzLz1YwUKua0GbIFxJRSbEwB2u92u9/YDx2+32+0EACiWmVeHnlittYve2w8cv9baxaHXqcy86r39MKTMvJyRrN/23n7g+EXE2xkB4LL39sOQMvOlZA2MzJ1KWMB+vz+fcQfgpvf2A8cvIm4OvU7t9/vz3tsPw5pxB+Df1tpZ7+0Hjldr7WzONar39sPQMvOLdQDAiObM/z0BAH+QMxYCZubn3tsPHK/M/Dzj+nTZe/thaDMfsTFjAxYxZ43SNKK86L0PMLw5J1l6GgBYQM5Y/W/+D08UER9nnGi33goIVJrz9r9p/v+x9z7AJrTWXs+8C3DZex+A45Hz1ib921p73XsfYBPmpm13AYAq06N/B339b6o71yN4hrnztoj40HsfgO2LiA8zf5Bc9d4H2JSc91rgh9tuF733A9iuuU8lTfWy937A5kTE15l3AW7cegMOsdvtdnNe+ztdg7723g/YpILFgEYBwEEKbv1b/AdzzL0LMIUArwgGnmzmJ3/9+ocKFXcBJHHgqVxzYCAVdwEy89ZrgoHfmV73O+eRP7/+oVLRSlwhAPilquY//fq/6L0/cDRmvh74mxDg1hzw2HTbv6T5e+0vFJvexnVXFAL+jYg3vfcJ6C8i3lRdVzLzrrV21nuf4OhUrMz9LgR88J4AOE3Tc/6zH/X77priiSNYSuEo4OGEvTGvg9PSWruY+5Ift/5hZVNqr3gq4Ie7AW7dwXFrrZ1V/+qfrh9f3U2EFUyrdUtP4KluM/OdExmOy/SF0XdZtNDv+/J0Eayo6mUdv6n3TmrYtunHwvslrxWeKoIOqhcF/qI+R8Qb4wHYhuk2/5vM/Lz09cGiP+goM69WCAEPJ/tNZr6fAsELoQD6aq2dtdZeTA3/ffXCvj/UVe/9h5O3Zgj4Rd1GxCel1DqVC83yNX/YoAFCgFLqNOqq9/UO+E6ssyZAKXWiFWb+MK4Vng5QSp1gWe0PG7Df789jgZcFKaVOryLiq0eCYUOmNwaWvjZYKXVaFREfvRgMNmpaF1D2FUGl1EnUnXk/HIHpxSDuBiil/lgR8dE7PuDITF8AszZAKfVDRcRXXwaFI9daey0IKKUy/7/xv+59XQJWJAgodbql8QN/ZebLvH+ToMWCSh133eX9uf6y93UHGMhut9tNdwUsGFTqiGpa2PfaI33Ak7TWLjLzMiKue1/AlFJPr+mcvbSoDyix3+/PH0JBZl5FxPVDpfGBUmvV3Xfn3lVOzd4b+wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0/N/PamBpGv0OZsAAAAASUVORK5CYII="""  # noqa
+DEFAULT_IMAGE = """data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAgAAAAIACAYAAAD0eNT6AAAZjklEQVR4nO3d33HUSNMH4A1hbqbqdF85BGeAM3jJADKADHAGuxngDCADnAFkYDKwM9jvwvK35r89aukczTxPVdd7sVUvkkDq36iPpL/+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Kfv9/ry19iIz32Xm+4j49KhuMvNfpdSyFRE3j8+9zHyfme9aay/2+/157+sEcAQemv10kel+4VNKPa2mc/Zda+1F7+sIsAG73W7XWnsVER96X8CUUnUVER9aa692u92u93UGGEhm/i/vbyPe9r5QKaUWrdu8P9f/1/u6A3Q0/dq/GeCipJRauSLiprX2qvd1CFiRxq+UeihBAE5Aa+1C41dK/aymIHDR+zoFFGqtnVnYp5R6Sk0LBs96X7eAmSLiTVrcp5R6Xt1GxJve1y/gALvdbudXv1JqTkXEB48Owobs9/tzs36lVEVFxI03DMIGtNZe975gKKWOr1prr3tf34BfmOb93S8USqnjLOsCYEB5/3av7hcIpdTR1/ve1ztgkv2b/11EXCul1qnMvBMC4MSt2fwj4mtmXkXE29bahdXB0Nf0Aa+LiHg7nZtfhQA4AdNJv/RJ/mVq+Ge99xf4s+nFX28z88sKPwre9t5fODkLr/a/y8wrj/7Atu33+/PMvFoyBHg6AFY0ndRLNf5Lt/bhuOx2u11mXuZCawf8WIAVTG/4u1ngVt5HjR+O2zQe+LjA9ePG9QMWFsWv942Ir74ABqdlWjhYumAwIj703i84WtWL/vzqh9M13U0svRtgUSAsoLV2loVf9XOiAn/9Vf7D4tYTQ1Cs8Nb/nVW7wGPTU0UlCwSNAqBQa+2iqvlbrQv8zPR0UUkIsK4IihSt+tf8gd+qCgERcdN7X2Dzql7447Y/8BSuOTCIil//FvwBz1GxMNBdAJihIolHxMfe+wFsT8Ujgu4CwIHm/vqPiK+e8wcOMb0nYNbLgtwFgANk5suC9H3Rez+A7Sp6Aull7/2ATcmZX/By6x+oUDAKuOq9D7AZ05e75pxwd279AxWmN5DOeTTw1vUInqhg8d9l730Ajkfef0p4zjjyde99gE2YecvNr3+g1Ny7kkaS8ETmbcBocua6pN7bD8Obu+rW636BJUyvCZ4zBrjovQ8wtJmzti+9tx84Xpn5Zcb16bL39sPQMvPzjDmbV/4Ci5nziuCIuO69/TC0mbfYznpvP3C8pkcCrQOAanNmbBHxtff2A8dvzuuBrVGCX8h5r/+96r39wPHLGU8DWAgIv5AzFgCa/wNrmPmp4Mve2w9DkqyB0c18VPmq9/bDkCLi+tATy9v/gDXMWQjoSQD4hTkBoPe2A6dDAIBiMwLAXe9tB05HHvh1QAEAfiEzb51UwOhm/Fi57b3tMCS31YAtMK6EYgIAsAUCABQTAIAtEACgmAAAbIEAAMUEAGALBAAoJgAAWyAAQDEBANgCAQCKCQDAFggAUEwAALZAAIBiAgCwBQIAFBMAgC0QAKCYAABsgQAAxQQAYAsEACgmAABbIABAMQEA2AIBAIoJAMAWCABQTAAAtkAAgGICALAFAgAUEwCALRAAoJgAAGyBAADFBABgCwQAKCYAAFsgAEAxAQDYAgEAigkAwBYIAFBMAFjXfr8/b629aK292O12u97bA1shAEAxAWAZ+/3+PCLeRMSHzPz8h+N5GxGfIuLvzPyfYAA/EgCgmABQZ2r6f2fm7aHH9VF9bq29EgbgngAAxQSA+VprFxHxqaDp//TuQGa+b62d9d5P6EkAgGICwOEWbvw/q3fuCHCqBAAoJgA832632023+tdq/N/fEXjZ+xjA2gQAKCYAPM9+vz/PPy/qW7wi4u/exwLWJABAMQHg6Vprr3s3/u/qs5EAp0IAgGICwNMM2PyFAE6KAADFBIA/G7j5CwGcDAEAigkAv5eZLwdo8E8KAb2PFSxJAIBiAsCvTQv+Kl7qs1a9733MYCkCABQTAH5ut9vtcoDV/gf8vbztfexgCQIAFBMAfi4i/undzA+sW28N5BgJAFBMAPhRa+1sgEZ+cEXEh97HEKoJAFBMAPjRQq/3vYuI64j4mJmXmXk5XdC+LBQEvC2QoyIAQDEB4FuttYviRnz1p2Y8vVr4bUR8rfpzI+LTWscM1iAAQDEB4FvTL/SKBny93+/PD/jz32bmXcU2tNYuFjhE0IUAAMUEgP9Uzf4j4p+C7agYDVwVHRroTgCAYgLAf/J+Nj/3V/frim2ZHkOcHQK8IZBjIQBAMQHgPxFx0/OX//emtQGz1gVUBRLoTQCAYgLAvbm3/5c6HgWLEq+W2C5YmwAAxQSAe3M/+LPkgru8f5Lg0L+nm6W2C9YkAEAxAeDenDf/RcTHJbctM+8W2C5YkwAAxQSAe3Ne/BcRH5fctpl3Jw55GgFGIwBAMQHg3pyLyxpz9pyxINDjgBwDAQCKCQD35iwAXGOlfc54QsEHgjgGAgAUEwDujX4cZi4GvFxjG2FJAgAUG73xrWX04zBzHcDlGtsISxIAoNjojW8tM5rr1Qa28XKtbYSlCABQTAC4N/pxmN4MKABwsgQAKDZ641vL6MfBGgBOnQAAxUZvfGuZ0Vxv19i+mS8qulxjG2FJAgAUEwDu5Yzn7Nd40c7MzxS/XHr7YGkCABQTAO7NabDVHwH63jT/vx05oMDSBAAoJgDcy3mfAr5d8mVAEfF2xra5+HEUBAAoJgDcK/jq3uUS2zX3139mflliu2BtAgAUEwD+MzMALHKrPSI+zNkmrwHmWAgAUEwA+E/O+OzuVKWjgJw3lvg3M/9trZ1VbQ/0JABAMQHgP5n5cm7DzczbijsBEfF3wba4/c/REACgmADwrcy8qwgBh34ieLfb7ebe9n/0d+T2P0dDAIBiAsC3suC2+6Nj9Km1dvGUP3da7Pcu5y34e1x3a3ymGNYiAEAxAeBbUyOuuAvw+FjdZOb71tqr1tqLxxURbyLiU+WfN9Vl72MJlQQAKCYA/Gjuc/cDlF//HB0BAIoJAD+XM14N3LsOXX8AIxMAoJgA8HP7/f68dyM/8O/lY+9jB0sQAKCYAPBrWxsFRMRXt/45VgIAFBMAfi/nvxxorbrz0R+OmQAAxQSAP5tz4VmxfPKXoyYAQDEB4M+mRwOHXRRo0R+nQACAYgLA00whYLRxwJ3mz6kQAKCYAPA8EfHPAI3/38z8YubPKREAoJgA8Hx5/9Gg0rcFPvPYf7Lan1MjAEAxAeAw00d7Vr0bEBFf02I/TpQAAMUEgHlaaxcR8XHh5n/ny36cOgEAigkANVprZ3m/SLBsNBAR1xb5wT0BAIoJAPUy8+U0Hnjuo4N3EfExIt621s567weMRACAYgLA8lprF62115l5+X211l5P//2s93bCyAQAKCYAAFsgAEAxAQDYAgEAigkAwBYIAFBMAAC2QACAYgIAsAUCABQTAIAtEACgmAAAbIEAAMUEAGALBAAoJgAAWyAAQDEBANgCAQCKCQDAFggAUEwAALZAAIBiAgCwBQIAFBMAgC0QAKCYAABsgQAAxQQAYAsEACgmAABbIABAMQEA2AIBAIoJAMAWCABQTAAAtkAAgGICALAFAgAUy8w7AQAY3YwAcNd722FIM06q297bDpyOzLz1YwUKua0GbIFxJRSbEwB2u92u9/YDx2+32+0EACiWmVeHnlittYve2w8cv9baxaHXqcy86r39MKTMvJyRrN/23n7g+EXE2xkB4LL39sOQMvOlZA2MzJ1KWMB+vz+fcQfgpvf2A8cvIm4OvU7t9/vz3tsPw5pxB+Df1tpZ7+0Hjldr7WzONar39sPQMvOLdQDAiObM/z0BAH+QMxYCZubn3tsPHK/M/Dzj+nTZe/thaDMfsTFjAxYxZ43SNKK86L0PMLw5J1l6GgBYQM5Y/W/+D08UER9nnGi33goIVJrz9r9p/v+x9z7AJrTWXs+8C3DZex+A45Hz1ib921p73XsfYBPmpm13AYAq06N/B339b6o71yN4hrnztoj40HsfgO2LiA8zf5Bc9d4H2JSc91rgh9tuF733A9iuuU8lTfWy937A5kTE15l3AW7cegMOsdvtdnNe+ztdg7723g/YpILFgEYBwEEKbv1b/AdzzL0LMIUArwgGnmzmJ3/9+ocKFXcBJHHgqVxzYCAVdwEy89ZrgoHfmV73O+eRP7/+oVLRSlwhAPilquY//fq/6L0/cDRmvh74mxDg1hzw2HTbv6T5e+0vFJvexnVXFAL+jYg3vfcJ6C8i3lRdVzLzrrV21nuf4OhUrMz9LgR88J4AOE3Tc/6zH/X77priiSNYSuEo4OGEvTGvg9PSWruY+5Ift/5hZVNqr3gq4Ie7AW7dwXFrrZ1V/+qfrh9f3U2EFUyrdUtP4KluM/OdExmOy/SF0XdZtNDv+/J0Eayo6mUdv6n3TmrYtunHwvslrxWeKoIOqhcF/qI+R8Qb4wHYhuk2/5vM/Lz09cGiP+goM69WCAEPJ/tNZr6fAsELoQD6aq2dtdZeTA3/ffXCvj/UVe/9h5O3Zgj4Rd1GxCel1DqVC83yNX/YoAFCgFLqNOqq9/UO+E6ssyZAKXWiFWb+MK4Vng5QSp1gWe0PG7Df789jgZcFKaVOryLiq0eCYUOmNwaWvjZYKXVaFREfvRgMNmpaF1D2FUGl1EnUnXk/HIHpxSDuBiil/lgR8dE7PuDITF8AszZAKfVDRcRXXwaFI9daey0IKKUy/7/xv+59XQJWJAgodbql8QN/ZebLvH+ToMWCSh133eX9uf6y93UHGMhut9tNdwUsGFTqiGpa2PfaI33Ak7TWLjLzMiKue1/AlFJPr+mcvbSoDyix3+/PH0JBZl5FxPVDpfGBUmvV3Xfn3lVOzd4b+wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0/N/PamBpGv0OZsAAAAASUVORK5CYII="""  # noqa
 
 # Model paths
 DOCLING_MODELS_PATH = env.str("DOCLING_MODELS_PATH", default="/models/docling")
@@ -983,3 +983,16 @@
 )
 POSTHOG_HOST = env.str("POSTHOG_HOST", default="https://us.i.posthog.com")
 MODE = "LOCAL"
+
+# MCP Server Configuration
+# ------------------------------------------------------------------------------
+# See docs/mcp/mcp_interface_proposal.md for details
+MCP_SERVER = {
+    "enabled": env.bool("MCP_SERVER_ENABLED", default=False),
+    "max_results_per_page": env.int("MCP_MAX_RESULTS_PER_PAGE", default=100),
+    "rate_limit": {
+        "requests": env.int("MCP_RATE_LIMIT_REQUESTS", default=100),
+        "window": env.int("MCP_RATE_LIMIT_WINDOW", default=60),
+    },
+    "cache_ttl": env.int("MCP_CACHE_TTL", default=300),
+}
diff --git a/docs/mcp/README.md b/docs/mcp/README.md
new file mode 100644
index 000000000..6f45adda2
--- /dev/null
+++ b/docs/mcp/README.md
@@ -0,0 +1,174 @@
+# OpenContracts MCP Server
+
+## TL;DR
+
+OpenContracts exposes a read-only [Model Context Protocol (MCP)](https://modelcontextprotocol.io/) server for AI assistants to access **public** corpuses, documents, annotations, and discussion threads.
+
+- **Endpoint**: `POST /mcp/` (Streamable HTTP, stateless)
+- **Scope**: Public resources only (anonymous user visibility)
+- **Auth**: None required (public data only)
+
+### Claude Desktop Quick Start
+
+Add to `~/.config/Claude/claude_desktop_config.json`:
+
+```json
+{
+  "mcpServers": {
+    "opencontracts": {
+      "command": "npx",
+      "args": [
+        "mcp-remote",
+        "https://your-instance.com/mcp/"
+      ]
+    }
+  }
+}
+```
+
+---
+
+## Available Tools
+
+| Tool | Description |
+|------|-------------|
+| `list_public_corpuses` | List all public corpuses (paginated, searchable) |
+| `list_documents` | List documents in a corpus |
+| `get_document_text` | Get full extracted text from a document |
+| `list_annotations` | List annotations on a document (filter by page/label) |
+| `search_corpus` | Semantic vector search within a corpus |
+| `list_threads` | List discussion threads in a corpus |
+| `get_thread_messages` | Get messages in a thread (flat or hierarchical) |
+
+## Available Resources
+
+Resources use URI patterns for direct access:
+
+| URI Pattern | Description |
+|-------------|-------------|
+| `corpus://{corpus_slug}` | Corpus metadata and document list |
+| `document://{corpus_slug}/{document_slug}` | Document with extracted text |
+| `annotation://{corpus_slug}/{document_slug}/{annotation_id}` | Specific annotation |
+| `thread://{corpus_slug}/threads/{thread_id}` | Thread with messages |
+
+---
+
+## Transport Options
+
+### HTTP (Streamable HTTP)
+
+The primary transport. Stateless mode - each request is independent.
+
+```bash
+# Test with curl
+curl -X POST https://your-instance.com/mcp/ \
+  -H "Content-Type: application/json" \
+  -d '{"jsonrpc": "2.0", "method": "tools/list", "id": 1}'
+```
+
+### stdio (CLI)
+
+For local development or direct integration:
+
+```bash
+cd /path/to/OpenContracts
+python -m opencontractserver.mcp.server
+```
+
+---
+
+## Example Usage
+
+### List Public Corpuses
+
+```json
+{
+  "jsonrpc": "2.0",
+  "method": "tools/call",
+  "params": {
+    "name": "list_public_corpuses",
+    "arguments": {"limit": 10}
+  },
+  "id": 1
+}
+```
+
+### Semantic Search
+
+```json
+{
+  "jsonrpc": "2.0",
+  "method": "tools/call",
+  "params": {
+    "name": "search_corpus",
+    "arguments": {
+      "corpus_slug": "my-corpus",
+      "query": "indemnification clause",
+      "limit": 5
+    }
+  },
+  "id": 2
+}
+```
+
+### Read Resource
+
+```json
+{
+  "jsonrpc": "2.0",
+  "method": "resources/read",
+  "params": {
+    "uri": "document://my-corpus/contract-2024"
+  },
+  "id": 3
+}
+```
+
+---
+
+## Architecture
+
+```
+┌─────────────────┐     POST /mcp/     ┌──────────────────────┐
+│  MCP Client     │ ◄────────────────► │  StreamableHTTP      │
+│  (Claude, etc)  │   JSON-RPC 2.0     │  Session Manager     │
+└─────────────────┘                    │  (stateless mode)    │
+                                       └──────────┬───────────┘
+                                                  │
+                                       ┌──────────▼───────────┐
+                                       │  MCP Server          │
+                                       │  - Tools (7)         │
+                                       │  - Resources (4)     │
+                                       └──────────┬───────────┘
+                                                  │
+                                       ┌──────────▼───────────┐
+                                       │  Django ORM          │
+                                       │  visible_to_user()   │
+                                       │  (AnonymousUser)     │
+                                       └──────────────────────┘
+```
+
+**Key files**:
+- `opencontractserver/mcp/server.py` - Server setup, ASGI app, URI parsing
+- `opencontractserver/mcp/tools.py` - Tool implementations
+- `opencontractserver/mcp/resources.py` - Resource handlers
+- `opencontractserver/mcp/formatters.py` - Response formatters
+- `config/asgi.py` - HTTP routing (`/mcp/*` → MCP app)
+
+---
+
+## Security Model
+
+- **Read-only**: No mutations, no writes
+- **Public only**: Uses `AnonymousUser` for all permission checks
+- **Slug-based**: All identifiers are URL-safe slugs (no internal IDs exposed)
+- **No auth required**: Only public resources are accessible
+
+---
+
+## Limitations
+
+- No authentication (future: JWT/API key support for private resources)
+- No write operations (by design)
+- No streaming of large documents (text returned in full)
+- Semantic search requires corpus to have embeddings configured
diff --git a/frontend/src/components/corpuses/CorpusSettings.tsx b/frontend/src/components/corpuses/CorpusSettings.tsx
index 605ee05c2..15d28c5a7 100644
--- a/frontend/src/components/corpuses/CorpusSettings.tsx
+++ b/frontend/src/components/corpuses/CorpusSettings.tsx
@@ -12,7 +12,7 @@ import { useQuery, useReactiveVar, useMutation } from "@apollo/client";
 import { toast } from "react-toastify";
 import { useNavigate } from "react-router-dom";
 import styled from "styled-components";
-import { editingCorpus } from "../../graphql/cache";
+import { editingCorpus, backendUserObj } from "../../graphql/cache";
 import {
   GET_CORPUS_ACTIONS,
   GetCorpusActionsInput,
@@ -52,6 +52,7 @@ interface CorpusSettingsProps {
     preferredEmbedder?: string | null;
     slug?: string | null;
     creator?: {
+      id?: string;
       email: string;
       username?: string;
       slug?: string;
@@ -627,6 +628,7 @@ const SettingsContainer = styled.div`
 
 export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
   const navigate = useNavigate();
+  const currentUser = useReactiveVar(backendUserObj);
 
   // Check if myPermissions is already processed (array of PermissionTypes) or raw
   const permissions =
@@ -639,6 +641,31 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
 
   const canUpdate = permissions.includes(PermissionTypes.CAN_UPDATE);
   const canPermission = permissions.includes(PermissionTypes.CAN_PERMISSION);
+
+  // Owner can always change visibility (matches backend SetCorpusVisibility permission check)
+  // Compare by ID first, fallback to email comparison for reliability
+  const isOwnerByIdentity = Boolean(
+    currentUser &&
+      corpus.creator &&
+      ((currentUser.id &&
+        corpus.creator.id &&
+        currentUser.id === corpus.creator.id) ||
+        (currentUser.email &&
+          corpus.creator.email &&
+          currentUser.email === corpus.creator.email))
+  );
+
+  // Fallback: If user has all core owner permissions, they're effectively the owner
+  // This handles cases where currentUser isn't loaded yet but permissions are
+  const hasFullOwnerPermissions =
+    permissions.includes(PermissionTypes.CAN_CREATE) &&
+    permissions.includes(PermissionTypes.CAN_UPDATE) &&
+    permissions.includes(PermissionTypes.CAN_READ) &&
+    permissions.includes(PermissionTypes.CAN_PUBLISH) &&
+    permissions.includes(PermissionTypes.CAN_REMOVE);
+
+  const isOwner = isOwnerByIdentity || hasFullOwnerPermissions;
+  const canChangeVisibility = isOwner || canPermission;
   const [slugDraft, setSlugDraft] = useState<string>("");
   const [publicDraft, setPublicDraft] = useState<boolean>(
     Boolean(corpus.isPublic)
@@ -893,7 +920,7 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
             <SectionTitle>Visibility & Slug</SectionTitle>
           </SectionHeader>
           <MetadataContent>
-            {!canUpdate && !canPermission && (
+            {!canUpdate && !canChangeVisibility && (
               <div
                 style={{
                   background:
@@ -931,7 +958,7 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
                     fontSize: "0.875rem",
                     textTransform: "uppercase",
                     letterSpacing: "0.08em",
-                    color: !canPermission ? "#cbd5e1" : "#64748b",
+                    color: !canChangeVisibility ? "#cbd5e1" : "#64748b",
                     marginBottom: "0.75rem",
                     fontWeight: 600,
                     display: "flex",
@@ -940,7 +967,7 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
                   }}
                 >
                   Public visibility
-                  {!canPermission && (
+                  {!canChangeVisibility && (
                     <span
                       style={{
                         fontSize: "0.75rem",
@@ -961,11 +988,11 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
                     alignItems: "center",
                     gap: "0.875rem",
                     padding: "0.875rem 1rem",
-                    background: !canPermission
+                    background: !canChangeVisibility
                       ? "linear-gradient(135deg, #f8fafc 0%, #f1f5f9 100%)"
                       : "linear-gradient(135deg, #ffffff 0%, #fafbfc 100%)",
                     border: "2px solid",
-                    borderColor: !canPermission ? "#e2e8f0" : "#cbd5e1",
+                    borderColor: !canChangeVisibility ? "#e2e8f0" : "#cbd5e1",
                     borderRadius: "10px",
                     transition: "all 0.3s ease",
                   }}
@@ -976,7 +1003,7 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
                       display: "flex",
                       alignItems: "center",
                       gap: "0.75rem",
-                      cursor: !canPermission ? "not-allowed" : "pointer",
+                      cursor: !canChangeVisibility ? "not-allowed" : "pointer",
                       width: "100%",
                     }}
                   >
@@ -984,13 +1011,15 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
                       id="corpus-is-public-checkbox"
                       type="checkbox"
                       checked={publicDraft}
-                      disabled={!canPermission}
+                      disabled={!canChangeVisibility}
                       onChange={(e) => setPublicDraft(e.target.checked)}
                       style={{
                         width: "20px",
                         height: "20px",
-                        cursor: !canPermission ? "not-allowed" : "pointer",
-                        opacity: !canPermission ? 0.5 : 1,
+                        cursor: !canChangeVisibility
+                          ? "not-allowed"
+                          : "pointer",
+                        opacity: !canChangeVisibility ? 0.5 : 1,
                         accentColor: "#6366f1",
                       }}
                     />
@@ -998,10 +1027,10 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
                       style={{
                         fontSize: "0.9375rem",
                         fontWeight: 600,
-                        color: !canPermission ? "#94a3b8" : "#1e293b",
+                        color: !canChangeVisibility ? "#94a3b8" : "#1e293b",
                       }}
                     >
-                      {publicDraft ? "Public" : "Private"}
+                      Make corpus publicly accessible
                     </span>
                   </label>
                 </div>
@@ -1072,7 +1101,7 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
                 <Button
                   primary
                   loading={updatingCorpus || settingVisibility}
-                  disabled={!canUpdate && !canPermission}
+                  disabled={!canUpdate && !canChangeVisibility}
                   onClick={() => {
                     // Use separate mutations for visibility vs other settings
                     // This ensures proper permission checks on each operation
@@ -1080,7 +1109,7 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
                       publicDraft !== Boolean(corpus.isPublic);
                     const slugChanged = slugDraft !== originalSlug;
 
-                    if (canPermission && visibilityChanged) {
+                    if (canChangeVisibility && visibilityChanged) {
                       setCorpusVisibility({
                         variables: {
                           corpusId: corpus.id,
@@ -1105,23 +1134,26 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
                   }}
                   style={{
                     background:
-                      !canUpdate && !canPermission
+                      !canUpdate && !canChangeVisibility
                         ? "#e2e8f0"
                         : "linear-gradient(135deg, #6366f1 0%, #8b5cf6 100%)",
-                    color: !canUpdate && !canPermission ? "#94a3b8" : "white",
+                    color:
+                      !canUpdate && !canChangeVisibility ? "#94a3b8" : "white",
                     border: "none",
                     padding: "0.875rem 2rem",
                     borderRadius: "10px",
                     fontWeight: 600,
                     fontSize: "0.9375rem",
                     cursor:
-                      !canUpdate && !canPermission ? "not-allowed" : "pointer",
+                      !canUpdate && !canChangeVisibility
+                        ? "not-allowed"
+                        : "pointer",
                     boxShadow:
-                      !canUpdate && !canPermission
+                      !canUpdate && !canChangeVisibility
                         ? "none"
                         : "0 4px 14px rgba(99, 102, 241, 0.25)",
                     transition: "all 0.3s ease",
-                    ...(canUpdate || canPermission
+                    ...(canUpdate || canChangeVisibility
                       ? {
                           "&:hover": {
                             transform: "translateY(-2px)",
@@ -1338,7 +1370,7 @@ export const CorpusSettings: React.FC<CorpusSettingsProps> = ({ corpus }) => {
         </InfoSection>
 
         {/* Action Execution History - Permission Gated to owner/admin/editor */}
-        {(canUpdate || canPermission) && (
+        {(isOwner || canUpdate || canPermission) && (
           <InfoSection id="action-execution-history-section">
             <SectionHeader>
               <SectionTitle>Action Execution History</SectionTitle>
diff --git a/frontend/src/graphql/queries.ts b/frontend/src/graphql/queries.ts
index 4bada88f5..af520895b 100644
--- a/frontend/src/graphql/queries.ts
+++ b/frontend/src/graphql/queries.ts
@@ -175,8 +175,13 @@ export const RESOLVE_CORPUS_BY_SLUGS_FULL = gql`
       mdDescription
       isPublic
       myPermissions
+      allowComments
+      preferredEmbedder
+      created
+      modified
       creator {
         id
+        email
         username
         slug
       }
@@ -187,6 +192,9 @@ export const RESOLVE_CORPUS_BY_SLUGS_FULL = gql`
       documents {
         totalCount
       }
+      annotations {
+        totalCount
+      }
       analyses {
         totalCount
       }
@@ -3417,6 +3425,7 @@ export const GET_ME = gql`
   query GetMe {
     me {
       id
+      email
       username
       slug
       name
diff --git a/opencontractserver/mcp/__init__.py b/opencontractserver/mcp/__init__.py
new file mode 100644
index 000000000..f4ae0b861
--- /dev/null
+++ b/opencontractserver/mcp/__init__.py
@@ -0,0 +1,20 @@
+"""
+MCP (Model Context Protocol) Interface for OpenContracts.
+
+This module provides a read-only Model Context Protocol server interface for OpenContracts,
+enabling external AI assistants and tools to access public resources, documents, and corpus
+information through the standardized MCP protocol.
+
+The MCP interface focuses on providing read-only access to:
+- Public documents and their content
+- Public corpus metadata
+- Annotation data for accessible documents
+- Document structure and relationships
+
+All access is subject to OpenContracts' standard permission checks, ensuring that only
+publicly accessible or user-authorized resources are exposed through the MCP interface.
+
+For more information on the Model Context Protocol, see: https://modelcontextprotocol.io
+"""
+
+__all__ = []
diff --git a/opencontractserver/mcp/config.py b/opencontractserver/mcp/config.py
new file mode 100644
index 000000000..5829e9a34
--- /dev/null
+++ b/opencontractserver/mcp/config.py
@@ -0,0 +1,56 @@
+"""
+Configuration settings for the OpenContracts MCP (Model Context Protocol) server.
+
+This module provides default configuration values and utility functions for accessing
+MCP-specific Django settings.
+"""
+
+import re
+from typing import Any, Optional
+
+# MCP Server Configuration Defaults
+MAX_RESULTS_PER_PAGE = 100
+DEFAULT_PAGE_SIZE = 20
+RATE_LIMIT_REQUESTS = 100
+RATE_LIMIT_WINDOW = 60  # seconds
+CACHE_TTL = 300  # seconds
+
+# URI Pattern Constants
+SLUG_PATTERN = re.compile(r"^[A-Za-z0-9-]+$")
+
+
+def get_mcp_setting(key: str, default: Optional[Any] = None) -> Any:
+    """
+    Get MCP setting from Django settings or return default.
+
+    Settings should be defined in Django settings.py as:
+    MCP_SERVER = {
+        'MAX_RESULTS_PER_PAGE': 100,
+        'DEFAULT_PAGE_SIZE': 20,
+        ...
+    }
+
+    Args:
+        key: The setting key to retrieve
+        default: Default value if setting not found
+
+    Returns:
+        The setting value or default
+    """
+    from django.conf import settings
+
+    mcp_settings = getattr(settings, "MCP_SERVER", {})
+    return mcp_settings.get(key, default)
+
+
+def validate_slug(slug: str) -> bool:
+    """
+    Validate that a slug matches the expected pattern.
+
+    Args:
+        slug: The slug string to validate
+
+    Returns:
+        True if slug is valid, False otherwise
+    """
+    return bool(SLUG_PATTERN.match(slug))
diff --git a/opencontractserver/mcp/formatters.py b/opencontractserver/mcp/formatters.py
new file mode 100644
index 000000000..0853569fd
--- /dev/null
+++ b/opencontractserver/mcp/formatters.py
@@ -0,0 +1,111 @@
+"""Response formatters for MCP resources and tools."""
+
+from __future__ import annotations
+
+from typing import TYPE_CHECKING
+
+if TYPE_CHECKING:
+    from opencontractserver.annotations.models import Annotation
+    from opencontractserver.conversations.models import ChatMessage, Conversation
+    from opencontractserver.corpuses.models import Corpus
+    from opencontractserver.documents.models import Document
+
+
+def format_corpus_summary(corpus: Corpus) -> dict:
+    """Format a corpus for list display."""
+    return {
+        "slug": corpus.slug,
+        "title": corpus.title,
+        "description": corpus.description or "",
+        "document_count": (
+            corpus.document_count() if hasattr(corpus, "document_count") else 0
+        ),
+        "created": corpus.created.isoformat() if corpus.created else None,
+    }
+
+
+def format_document_summary(document: Document) -> dict:
+    """Format a document for list display."""
+    return {
+        "slug": document.slug,
+        "title": document.title or "",
+        "description": document.description or "",
+        "page_count": document.page_count or 0,
+        "file_type": document.file_type or "unknown",
+        "created": document.created.isoformat() if document.created else None,
+    }
+
+
+def format_annotation(annotation: Annotation) -> dict:
+    """Format an annotation for API response."""
+    label_data = None
+    if annotation.annotation_label:
+        label_data = {
+            "text": annotation.annotation_label.text,
+            "color": annotation.annotation_label.color or "#000000",
+            "label_type": annotation.annotation_label.label_type,
+        }
+
+    return {
+        "id": str(annotation.id),
+        "page": annotation.page,
+        "raw_text": annotation.raw_text or "",
+        "annotation_label": label_data,
+        "structural": annotation.structural,
+        "created": annotation.created.isoformat() if annotation.created else None,
+    }
+
+
+def format_thread_summary(thread: Conversation) -> dict:
+    """Format a thread for list display."""
+    return {
+        "id": str(thread.id),
+        "title": thread.title or "",
+        "description": thread.description or "",
+        "message_count": getattr(thread, "message_count", 0),
+        "is_pinned": thread.is_pinned,
+        "is_locked": thread.is_locked,
+        "created_at": thread.created.isoformat() if thread.created else None,
+        "last_activity": thread.modified.isoformat() if thread.modified else None,
+    }
+
+
+def format_message(message: ChatMessage) -> dict:
+    """Format a single message without replies."""
+    return {
+        "id": str(message.id),
+        "content": message.content,
+        "msg_type": message.msg_type,
+        "created_at": message.created_at.isoformat() if message.created_at else None,
+        "upvote_count": message.upvote_count,
+        "downvote_count": message.downvote_count,
+    }
+
+
+def format_message_with_replies(
+    message: ChatMessage, user, max_depth: int = 3, current_depth: int = 0
+) -> dict:
+    """
+    Format a message with its replies recursively.
+
+    Uses prefetched replies to avoid N+1 queries.
+    Limits recursion depth to prevent deeply nested structures.
+    """
+    formatted = format_message(message)
+
+    if current_depth >= max_depth:
+        formatted["replies"] = []
+        formatted["has_more_replies"] = (
+            message.replies.exists() if hasattr(message, "replies") else False
+        )
+        return formatted
+
+    # Access prefetched replies (no additional queries if prefetched)
+    replies = list(message.replies.all()) if hasattr(message, "replies") else []
+
+    formatted["replies"] = [
+        format_message_with_replies(reply, user, max_depth, current_depth + 1)
+        for reply in replies
+    ]
+
+    return formatted
diff --git a/opencontractserver/mcp/permissions.py b/opencontractserver/mcp/permissions.py
new file mode 100644
index 000000000..3e47c540e
--- /dev/null
+++ b/opencontractserver/mcp/permissions.py
@@ -0,0 +1,89 @@
+"""Permission utilities for the MCP server.
+
+This module provides input validation, user handling, and rate limiting
+for MCP server operations.
+"""
+
+import re
+
+from django.contrib.auth.models import AnonymousUser
+from django.core.cache import cache
+
+# Slug validation pattern - matches OpenContracts format (A-Z, a-z, 0-9, hyphen)
+SLUG_PATTERN = re.compile(r"^[A-Za-z0-9\-]+$")
+
+
+def validate_slug(slug: str) -> bool:
+    """Validate slug format matches OpenContracts pattern (A-Z, a-z, 0-9, hyphen).
+
+    Args:
+        slug: The slug string to validate
+
+    Returns:
+        True if slug is valid, False otherwise
+    """
+    return bool(SLUG_PATTERN.match(slug))
+
+
+def sanitize_and_validate_slugs(
+    corpus_slug: str, document_slug: str | None = None
+) -> tuple[str, str | None]:
+    """Validate and return slugs, raising ValueError if invalid.
+
+    Args:
+        corpus_slug: The corpus slug to validate (required)
+        document_slug: The document slug to validate (optional)
+
+    Returns:
+        Tuple of (corpus_slug, document_slug) if valid
+
+    Raises:
+        ValueError: If either slug is invalid
+    """
+    if not validate_slug(corpus_slug):
+        raise ValueError(f"Invalid corpus slug: {corpus_slug}")
+    if document_slug and not validate_slug(document_slug):
+        raise ValueError(f"Invalid document slug: {document_slug}")
+    return corpus_slug, document_slug
+
+
+def get_anonymous_user() -> AnonymousUser:
+    """Get Django's AnonymousUser for permission checks.
+
+    Returns:
+        AnonymousUser instance for use in permission checks
+    """
+    return AnonymousUser()
+
+
+class RateLimiter:
+    """Simple rate limiter for MCP requests using Django cache.
+
+    This limiter uses a sliding window approach stored in Django's cache backend.
+    """
+
+    def __init__(self, max_requests: int = 100, window_seconds: int = 60):
+        """Initialize the rate limiter.
+
+        Args:
+            max_requests: Maximum number of requests allowed in the time window
+            window_seconds: Time window in seconds
+        """
+        self.max_requests = max_requests
+        self.window_seconds = window_seconds
+
+    def check_rate_limit(self, client_id: str) -> bool:
+        """Check if a request is allowed based on rate limits.
+
+        Args:
+            client_id: Unique identifier for the client making the request
+
+        Returns:
+            True if request is allowed, False if rate limited
+        """
+        key = f"mcp:ratelimit:{client_id}"
+        current = cache.get(key, 0)
+        if current >= self.max_requests:
+            return False
+        cache.set(key, current + 1, self.window_seconds)
+        return True
diff --git a/opencontractserver/mcp/resources.py b/opencontractserver/mcp/resources.py
new file mode 100644
index 000000000..dd0e7d973
--- /dev/null
+++ b/opencontractserver/mcp/resources.py
@@ -0,0 +1,216 @@
+"""MCP Resource handlers for OpenContracts.
+
+Resources provide static content for context windows, representing specific entities.
+"""
+
+from __future__ import annotations
+
+import json
+
+from django.contrib.auth.models import AnonymousUser
+
+
+def get_corpus_resource(corpus_slug: str) -> str:
+    """
+    Get corpus resource content.
+
+    URI: corpus://{corpus_slug}
+    Returns: JSON with corpus metadata and summary statistics
+    """
+    from opencontractserver.corpuses.models import Corpus
+
+    anonymous = AnonymousUser()
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+
+    # Get label set info if available
+    label_set_data = None
+    if corpus.label_set:
+        labels = []
+        for label in corpus.label_set.annotation_labels.all()[:20]:  # Limit labels
+            labels.append(
+                {
+                    "text": label.text,
+                    "color": label.color or "#000000",
+                    "label_type": label.label_type,
+                }
+            )
+        label_set_data = {
+            "title": corpus.label_set.title or "",
+            "labels": labels,
+        }
+
+    return json.dumps(
+        {
+            "slug": corpus.slug,
+            "title": corpus.title,
+            "description": corpus.description or "",
+            "document_count": corpus.document_count(),
+            "created": corpus.created.isoformat() if corpus.created else None,
+            "modified": corpus.modified.isoformat() if corpus.modified else None,
+            "label_set": label_set_data,
+        }
+    )
+
+
+def get_document_resource(corpus_slug: str, document_slug: str) -> str:
+    """
+    Get document resource content.
+
+    URI: document://{corpus_slug}/{document_slug}
+    Returns: JSON with document metadata and extracted text
+    """
+    from opencontractserver.corpuses.models import Corpus
+    from opencontractserver.documents.models import Document
+
+    anonymous = AnonymousUser()
+
+    # Get corpus context
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+
+    # Get document in corpus via DocumentPath (source of truth), filtered by visibility
+    corpus_doc_ids = corpus.get_documents().values_list("id", flat=True)
+    document = (
+        Document.objects.visible_to_user(anonymous)
+        .filter(id__in=corpus_doc_ids, slug=document_slug)
+        .first()
+    )
+
+    if not document:
+        raise Document.DoesNotExist(
+            f"Document '{document_slug}' not found in corpus '{corpus_slug}'"
+        )
+
+    # Read extracted text
+    full_text = ""
+    if document.txt_extract_file:
+        try:
+            with document.txt_extract_file.open("r") as f:
+                full_text = f.read()
+        except Exception:
+            full_text = ""
+
+    return json.dumps(
+        {
+            "slug": document.slug,
+            "title": document.title or "",
+            "description": document.description or "",
+            "file_type": document.file_type or "application/pdf",
+            "page_count": document.page_count or 0,
+            "text_preview": full_text[:500] if full_text else "",
+            "full_text": full_text,
+            "created": document.created.isoformat() if document.created else None,
+            "corpus": corpus_slug,
+        }
+    )
+
+
+def get_annotation_resource(
+    corpus_slug: str, document_slug: str, annotation_id: int
+) -> str:
+    """
+    Get annotation resource content.
+
+    URI: annotation://{corpus_slug}/{document_slug}/{annotation_id}
+    Returns: JSON with annotation details including label and bounding box
+    """
+    from opencontractserver.annotations.query_optimizer import AnnotationQueryOptimizer
+    from opencontractserver.corpuses.models import Corpus
+    from opencontractserver.documents.models import Document
+
+    anonymous = AnonymousUser()
+
+    # Get corpus and document in corpus via DocumentPath (source of truth)
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+    corpus_doc_ids = corpus.get_documents().values_list("id", flat=True)
+    document = Document.objects.visible_to_user(anonymous).get(
+        id__in=corpus_doc_ids, slug=document_slug
+    )
+
+    # Use query optimizer for efficient permission checking
+    annotations = AnnotationQueryOptimizer.get_document_annotations(
+        document_id=document.id, user=anonymous, corpus_id=corpus.id
+    )
+
+    annotation = annotations.get(id=annotation_id)
+
+    # Format label data
+    label_data = None
+    if annotation.annotation_label:
+        label_data = {
+            "text": annotation.annotation_label.text,
+            "color": annotation.annotation_label.color or "#000000",
+            "label_type": annotation.annotation_label.label_type,
+        }
+
+    return json.dumps(
+        {
+            "id": str(annotation.id),
+            "page": annotation.page,
+            "raw_text": annotation.raw_text or "",
+            "annotation_label": label_data,
+            "bounding_box": annotation.bounding_box,
+            "structural": annotation.structural,
+            "created": annotation.created.isoformat() if annotation.created else None,
+        }
+    )
+
+
+def get_thread_resource(
+    corpus_slug: str, thread_id: int, include_messages: bool = True
+) -> str:
+    """
+    Get thread resource content.
+
+    URI: thread://{corpus_slug}/threads/{thread_id}
+    Returns: JSON with thread metadata and optionally messages
+    """
+    from opencontractserver.conversations.models import (
+        ChatMessage,
+        Conversation,
+        ConversationTypeChoices,
+    )
+    from opencontractserver.corpuses.models import Corpus
+
+    from .formatters import format_message_with_replies
+
+    anonymous = AnonymousUser()
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+
+    # Get public thread in this corpus
+    thread = (
+        Conversation.objects.visible_to_user(anonymous)
+        .filter(
+            conversation_type=ConversationTypeChoices.THREAD,
+            chat_with_corpus=corpus,
+            id=thread_id,
+        )
+        .first()
+    )
+
+    if not thread:
+        raise Conversation.DoesNotExist(
+            f"Thread '{thread_id}' not found in corpus '{corpus_slug}'"
+        )
+
+    data = {
+        "id": str(thread.id),
+        "title": thread.title or "",
+        "description": thread.description or "",
+        "is_locked": thread.is_locked,
+        "is_pinned": thread.is_pinned,
+        "created_at": thread.created.isoformat() if thread.created else None,
+    }
+
+    if include_messages:
+        # Build hierarchical message structure with prefetch
+        messages = list(
+            ChatMessage.objects.visible_to_user(anonymous)
+            .filter(conversation=thread, parent_message__isnull=True)
+            .prefetch_related("replies__replies")
+            .order_by("created_at")
+        )
+        data["messages"] = [
+            format_message_with_replies(msg, anonymous) for msg in messages
+        ]
+
+    return json.dumps(data)
diff --git a/opencontractserver/mcp/server.py b/opencontractserver/mcp/server.py
new file mode 100644
index 000000000..a630cd18b
--- /dev/null
+++ b/opencontractserver/mcp/server.py
@@ -0,0 +1,447 @@
+"""
+OpenContracts MCP Server.
+
+Model Context Protocol server providing read-only access to public OpenContracts resources.
+Supports both Streamable HTTP transport (for HTTP) and stdio transport (for CLI).
+
+Uses stateless mode for HTTP - each request is independent, avoiding session
+initialization race conditions that plagued the older SSE transport.
+"""
+
+from __future__ import annotations
+
+import asyncio
+import json
+import logging
+import re
+
+from asgiref.sync import sync_to_async
+from mcp.server import Server
+from mcp.server.stdio import stdio_server
+from mcp.server.streamable_http_manager import StreamableHTTPSessionManager
+from mcp.types import Resource, TextContent, Tool
+
+from .resources import (
+    get_annotation_resource,
+    get_corpus_resource,
+    get_document_resource,
+    get_thread_resource,
+)
+from .tools import (
+    get_document_text,
+    get_thread_messages,
+    list_annotations,
+    list_documents,
+    list_public_corpuses,
+    list_threads,
+    search_corpus,
+)
+
+logger = logging.getLogger(__name__)
+
+
+class URIParser:
+    """Parse MCP resource URIs safely using regex patterns."""
+
+    # Slug pattern: alphanumeric and hyphens only
+    SLUG_PATTERN = r"[A-Za-z0-9\-]+"
+
+    PATTERNS = {
+        "corpus": re.compile(rf"^corpus://({SLUG_PATTERN})$"),
+        "document": re.compile(rf"^document://({SLUG_PATTERN})/({SLUG_PATTERN})$"),
+        "annotation": re.compile(
+            rf"^annotation://({SLUG_PATTERN})/({SLUG_PATTERN})/(\d+)$"
+        ),
+        "thread": re.compile(rf"^thread://({SLUG_PATTERN})/threads/(\d+)$"),
+    }
+
+    @classmethod
+    def parse_corpus(cls, uri: str) -> str | None:
+        """Parse corpus URI, returns corpus_slug or None."""
+        match = cls.PATTERNS["corpus"].match(uri)
+        return match.group(1) if match else None
+
+    @classmethod
+    def parse_document(cls, uri: str) -> tuple[str, str] | None:
+        """Parse document URI, returns (corpus_slug, document_slug) or None."""
+        match = cls.PATTERNS["document"].match(uri)
+        return (match.group(1), match.group(2)) if match else None
+
+    @classmethod
+    def parse_annotation(cls, uri: str) -> tuple[str, str, int] | None:
+        """Parse annotation URI, returns (corpus_slug, document_slug, annotation_id) or None."""
+        match = cls.PATTERNS["annotation"].match(uri)
+        return (match.group(1), match.group(2), int(match.group(3))) if match else None
+
+    @classmethod
+    def parse_thread(cls, uri: str) -> tuple[str, int] | None:
+        """Parse thread URI, returns (corpus_slug, thread_id) or None."""
+        match = cls.PATTERNS["thread"].match(uri)
+        return (match.group(1), int(match.group(2))) if match else None
+
+
+def create_mcp_server() -> Server:
+    """Create and configure the MCP server instance."""
+    mcp_server = Server("opencontracts")
+
+    @mcp_server.list_resources()
+    async def list_resources() -> list[Resource]:
+        """List available resource patterns."""
+        return [
+            Resource(
+                uri="corpus://{corpus_slug}",
+                name="Public Corpus",
+                description="Access public corpus metadata and contents",
+                mimeType="application/json",
+            ),
+            Resource(
+                uri="document://{corpus_slug}/{document_slug}",
+                name="Public Document",
+                description="Access public document with extracted text",
+                mimeType="application/json",
+            ),
+            Resource(
+                uri="annotation://{corpus_slug}/{document_slug}/{annotation_id}",
+                name="Document Annotation",
+                description="Access specific annotation on a document",
+                mimeType="application/json",
+            ),
+            Resource(
+                uri="thread://{corpus_slug}/threads/{thread_id}",
+                name="Discussion Thread",
+                description="Access public discussion thread with messages",
+                mimeType="application/json",
+            ),
+        ]
+
+    @mcp_server.read_resource()
+    async def read_resource(uri: str) -> str:
+        """Resolve resource URI and return content."""
+        # Try corpus URI
+        corpus_slug = URIParser.parse_corpus(uri)
+        if corpus_slug:
+            return await sync_to_async(get_corpus_resource)(corpus_slug)
+
+        # Try document URI
+        doc_parts = URIParser.parse_document(uri)
+        if doc_parts:
+            corpus_slug, document_slug = doc_parts
+            return await sync_to_async(get_document_resource)(
+                corpus_slug, document_slug
+            )
+
+        # Try annotation URI
+        ann_parts = URIParser.parse_annotation(uri)
+        if ann_parts:
+            corpus_slug, document_slug, annotation_id = ann_parts
+            return await sync_to_async(get_annotation_resource)(
+                corpus_slug, document_slug, annotation_id
+            )
+
+        # Try thread URI
+        thread_parts = URIParser.parse_thread(uri)
+        if thread_parts:
+            corpus_slug, thread_id = thread_parts
+            return await sync_to_async(get_thread_resource)(corpus_slug, thread_id)
+
+        raise ValueError(f"Invalid or unrecognized resource URI: {uri}")
+
+    @mcp_server.list_tools()
+    async def list_tools() -> list[Tool]:
+        """List available tools."""
+        return [
+            Tool(
+                name="list_public_corpuses",
+                description="List all publicly accessible corpuses",
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "limit": {
+                            "type": "integer",
+                            "default": 20,
+                            "description": "Max results (1-100)",
+                        },
+                        "offset": {
+                            "type": "integer",
+                            "default": 0,
+                            "description": "Pagination offset",
+                        },
+                        "search": {
+                            "type": "string",
+                            "default": "",
+                            "description": "Search filter",
+                        },
+                    },
+                },
+            ),
+            Tool(
+                name="list_documents",
+                description="List documents in a corpus",
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "corpus_slug": {
+                            "type": "string",
+                            "description": "Corpus identifier",
+                        },
+                        "limit": {"type": "integer", "default": 50},
+                        "offset": {"type": "integer", "default": 0},
+                        "search": {"type": "string", "default": ""},
+                    },
+                    "required": ["corpus_slug"],
+                },
+            ),
+            Tool(
+                name="get_document_text",
+                description="Get full extracted text from a document",
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "corpus_slug": {
+                            "type": "string",
+                            "description": "Corpus identifier",
+                        },
+                        "document_slug": {
+                            "type": "string",
+                            "description": "Document identifier",
+                        },
+                    },
+                    "required": ["corpus_slug", "document_slug"],
+                },
+            ),
+            Tool(
+                name="list_annotations",
+                description="List annotations on a document",
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "corpus_slug": {"type": "string"},
+                        "document_slug": {"type": "string"},
+                        "page": {
+                            "type": "integer",
+                            "description": "Filter to page number",
+                        },
+                        "label_text": {
+                            "type": "string",
+                            "description": "Filter by label text",
+                        },
+                        "limit": {"type": "integer", "default": 100},
+                        "offset": {"type": "integer", "default": 0},
+                    },
+                    "required": ["corpus_slug", "document_slug"],
+                },
+            ),
+            Tool(
+                name="search_corpus",
+                description="Semantic search within a corpus",
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "corpus_slug": {"type": "string"},
+                        "query": {"type": "string", "description": "Search query"},
+                        "limit": {"type": "integer", "default": 10},
+                    },
+                    "required": ["corpus_slug", "query"],
+                },
+            ),
+            Tool(
+                name="list_threads",
+                description="List discussion threads in a corpus",
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "corpus_slug": {"type": "string"},
+                        "document_slug": {
+                            "type": "string",
+                            "description": "Optional document filter",
+                        },
+                        "limit": {"type": "integer", "default": 20},
+                        "offset": {"type": "integer", "default": 0},
+                    },
+                    "required": ["corpus_slug"],
+                },
+            ),
+            Tool(
+                name="get_thread_messages",
+                description="Get messages in a thread",
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "corpus_slug": {"type": "string"},
+                        "thread_id": {"type": "integer"},
+                        "flatten": {
+                            "type": "boolean",
+                            "default": False,
+                            "description": "Return flat list",
+                        },
+                    },
+                    "required": ["corpus_slug", "thread_id"],
+                },
+            ),
+        ]
+
+    # Map tool names to implementations
+    TOOL_HANDLERS = {
+        "list_public_corpuses": list_public_corpuses,
+        "list_documents": list_documents,
+        "get_document_text": get_document_text,
+        "list_annotations": list_annotations,
+        "search_corpus": search_corpus,
+        "list_threads": list_threads,
+        "get_thread_messages": get_thread_messages,
+    }
+
+    @mcp_server.call_tool()
+    async def call_tool(name: str, arguments: dict) -> list[TextContent]:
+        """Execute tool and return results."""
+        handler = TOOL_HANDLERS.get(name)
+        if not handler:
+            raise ValueError(f"Unknown tool: {name}")
+
+        # Run synchronous Django ORM handlers in thread pool
+        result = await sync_to_async(handler)(**arguments)
+
+        return [TextContent(type="text", text=json.dumps(result, indent=2))]
+
+    return mcp_server
+
+
+# Create the global MCP server instance
+mcp_server = create_mcp_server()
+
+# Session manager for stateless HTTP transport
+# Stateless mode = no session handshake required, each request is independent
+# This avoids the "Received request before initialization was complete" bug
+# that affected the older SSE transport
+session_manager: StreamableHTTPSessionManager | None = None
+
+
+def get_session_manager() -> StreamableHTTPSessionManager:
+    """Get or create the session manager instance."""
+    global session_manager
+    if session_manager is None:
+        session_manager = StreamableHTTPSessionManager(
+            app=mcp_server,
+            event_store=None,  # No resumability needed for stateless
+            json_response=False,  # Use SSE streaming for responses
+            stateless=True,  # Key: each request is independent
+        )
+    return session_manager
+
+
+class MCPLifespanManager:
+    """
+    Manages the MCP session manager lifecycle within Django's ASGI context.
+
+    Since Django doesn't have a native lifespan protocol like Starlette,
+    we manage the session manager's run() context lazily on first request.
+    """
+
+    def __init__(self):
+        self._started = False
+        self._run_context = None
+        self._lock = asyncio.Lock()
+
+    async def ensure_started(self):
+        """Ensure the session manager is running."""
+        async with self._lock:
+            if not self._started:
+                manager = get_session_manager()
+                self._run_context = manager.run()
+                await self._run_context.__aenter__()
+                self._started = True
+                logger.info("MCP StreamableHTTP session manager started")
+
+
+# Global lifespan manager
+lifespan_manager = MCPLifespanManager()
+
+
+def create_mcp_asgi_app():
+    """
+    Create an ASGI application that handles MCP requests.
+
+    The Streamable HTTP transport handles all routing internally.
+    All requests to /mcp/ are delegated to the session manager.
+    """
+
+    async def app(scope, receive, send):
+        if scope["type"] != "http":
+            return
+
+        path = scope.get("path", "")
+
+        # Handle MCP endpoint
+        if path == "/mcp/" or path == "/mcp":
+            # Ensure session manager is running
+            await lifespan_manager.ensure_started()
+
+            manager = get_session_manager()
+            try:
+                await manager.handle_request(scope, receive, send)
+            except Exception as e:
+                logger.error(f"MCP request error: {e}")
+                # Return error response
+                await send(
+                    {
+                        "type": "http.response.start",
+                        "status": 500,
+                        "headers": [[b"content-type", b"application/json"]],
+                    }
+                )
+                await send(
+                    {
+                        "type": "http.response.body",
+                        "body": json.dumps({"error": str(e)}).encode(),
+                    }
+                )
+        else:
+            # Return 404 for unhandled paths under /mcp/
+            await send(
+                {
+                    "type": "http.response.start",
+                    "status": 404,
+                    "headers": [[b"content-type", b"application/json"]],
+                }
+            )
+            await send(
+                {
+                    "type": "http.response.body",
+                    "body": json.dumps(
+                        {
+                            "error": "Not found",
+                            "endpoint": "POST /mcp/",
+                            "description": "MCP Streamable HTTP endpoint (stateless mode)",
+                        }
+                    ).encode(),
+                }
+            )
+
+    return app
+
+
+# ASGI application for mounting in Django
+mcp_asgi_app = create_mcp_asgi_app()
+
+
+async def main():
+    """Run MCP server with stdio transport (for CLI usage)."""
+    async with stdio_server() as streams:
+        await mcp_server.run(
+            streams[0],  # read_stream
+            streams[1],  # write_stream
+            mcp_server.create_initialization_options(),
+        )
+
+
+if __name__ == "__main__":
+    # Setup Django before running
+    import os
+
+    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings.local")
+
+    import django
+
+    django.setup()
+
+    asyncio.run(main())
diff --git a/opencontractserver/mcp/tests/__init__.py b/opencontractserver/mcp/tests/__init__.py
new file mode 100644
index 000000000..6c316805c
--- /dev/null
+++ b/opencontractserver/mcp/tests/__init__.py
@@ -0,0 +1,6 @@
+"""
+Tests for the MCP (Model Context Protocol) interface.
+
+This package contains tests for the OpenContracts MCP server implementation,
+including resource access, tool functionality, and permission enforcement.
+"""
diff --git a/opencontractserver/mcp/tests/test_mcp.py b/opencontractserver/mcp/tests/test_mcp.py
new file mode 100644
index 000000000..f6854d459
--- /dev/null
+++ b/opencontractserver/mcp/tests/test_mcp.py
@@ -0,0 +1,1431 @@
+"""Tests for MCP server functionality."""
+
+import json
+
+from django.contrib.auth import get_user_model
+from django.contrib.auth.models import AnonymousUser
+from django.test import TestCase
+
+from opencontractserver.corpuses.models import Corpus
+
+User = get_user_model()
+
+
+class URIParserTest(TestCase):
+    """Tests for MCP URI parsing."""
+
+    def test_parse_corpus_uri(self):
+        """Test parsing corpus URIs."""
+        from opencontractserver.mcp.server import URIParser
+
+        # Valid URI
+        result = URIParser.parse_corpus("corpus://my-corpus")
+        self.assertEqual(result, "my-corpus")
+
+        # More complex slugs
+        result = URIParser.parse_corpus("corpus://Legal-Contracts-2024")
+        self.assertEqual(result, "Legal-Contracts-2024")
+
+        # Invalid URIs
+        self.assertIsNone(URIParser.parse_corpus("corpus://"))
+        self.assertIsNone(URIParser.parse_corpus("document://my-corpus"))
+        self.assertIsNone(URIParser.parse_corpus("corpus://my corpus"))  # space invalid
+        self.assertIsNone(
+            URIParser.parse_corpus("corpus://my_corpus")
+        )  # underscore invalid
+
+    def test_parse_document_uri(self):
+        """Test parsing document URIs."""
+        from opencontractserver.mcp.server import URIParser
+
+        result = URIParser.parse_document("document://my-corpus/my-doc")
+        self.assertEqual(result, ("my-corpus", "my-doc"))
+
+        result = URIParser.parse_document("document://corp-1/doc-2024")
+        self.assertEqual(result, ("corp-1", "doc-2024"))
+
+        self.assertIsNone(URIParser.parse_document("document://my-corpus"))
+        self.assertIsNone(URIParser.parse_document("document://"))
+
+    def test_parse_annotation_uri(self):
+        """Test parsing annotation URIs."""
+        from opencontractserver.mcp.server import URIParser
+
+        result = URIParser.parse_annotation("annotation://corp/doc/123")
+        self.assertEqual(result, ("corp", "doc", 123))
+
+        result = URIParser.parse_annotation("annotation://my-corpus/my-doc/999")
+        self.assertEqual(result, ("my-corpus", "my-doc", 999))
+
+        self.assertIsNone(URIParser.parse_annotation("annotation://corp/doc"))
+        self.assertIsNone(URIParser.parse_annotation("annotation://corp/doc/abc"))
+
+    def test_parse_thread_uri(self):
+        """Test parsing thread URIs."""
+        from opencontractserver.mcp.server import URIParser
+
+        result = URIParser.parse_thread("thread://my-corpus/threads/456")
+        self.assertEqual(result, ("my-corpus", 456))
+
+        result = URIParser.parse_thread("thread://legal-2024/threads/1")
+        self.assertEqual(result, ("legal-2024", 1))
+
+        self.assertIsNone(URIParser.parse_thread("thread://my-corpus/456"))
+        self.assertIsNone(URIParser.parse_thread("thread://my-corpus/threads/"))
+
+
+class MCPPermissionsTest(TestCase):
+    """Tests for MCP permission validation."""
+
+    def test_validate_slug(self):
+        """Test slug validation."""
+        from opencontractserver.mcp.permissions import validate_slug
+
+        # Valid slugs
+        self.assertTrue(validate_slug("my-corpus"))
+        self.assertTrue(validate_slug("MyCorpus123"))
+        self.assertTrue(validate_slug("test-doc-2024"))
+        self.assertTrue(validate_slug("ABC"))
+        self.assertTrue(validate_slug("123"))
+
+        # Invalid slugs
+        self.assertFalse(validate_slug("my corpus"))  # space
+        self.assertFalse(validate_slug("my_corpus"))  # underscore
+        self.assertFalse(validate_slug(""))
+        self.assertFalse(validate_slug("my@corpus"))  # special char
+
+    def test_sanitize_and_validate_slugs(self):
+        """Test slug sanitization and validation."""
+        from opencontractserver.mcp.permissions import sanitize_and_validate_slugs
+
+        # Valid slugs pass through
+        result = sanitize_and_validate_slugs("my-corpus", "my-doc")
+        self.assertEqual(result, ("my-corpus", "my-doc"))
+
+        # None document slug is allowed
+        result = sanitize_and_validate_slugs("my-corpus", None)
+        self.assertEqual(result, ("my-corpus", None))
+
+        # Invalid corpus slug raises
+        with self.assertRaises(ValueError):
+            sanitize_and_validate_slugs("my corpus")
+
+        # Invalid document slug raises
+        with self.assertRaises(ValueError):
+            sanitize_and_validate_slugs("my-corpus", "my_doc")
+
+    def test_get_anonymous_user(self):
+        """Test anonymous user helper."""
+        from opencontractserver.mcp.permissions import get_anonymous_user
+
+        user = get_anonymous_user()
+        self.assertIsInstance(user, AnonymousUser)
+        self.assertFalse(user.is_authenticated)
+
+
+class MCPResourcesTest(TestCase):
+    """Tests for MCP resource handlers."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data."""
+        cls.owner = User.objects.create_user(
+            username="testowner", email="owner@test.com", password="testpass123"
+        )
+
+        # Create public corpus
+        cls.public_corpus = Corpus.objects.create(
+            title="Public Test Corpus",
+            description="A public test corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        # Create private corpus
+        cls.private_corpus = Corpus.objects.create(
+            title="Private Test Corpus",
+            description="A private test corpus",
+            creator=cls.owner,
+            is_public=False,
+        )
+
+    def test_get_public_corpus_resource(self):
+        """Anonymous users can access public corpus resources."""
+        from opencontractserver.mcp.resources import get_corpus_resource
+
+        result = get_corpus_resource(self.public_corpus.slug)
+        data = json.loads(result)
+
+        self.assertEqual(data["slug"], self.public_corpus.slug)
+        self.assertEqual(data["title"], "Public Test Corpus")
+        self.assertEqual(data["description"], "A public test corpus")
+
+    def test_get_private_corpus_resource_denied(self):
+        """Anonymous users cannot access private corpus resources."""
+        from opencontractserver.mcp.resources import get_corpus_resource
+
+        with self.assertRaises(Corpus.DoesNotExist):
+            get_corpus_resource(self.private_corpus.slug)
+
+
+class MCPToolsTest(TestCase):
+    """Tests for MCP tool handlers."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data."""
+        cls.owner = User.objects.create_user(
+            username="toolsowner", email="tools@test.com", password="testpass123"
+        )
+
+        # Create public corpuses
+        cls.corpus1 = Corpus.objects.create(
+            title="Corpus One",
+            description="First corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+        cls.corpus2 = Corpus.objects.create(
+            title="Corpus Two",
+            description="Second corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        # Create private corpus (should not appear)
+        cls.private = Corpus.objects.create(
+            title="Private Corpus", creator=cls.owner, is_public=False
+        )
+
+    def test_list_public_corpuses(self):
+        """Test listing public corpuses."""
+        from opencontractserver.mcp.tools import list_public_corpuses
+
+        result = list_public_corpuses()
+
+        self.assertIn("total_count", result)
+        self.assertIn("corpuses", result)
+
+        # Should only include public corpuses
+        slugs = [c["slug"] for c in result["corpuses"]]
+        self.assertIn(self.corpus1.slug, slugs)
+        self.assertIn(self.corpus2.slug, slugs)
+        self.assertNotIn(self.private.slug, slugs)
+
+    def test_list_public_corpuses_with_search(self):
+        """Test searching corpuses."""
+        from opencontractserver.mcp.tools import list_public_corpuses
+
+        result = list_public_corpuses(search="One")
+
+        slugs = [c["slug"] for c in result["corpuses"]]
+        self.assertIn(self.corpus1.slug, slugs)
+        self.assertNotIn(self.corpus2.slug, slugs)
+
+    def test_list_public_corpuses_pagination(self):
+        """Test pagination."""
+        from opencontractserver.mcp.tools import list_public_corpuses
+
+        result = list_public_corpuses(limit=1, offset=0)
+        self.assertEqual(len(result["corpuses"]), 1)
+
+        result2 = list_public_corpuses(limit=1, offset=1)
+        self.assertEqual(len(result2["corpuses"]), 1)
+
+        # Different results
+        self.assertNotEqual(
+            result["corpuses"][0]["slug"], result2["corpuses"][0]["slug"]
+        )
+
+    def test_list_public_corpuses_max_limit(self):
+        """Test that limit is capped at 100."""
+        from opencontractserver.mcp.tools import list_public_corpuses
+
+        # Even with a huge limit, should be capped
+        result = list_public_corpuses(limit=1000)
+        # The function caps at 100, but we only have 2 public corpuses
+        self.assertLessEqual(len(result["corpuses"]), 100)
+
+
+class MCPFormattersTest(TestCase):
+    """Tests for MCP response formatters."""
+
+    @classmethod
+    def setUpTestData(cls):
+        cls.owner = User.objects.create_user(
+            username="formatowner", email="format@test.com", password="testpass123"
+        )
+
+        cls.corpus = Corpus.objects.create(
+            title="Format Test Corpus",
+            description="Testing formatters",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+    def test_format_corpus_summary(self):
+        """Test corpus summary formatting."""
+        from opencontractserver.mcp.formatters import format_corpus_summary
+
+        result = format_corpus_summary(self.corpus)
+
+        self.assertEqual(result["slug"], self.corpus.slug)
+        self.assertEqual(result["title"], "Format Test Corpus")
+        self.assertEqual(result["description"], "Testing formatters")
+        self.assertIn("created", result)
+        self.assertIn("document_count", result)
+
+
+class MCPConfigTest(TestCase):
+    """Tests for MCP configuration."""
+
+    def test_get_mcp_setting_with_default(self):
+        """Test getting settings with defaults."""
+        from opencontractserver.mcp.config import get_mcp_setting
+
+        # Non-existent key returns default
+        result = get_mcp_setting("nonexistent_key", "default_value")
+        self.assertEqual(result, "default_value")
+
+    def test_validate_slug(self):
+        """Test slug validation in config."""
+        from opencontractserver.mcp.config import validate_slug
+
+        self.assertTrue(validate_slug("valid-slug"))
+        self.assertTrue(validate_slug("Valid123"))
+        self.assertFalse(validate_slug("invalid_slug"))
+        self.assertFalse(validate_slug("invalid slug"))
+
+
+class MCPRateLimiterTest(TestCase):
+    """Tests for MCP rate limiter."""
+
+    def test_rate_limiter_allows_requests(self):
+        """Test that rate limiter allows requests under limit."""
+        from opencontractserver.mcp.permissions import RateLimiter
+
+        limiter = RateLimiter(max_requests=5, window_seconds=60)
+
+        # First 5 requests should be allowed
+        for i in range(5):
+            self.assertTrue(limiter.check_rate_limit("test-client"))
+
+    def test_rate_limiter_blocks_excess_requests(self):
+        """Test that rate limiter blocks requests over limit."""
+        from opencontractserver.mcp.permissions import RateLimiter
+
+        limiter = RateLimiter(max_requests=2, window_seconds=60)
+
+        # First 2 requests allowed
+        self.assertTrue(limiter.check_rate_limit("test-client-2"))
+        self.assertTrue(limiter.check_rate_limit("test-client-2"))
+
+        # Third request blocked
+        self.assertFalse(limiter.check_rate_limit("test-client-2"))
+
+    def test_rate_limiter_separate_clients(self):
+        """Test that rate limiter tracks clients separately."""
+        from opencontractserver.mcp.permissions import RateLimiter
+
+        limiter = RateLimiter(max_requests=1, window_seconds=60)
+
+        # Each client gets their own limit
+        self.assertTrue(limiter.check_rate_limit("client-a"))
+        self.assertTrue(limiter.check_rate_limit("client-b"))
+
+        # But each is limited individually
+        self.assertFalse(limiter.check_rate_limit("client-a"))
+        self.assertFalse(limiter.check_rate_limit("client-b"))
+
+
+class MCPToolsDocumentsTest(TestCase):
+    """Tests for MCP document-related tools."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data with documents."""
+        from django.core.files.base import ContentFile
+
+        from opencontractserver.annotations.models import AnnotationLabel
+        from opencontractserver.documents.models import Document, DocumentPath
+
+        cls.owner = User.objects.create_user(
+            username="doctoolsowner", email="doctools@test.com", password="testpass123"
+        )
+
+        # Create public corpus
+        cls.corpus = Corpus.objects.create(
+            title="Document Test Corpus",
+            description="Test corpus with documents",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        # Create a private corpus (for testing access denial)
+        cls.private_corpus = Corpus.objects.create(
+            title="Private Corpus",
+            creator=cls.owner,
+            is_public=False,
+        )
+
+        # Create documents
+        cls.doc1 = Document.objects.create(
+            title="Test Document One",
+            description="First test document",
+            creator=cls.owner,
+            is_public=True,
+            page_count=5,
+        )
+        # Add text file to doc1
+        cls.doc1.txt_extract_file.save(
+            "test_doc1.txt", ContentFile(b"This is the test document text content.")
+        )
+
+        cls.doc2 = Document.objects.create(
+            title="Test Document Two",
+            description="Second test document",
+            creator=cls.owner,
+            is_public=True,
+            page_count=10,
+        )
+
+        # Create document without text file
+        cls.doc_no_text = Document.objects.create(
+            title="Document Without Text",
+            description="No extracted text",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        # Create DocumentPaths to link documents to corpus
+        DocumentPath.objects.create(
+            document=cls.doc1,
+            corpus=cls.corpus,
+            path="/doc1.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+        DocumentPath.objects.create(
+            document=cls.doc2,
+            corpus=cls.corpus,
+            path="/doc2.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+        DocumentPath.objects.create(
+            document=cls.doc_no_text,
+            corpus=cls.corpus,
+            path="/doc_no_text.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+
+        # Create an annotation label
+        cls.label = AnnotationLabel.objects.create(
+            text="Test Label",
+            color="#FF0000",
+            label_type="TOKEN_LABEL",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+    def test_list_documents(self):
+        """Test listing documents in a corpus."""
+        from opencontractserver.mcp.tools import list_documents
+
+        result = list_documents(self.corpus.slug)
+
+        self.assertIn("total_count", result)
+        self.assertIn("documents", result)
+        self.assertEqual(result["total_count"], 3)
+        self.assertEqual(len(result["documents"]), 3)
+
+        # Check document structure
+        slugs = [d["slug"] for d in result["documents"]]
+        self.assertIn(self.doc1.slug, slugs)
+        self.assertIn(self.doc2.slug, slugs)
+
+    def test_list_documents_with_search(self):
+        """Test searching documents."""
+        from opencontractserver.mcp.tools import list_documents
+
+        result = list_documents(self.corpus.slug, search="One")
+
+        self.assertEqual(result["total_count"], 1)
+        self.assertEqual(result["documents"][0]["slug"], self.doc1.slug)
+
+    def test_list_documents_pagination(self):
+        """Test document pagination."""
+        from opencontractserver.mcp.tools import list_documents
+
+        result1 = list_documents(self.corpus.slug, limit=1, offset=0)
+        result2 = list_documents(self.corpus.slug, limit=1, offset=1)
+
+        self.assertEqual(len(result1["documents"]), 1)
+        self.assertEqual(len(result2["documents"]), 1)
+        self.assertNotEqual(
+            result1["documents"][0]["slug"], result2["documents"][0]["slug"]
+        )
+
+    def test_list_documents_max_limit(self):
+        """Test that limit is capped at 100."""
+        from opencontractserver.mcp.tools import list_documents
+
+        # Should not raise even with huge limit
+        result = list_documents(self.corpus.slug, limit=1000)
+        self.assertLessEqual(len(result["documents"]), 100)
+
+    def test_list_documents_private_corpus_denied(self):
+        """Test that private corpus documents are not accessible."""
+        from opencontractserver.mcp.tools import list_documents
+
+        with self.assertRaises(Corpus.DoesNotExist):
+            list_documents(self.private_corpus.slug)
+
+    def test_get_document_text(self):
+        """Test retrieving document text."""
+        from opencontractserver.mcp.tools import get_document_text
+
+        result = get_document_text(self.corpus.slug, self.doc1.slug)
+
+        self.assertEqual(result["document_slug"], self.doc1.slug)
+        self.assertEqual(result["page_count"], 5)
+        # Note: File storage in tests may not persist, so we just verify the structure
+        self.assertIn("text", result)
+
+    def test_get_document_text_no_file(self):
+        """Test retrieving document text when no text file exists."""
+        from opencontractserver.mcp.tools import get_document_text
+
+        result = get_document_text(self.corpus.slug, self.doc_no_text.slug)
+
+        self.assertEqual(result["document_slug"], self.doc_no_text.slug)
+        self.assertEqual(result["text"], "")
+
+    def test_get_document_text_nonexistent(self):
+        """Test accessing nonexistent document."""
+        from opencontractserver.documents.models import Document
+        from opencontractserver.mcp.tools import get_document_text
+
+        with self.assertRaises(Document.DoesNotExist):
+            get_document_text(self.corpus.slug, "nonexistent-doc")
+
+
+class MCPToolsAnnotationsTest(TestCase):
+    """Tests for MCP annotation-related tools."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data with annotations."""
+        from opencontractserver.annotations.models import Annotation, AnnotationLabel
+        from opencontractserver.documents.models import Document, DocumentPath
+
+        cls.owner = User.objects.create_user(
+            username="anntoolsowner",
+            email="anntools@test.com",
+            password="testpass123",
+        )
+
+        cls.corpus = Corpus.objects.create(
+            title="Annotation Test Corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.document = Document.objects.create(
+            title="Annotated Document",
+            creator=cls.owner,
+            is_public=True,
+            page_count=3,
+        )
+
+        DocumentPath.objects.create(
+            document=cls.document,
+            corpus=cls.corpus,
+            path="/annotated.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+
+        cls.label1 = AnnotationLabel.objects.create(
+            text="Header",
+            color="#0000FF",
+            label_type="TOKEN_LABEL",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.label2 = AnnotationLabel.objects.create(
+            text="Paragraph",
+            color="#00FF00",
+            label_type="TOKEN_LABEL",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        # Create annotations
+        cls.ann1 = Annotation.objects.create(
+            page=1,
+            raw_text="This is a header",
+            annotation_label=cls.label1,
+            document=cls.document,
+            corpus=cls.corpus,
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.ann2 = Annotation.objects.create(
+            page=1,
+            raw_text="This is a paragraph",
+            annotation_label=cls.label2,
+            document=cls.document,
+            corpus=cls.corpus,
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.ann3 = Annotation.objects.create(
+            page=2,
+            raw_text="Page 2 content",
+            annotation_label=cls.label1,
+            document=cls.document,
+            corpus=cls.corpus,
+            creator=cls.owner,
+            is_public=True,
+        )
+
+    def test_list_annotations(self):
+        """Test listing annotations on a document."""
+        from opencontractserver.mcp.tools import list_annotations
+
+        result = list_annotations(self.corpus.slug, self.document.slug)
+
+        self.assertIn("total_count", result)
+        self.assertIn("annotations", result)
+        self.assertEqual(result["total_count"], 3)
+
+    def test_list_annotations_filter_by_page(self):
+        """Test filtering annotations by page."""
+        from opencontractserver.mcp.tools import list_annotations
+
+        result = list_annotations(self.corpus.slug, self.document.slug, page=1)
+
+        self.assertEqual(result["total_count"], 2)
+        for ann in result["annotations"]:
+            self.assertEqual(ann["page"], 1)
+
+    def test_list_annotations_filter_by_label(self):
+        """Test filtering annotations by label text."""
+        from opencontractserver.mcp.tools import list_annotations
+
+        result = list_annotations(
+            self.corpus.slug, self.document.slug, label_text="Header"
+        )
+
+        self.assertEqual(result["total_count"], 2)
+        for ann in result["annotations"]:
+            self.assertEqual(ann["annotation_label"]["text"], "Header")
+
+    def test_list_annotations_pagination(self):
+        """Test annotation pagination."""
+        from opencontractserver.mcp.tools import list_annotations
+
+        result1 = list_annotations(self.corpus.slug, self.document.slug, limit=1)
+        result2 = list_annotations(
+            self.corpus.slug, self.document.slug, limit=1, offset=1
+        )
+
+        self.assertEqual(len(result1["annotations"]), 1)
+        self.assertEqual(len(result2["annotations"]), 1)
+        self.assertNotEqual(
+            result1["annotations"][0]["id"], result2["annotations"][0]["id"]
+        )
+
+
+class MCPToolsSearchTest(TestCase):
+    """Tests for MCP search functionality."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data for search."""
+        from opencontractserver.documents.models import Document, DocumentPath
+
+        cls.owner = User.objects.create_user(
+            username="searchowner", email="search@test.com", password="testpass123"
+        )
+
+        cls.corpus = Corpus.objects.create(
+            title="Search Test Corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.doc1 = Document.objects.create(
+            title="Contract Agreement",
+            description="Legal binding agreement",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.doc2 = Document.objects.create(
+            title="Terms of Service",
+            description="Website terms",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        DocumentPath.objects.create(
+            document=cls.doc1,
+            corpus=cls.corpus,
+            path="/contract.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+        DocumentPath.objects.create(
+            document=cls.doc2,
+            corpus=cls.corpus,
+            path="/terms.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+
+    def test_search_corpus_text_fallback(self):
+        """Test search falls back to text search without embeddings."""
+        from opencontractserver.mcp.tools import search_corpus
+
+        # Without embeddings, should use text fallback
+        result = search_corpus(self.corpus.slug, "Contract")
+
+        self.assertIn("query", result)
+        self.assertIn("results", result)
+        self.assertEqual(result["query"], "Contract")
+
+        # Should find the document with "Contract" in title
+        self.assertTrue(len(result["results"]) >= 1)
+        self.assertEqual(result["results"][0]["title"], "Contract Agreement")
+
+    def test_search_corpus_limit(self):
+        """Test search respects limit."""
+        from opencontractserver.mcp.tools import search_corpus
+
+        result = search_corpus(self.corpus.slug, "test", limit=1)
+
+        self.assertLessEqual(len(result["results"]), 1)
+
+    def test_text_search_fallback_directly(self):
+        """Test the text search fallback function directly."""
+        from django.contrib.auth.models import AnonymousUser
+
+        from opencontractserver.mcp.tools import _text_search_fallback
+
+        anonymous = AnonymousUser()
+        result = _text_search_fallback(self.corpus, "Contract", 10, anonymous)
+
+        self.assertIn("query", result)
+        self.assertEqual(result["query"], "Contract")
+        self.assertTrue(len(result["results"]) >= 1)
+
+
+class MCPToolsThreadsTest(TestCase):
+    """Tests for MCP thread-related tools."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data with threads."""
+        from opencontractserver.conversations.models import (
+            ChatMessage,
+            Conversation,
+            ConversationTypeChoices,
+            MessageTypeChoices,
+        )
+        from opencontractserver.documents.models import Document, DocumentPath
+
+        cls.owner = User.objects.create_user(
+            username="threadowner", email="thread@test.com", password="testpass123"
+        )
+
+        cls.corpus = Corpus.objects.create(
+            title="Thread Test Corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.document = Document.objects.create(
+            title="Thread Document",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        DocumentPath.objects.create(
+            document=cls.document,
+            corpus=cls.corpus,
+            path="/thread_doc.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+
+        # Create threads
+        cls.thread1 = Conversation.objects.create(
+            title="Discussion Thread One",
+            description="First discussion",
+            creator=cls.owner,
+            is_public=True,
+            conversation_type=ConversationTypeChoices.THREAD,
+            chat_with_corpus=cls.corpus,
+            is_pinned=True,
+        )
+
+        cls.thread2 = Conversation.objects.create(
+            title="Discussion Thread Two",
+            description="Second discussion",
+            creator=cls.owner,
+            is_public=True,
+            conversation_type=ConversationTypeChoices.THREAD,
+            chat_with_corpus=cls.corpus,
+            chat_with_document=cls.document,
+        )
+
+        # Add messages to thread1
+        cls.msg1 = ChatMessage.objects.create(
+            conversation=cls.thread1,
+            content="Hello everyone!",
+            msg_type=MessageTypeChoices.HUMAN,
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.msg2 = ChatMessage.objects.create(
+            conversation=cls.thread1,
+            content="Welcome to the discussion",
+            msg_type=MessageTypeChoices.HUMAN,
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        # Add a reply to msg1
+        cls.reply1 = ChatMessage.objects.create(
+            conversation=cls.thread1,
+            content="Thanks for the welcome!",
+            msg_type=MessageTypeChoices.HUMAN,
+            parent_message=cls.msg1,
+            creator=cls.owner,
+            is_public=True,
+        )
+
+    def test_list_threads(self):
+        """Test listing threads in a corpus."""
+        from opencontractserver.mcp.tools import list_threads
+
+        result = list_threads(self.corpus.slug)
+
+        self.assertIn("total_count", result)
+        self.assertIn("threads", result)
+        self.assertEqual(result["total_count"], 2)
+
+        # Pinned thread should be first
+        self.assertEqual(result["threads"][0]["id"], str(self.thread1.id))
+        self.assertTrue(result["threads"][0]["is_pinned"])
+
+    def test_list_threads_filter_by_document(self):
+        """Test filtering threads by document."""
+        from opencontractserver.mcp.tools import list_threads
+
+        result = list_threads(self.corpus.slug, document_slug=self.document.slug)
+
+        self.assertEqual(result["total_count"], 1)
+        self.assertEqual(result["threads"][0]["id"], str(self.thread2.id))
+
+    def test_list_threads_pagination(self):
+        """Test thread pagination."""
+        from opencontractserver.mcp.tools import list_threads
+
+        result = list_threads(self.corpus.slug, limit=1)
+        self.assertEqual(len(result["threads"]), 1)
+
+    def test_get_thread_messages_hierarchical(self):
+        """Test getting thread messages with hierarchy."""
+        from opencontractserver.mcp.tools import get_thread_messages
+
+        result = get_thread_messages(self.corpus.slug, self.thread1.id)
+
+        self.assertEqual(result["thread_id"], str(self.thread1.id))
+        self.assertEqual(result["title"], "Discussion Thread One")
+        self.assertIn("messages", result)
+
+        # Should have 2 root messages
+        root_messages = result["messages"]
+        self.assertEqual(len(root_messages), 2)
+
+        # First message should have a reply
+        msg1_data = next(m for m in root_messages if m["content"] == "Hello everyone!")
+        self.assertEqual(len(msg1_data["replies"]), 1)
+        self.assertEqual(msg1_data["replies"][0]["content"], "Thanks for the welcome!")
+
+    def test_get_thread_messages_flattened(self):
+        """Test getting thread messages flattened."""
+        from opencontractserver.mcp.tools import get_thread_messages
+
+        result = get_thread_messages(self.corpus.slug, self.thread1.id, flatten=True)
+
+        self.assertEqual(result["thread_id"], str(self.thread1.id))
+        # All 3 messages should be in a flat list
+        self.assertEqual(len(result["messages"]), 3)
+
+    def test_get_thread_messages_nonexistent(self):
+        """Test getting messages from nonexistent thread."""
+        from django.core.exceptions import ObjectDoesNotExist
+
+        from opencontractserver.mcp.tools import get_thread_messages
+
+        with self.assertRaises(ObjectDoesNotExist):
+            get_thread_messages(self.corpus.slug, 99999)
+
+
+class MCPResourcesDocumentTest(TestCase):
+    """Tests for MCP document resources."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data."""
+        from django.core.files.base import ContentFile
+
+        from opencontractserver.documents.models import Document, DocumentPath
+
+        cls.owner = User.objects.create_user(
+            username="docresowner", email="docres@test.com", password="testpass123"
+        )
+
+        cls.corpus = Corpus.objects.create(
+            title="Document Resource Corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.document = Document.objects.create(
+            title="Resource Document",
+            description="Document for resource testing",
+            creator=cls.owner,
+            is_public=True,
+            page_count=10,
+            file_type="application/pdf",
+        )
+        cls.document.txt_extract_file.save(
+            "resource_doc.txt", ContentFile(b"Full text content for resource test")
+        )
+
+        DocumentPath.objects.create(
+            document=cls.document,
+            corpus=cls.corpus,
+            path="/resource_doc.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+
+    def test_get_document_resource(self):
+        """Test getting document resource."""
+        from opencontractserver.mcp.resources import get_document_resource
+
+        result = get_document_resource(self.corpus.slug, self.document.slug)
+        data = json.loads(result)
+
+        self.assertEqual(data["slug"], self.document.slug)
+        self.assertEqual(data["title"], "Resource Document")
+        self.assertEqual(data["description"], "Document for resource testing")
+        self.assertEqual(data["page_count"], 10)
+        self.assertEqual(data["file_type"], "application/pdf")
+        # Note: File storage in tests may not persist, so we just verify the structure
+        self.assertIn("full_text", data)
+        self.assertIn("text_preview", data)
+
+    def test_get_document_resource_nonexistent(self):
+        """Test accessing nonexistent document."""
+        from opencontractserver.documents.models import Document
+        from opencontractserver.mcp.resources import get_document_resource
+
+        with self.assertRaises(Document.DoesNotExist):
+            get_document_resource(self.corpus.slug, "nonexistent-doc")
+
+
+class MCPResourcesAnnotationTest(TestCase):
+    """Tests for MCP annotation resources."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data."""
+        from opencontractserver.annotations.models import Annotation, AnnotationLabel
+        from opencontractserver.documents.models import Document, DocumentPath
+
+        cls.owner = User.objects.create_user(
+            username="annresowner", email="annres@test.com", password="testpass123"
+        )
+
+        cls.corpus = Corpus.objects.create(
+            title="Annotation Resource Corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.document = Document.objects.create(
+            title="Annotation Resource Doc",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        DocumentPath.objects.create(
+            document=cls.document,
+            corpus=cls.corpus,
+            path="/ann_resource.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+
+        cls.label = AnnotationLabel.objects.create(
+            text="Resource Label",
+            color="#AABBCC",
+            label_type="TOKEN_LABEL",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.annotation = Annotation.objects.create(
+            page=3,
+            raw_text="Annotation text for resource",
+            annotation_label=cls.label,
+            document=cls.document,
+            corpus=cls.corpus,
+            creator=cls.owner,
+            is_public=True,
+            bounding_box={"x": 10, "y": 20, "width": 100, "height": 50},
+        )
+
+    def test_get_annotation_resource(self):
+        """Test getting annotation resource."""
+        from opencontractserver.mcp.resources import get_annotation_resource
+
+        result = get_annotation_resource(
+            self.corpus.slug, self.document.slug, self.annotation.id
+        )
+        data = json.loads(result)
+
+        self.assertEqual(data["id"], str(self.annotation.id))
+        self.assertEqual(data["page"], 3)
+        self.assertEqual(data["raw_text"], "Annotation text for resource")
+        self.assertEqual(data["annotation_label"]["text"], "Resource Label")
+        self.assertEqual(data["annotation_label"]["color"], "#AABBCC")
+        self.assertEqual(data["bounding_box"]["x"], 10)
+
+
+class MCPResourcesThreadTest(TestCase):
+    """Tests for MCP thread resources."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data."""
+        from opencontractserver.conversations.models import (
+            ChatMessage,
+            Conversation,
+            ConversationTypeChoices,
+            MessageTypeChoices,
+        )
+
+        cls.owner = User.objects.create_user(
+            username="threadresowner",
+            email="threadres@test.com",
+            password="testpass123",
+        )
+
+        cls.corpus = Corpus.objects.create(
+            title="Thread Resource Corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.thread = Conversation.objects.create(
+            title="Resource Thread",
+            description="Thread for resource testing",
+            creator=cls.owner,
+            is_public=True,
+            conversation_type=ConversationTypeChoices.THREAD,
+            chat_with_corpus=cls.corpus,
+            is_locked=True,
+            is_pinned=True,
+        )
+
+        cls.message = ChatMessage.objects.create(
+            conversation=cls.thread,
+            content="Resource thread message",
+            msg_type=MessageTypeChoices.HUMAN,
+            creator=cls.owner,
+            is_public=True,
+        )
+
+    def test_get_thread_resource(self):
+        """Test getting thread resource."""
+        from opencontractserver.mcp.resources import get_thread_resource
+
+        result = get_thread_resource(self.corpus.slug, self.thread.id)
+        data = json.loads(result)
+
+        self.assertEqual(data["id"], str(self.thread.id))
+        self.assertEqual(data["title"], "Resource Thread")
+        self.assertEqual(data["description"], "Thread for resource testing")
+        self.assertTrue(data["is_locked"])
+        self.assertTrue(data["is_pinned"])
+        self.assertIn("messages", data)
+        self.assertEqual(len(data["messages"]), 1)
+        self.assertEqual(data["messages"][0]["content"], "Resource thread message")
+
+    def test_get_thread_resource_nonexistent(self):
+        """Test accessing nonexistent thread."""
+        from opencontractserver.conversations.models import Conversation
+        from opencontractserver.mcp.resources import get_thread_resource
+
+        with self.assertRaises(Conversation.DoesNotExist):
+            get_thread_resource(self.corpus.slug, 99999)
+
+
+class MCPResourcesCorpusWithLabelSetTest(TestCase):
+    """Tests for corpus resources with label sets."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data with label set."""
+        from opencontractserver.annotations.models import AnnotationLabel, LabelSet
+
+        cls.owner = User.objects.create_user(
+            username="labelsetowner",
+            email="labelset@test.com",
+            password="testpass123",
+        )
+
+        cls.label_set = LabelSet.objects.create(
+            title="Test Label Set",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.label1 = AnnotationLabel.objects.create(
+            text="Label A",
+            color="#111111",
+            label_type="TOKEN_LABEL",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.label2 = AnnotationLabel.objects.create(
+            text="Label B",
+            color="#222222",
+            label_type="SPAN_LABEL",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.label_set.annotation_labels.add(cls.label1, cls.label2)
+
+        cls.corpus = Corpus.objects.create(
+            title="Corpus With Labels",
+            description="Has a label set",
+            creator=cls.owner,
+            is_public=True,
+            label_set=cls.label_set,
+        )
+
+    def test_get_corpus_resource_with_label_set(self):
+        """Test corpus resource includes label set data."""
+        from opencontractserver.mcp.resources import get_corpus_resource
+
+        result = get_corpus_resource(self.corpus.slug)
+        data = json.loads(result)
+
+        self.assertEqual(data["title"], "Corpus With Labels")
+        self.assertIsNotNone(data["label_set"])
+        self.assertEqual(data["label_set"]["title"], "Test Label Set")
+        self.assertEqual(len(data["label_set"]["labels"]), 2)
+
+        label_texts = [label["text"] for label in data["label_set"]["labels"]]
+        self.assertIn("Label A", label_texts)
+        self.assertIn("Label B", label_texts)
+
+
+class MCPFormattersExtendedTest(TestCase):
+    """Extended tests for MCP formatters."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create test data."""
+        from opencontractserver.annotations.models import Annotation, AnnotationLabel
+        from opencontractserver.conversations.models import (
+            ChatMessage,
+            Conversation,
+            ConversationTypeChoices,
+            MessageTypeChoices,
+        )
+        from opencontractserver.documents.models import Document, DocumentPath
+
+        cls.owner = User.objects.create_user(
+            username="formatextowner",
+            email="formatext@test.com",
+            password="testpass123",
+        )
+
+        cls.corpus = Corpus.objects.create(
+            title="Formatter Test Corpus",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.document = Document.objects.create(
+            title="Formatter Test Doc",
+            description="Document for formatter tests",
+            creator=cls.owner,
+            is_public=True,
+            page_count=15,
+            file_type="application/pdf",
+        )
+
+        DocumentPath.objects.create(
+            document=cls.document,
+            corpus=cls.corpus,
+            path="/formatter.pdf",
+            version_number=1,
+            is_current=True,
+            is_deleted=False,
+            creator=cls.owner,
+        )
+
+        cls.label = AnnotationLabel.objects.create(
+            text="Formatter Label",
+            color="#DDEEFF",
+            label_type="TOKEN_LABEL",
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.annotation = Annotation.objects.create(
+            page=5,
+            raw_text="Formatter annotation text",
+            annotation_label=cls.label,
+            document=cls.document,
+            corpus=cls.corpus,
+            creator=cls.owner,
+            is_public=True,
+            structural=True,
+        )
+
+        cls.annotation_no_label = Annotation.objects.create(
+            page=6,
+            raw_text="No label annotation",
+            annotation_label=None,
+            document=cls.document,
+            corpus=cls.corpus,
+            creator=cls.owner,
+            is_public=True,
+        )
+
+        cls.thread = Conversation.objects.create(
+            title="Formatter Thread",
+            description="Thread for formatter tests",
+            creator=cls.owner,
+            is_public=True,
+            conversation_type=ConversationTypeChoices.THREAD,
+            chat_with_corpus=cls.corpus,
+            is_locked=False,
+            is_pinned=False,
+        )
+
+        cls.message = ChatMessage.objects.create(
+            conversation=cls.thread,
+            content="Formatter message content",
+            msg_type=MessageTypeChoices.HUMAN,
+            creator=cls.owner,
+            is_public=True,
+            upvote_count=5,
+            downvote_count=2,
+        )
+
+        cls.reply = ChatMessage.objects.create(
+            conversation=cls.thread,
+            content="Reply to formatter message",
+            msg_type=MessageTypeChoices.HUMAN,
+            parent_message=cls.message,
+            creator=cls.owner,
+            is_public=True,
+        )
+
+    def test_format_document_summary(self):
+        """Test document summary formatting."""
+        from opencontractserver.mcp.formatters import format_document_summary
+
+        result = format_document_summary(self.document)
+
+        self.assertEqual(result["slug"], self.document.slug)
+        self.assertEqual(result["title"], "Formatter Test Doc")
+        self.assertEqual(result["description"], "Document for formatter tests")
+        self.assertEqual(result["page_count"], 15)
+        self.assertEqual(result["file_type"], "application/pdf")
+        self.assertIn("created", result)
+
+    def test_format_annotation(self):
+        """Test annotation formatting."""
+        from opencontractserver.mcp.formatters import format_annotation
+
+        result = format_annotation(self.annotation)
+
+        self.assertEqual(result["id"], str(self.annotation.id))
+        self.assertEqual(result["page"], 5)
+        self.assertEqual(result["raw_text"], "Formatter annotation text")
+        self.assertTrue(result["structural"])
+        self.assertEqual(result["annotation_label"]["text"], "Formatter Label")
+        self.assertEqual(result["annotation_label"]["color"], "#DDEEFF")
+
+    def test_format_annotation_without_label(self):
+        """Test annotation formatting without label."""
+        from opencontractserver.mcp.formatters import format_annotation
+
+        result = format_annotation(self.annotation_no_label)
+
+        self.assertEqual(result["id"], str(self.annotation_no_label.id))
+        self.assertIsNone(result["annotation_label"])
+
+    def test_format_thread_summary(self):
+        """Test thread summary formatting."""
+        from opencontractserver.mcp.formatters import format_thread_summary
+
+        result = format_thread_summary(self.thread)
+
+        self.assertEqual(result["id"], str(self.thread.id))
+        self.assertEqual(result["title"], "Formatter Thread")
+        self.assertEqual(result["description"], "Thread for formatter tests")
+        self.assertFalse(result["is_pinned"])
+        self.assertFalse(result["is_locked"])
+        self.assertIn("created_at", result)
+        self.assertIn("last_activity", result)
+
+    def test_format_message(self):
+        """Test message formatting."""
+        from opencontractserver.mcp.formatters import format_message
+
+        result = format_message(self.message)
+
+        self.assertEqual(result["id"], str(self.message.id))
+        self.assertEqual(result["content"], "Formatter message content")
+        self.assertEqual(result["msg_type"], "HUMAN")
+        self.assertEqual(result["upvote_count"], 5)
+        self.assertEqual(result["downvote_count"], 2)
+        self.assertIn("created_at", result)
+
+    def test_format_message_with_replies(self):
+        """Test message formatting with replies."""
+        from django.contrib.auth.models import AnonymousUser
+
+        from opencontractserver.mcp.formatters import format_message_with_replies
+
+        anonymous = AnonymousUser()
+        result = format_message_with_replies(self.message, anonymous)
+
+        self.assertEqual(result["id"], str(self.message.id))
+        self.assertEqual(result["content"], "Formatter message content")
+        self.assertIn("replies", result)
+        self.assertEqual(len(result["replies"]), 1)
+        self.assertEqual(result["replies"][0]["content"], "Reply to formatter message")
+
+    def test_format_message_with_replies_max_depth(self):
+        """Test message formatting respects max depth."""
+        from django.contrib.auth.models import AnonymousUser
+
+        from opencontractserver.mcp.formatters import format_message_with_replies
+
+        anonymous = AnonymousUser()
+
+        # Test with max_depth=0 should not include any replies
+        result = format_message_with_replies(
+            self.message, anonymous, max_depth=0, current_depth=0
+        )
+
+        self.assertEqual(result["replies"], [])
+        # Should have indication if more replies exist
+        self.assertIn("has_more_replies", result)
+
+
+class MCPServerAsyncTest(TestCase):
+    """Tests for MCP server async handlers."""
+
+    def test_create_mcp_server(self):
+        """Test MCP server creation."""
+        from opencontractserver.mcp.server import create_mcp_server
+
+        server = create_mcp_server()
+        self.assertIsNotNone(server)
+        self.assertEqual(server.name, "opencontracts")
+
+    def test_get_session_manager(self):
+        """Test session manager creation."""
+        from opencontractserver.mcp.server import get_session_manager
+
+        manager = get_session_manager()
+        self.assertIsNotNone(manager)
+
+        # Getting it again should return the same instance
+        manager2 = get_session_manager()
+        self.assertIs(manager, manager2)
+
+    def test_create_mcp_asgi_app(self):
+        """Test ASGI app creation."""
+        from opencontractserver.mcp.server import create_mcp_asgi_app
+
+        app = create_mcp_asgi_app()
+        self.assertIsNotNone(app)
+        self.assertTrue(callable(app))
+
+
+class MCPServerComponentsTest(TestCase):
+    """Tests for MCP server components."""
+
+    def test_mcp_lifespan_manager(self):
+        """Test MCPLifespanManager initialization."""
+        from opencontractserver.mcp.server import MCPLifespanManager
+
+        manager = MCPLifespanManager()
+        self.assertFalse(manager._started)
+        self.assertIsNone(manager._run_context)
+
+    def test_uri_parser_patterns(self):
+        """Test URIParser pattern constants."""
+        from opencontractserver.mcp.server import URIParser
+
+        # Check patterns are compiled
+        self.assertIsNotNone(URIParser.PATTERNS["corpus"])
+        self.assertIsNotNone(URIParser.PATTERNS["document"])
+        self.assertIsNotNone(URIParser.PATTERNS["annotation"])
+        self.assertIsNotNone(URIParser.PATTERNS["thread"])
+
+    def test_mcp_server_has_name(self):
+        """Test MCP server has correct name."""
+        from opencontractserver.mcp.server import mcp_server
+
+        self.assertEqual(mcp_server.name, "opencontracts")
+
+    def test_mcp_asgi_app_exists(self):
+        """Test ASGI app is created."""
+        from opencontractserver.mcp.server import mcp_asgi_app
+
+        self.assertIsNotNone(mcp_asgi_app)
+        self.assertTrue(callable(mcp_asgi_app))
diff --git a/opencontractserver/mcp/tools.py b/opencontractserver/mcp/tools.py
new file mode 100644
index 000000000..083b929d5
--- /dev/null
+++ b/opencontractserver/mcp/tools.py
@@ -0,0 +1,386 @@
+"""MCP Tool implementations for OpenContracts.
+
+Tools provide dynamic operations - they execute queries and return results.
+"""
+
+from __future__ import annotations
+
+from django.contrib.auth.models import AnonymousUser
+from django.db.models import Count, Q
+
+from .formatters import (
+    format_annotation,
+    format_corpus_summary,
+    format_document_summary,
+    format_message,
+    format_message_with_replies,
+    format_thread_summary,
+)
+
+
+def list_public_corpuses(limit: int = 20, offset: int = 0, search: str = "") -> dict:
+    """
+    List public corpuses visible to anonymous users.
+
+    Args:
+        limit: Number of results (default 20, max 100)
+        offset: Pagination offset
+        search: Optional search filter for title/description
+
+    Returns:
+        Dict with total_count and list of corpus summaries
+    """
+    from opencontractserver.corpuses.models import Corpus
+
+    # Enforce max limit
+    limit = min(limit, 100)
+
+    anonymous = AnonymousUser()
+    qs = Corpus.objects.visible_to_user(anonymous)
+
+    if search:
+        qs = qs.filter(Q(title__icontains=search) | Q(description__icontains=search))
+
+    total_count = qs.count()
+    corpuses = list(qs[offset : offset + limit])
+
+    return {
+        "total_count": total_count,
+        "corpuses": [format_corpus_summary(c) for c in corpuses],
+    }
+
+
+def list_documents(
+    corpus_slug: str, limit: int = 50, offset: int = 0, search: str = ""
+) -> dict:
+    """
+    List documents in a public corpus.
+
+    Args:
+        corpus_slug: Corpus identifier
+        limit: Number of results (default 50, max 100)
+        offset: Pagination offset
+        search: Optional search filter
+
+    Returns:
+        Dict with total_count and list of document summaries
+    """
+    from opencontractserver.corpuses.models import Corpus
+    from opencontractserver.documents.models import Document
+
+    limit = min(limit, 100)
+    anonymous = AnonymousUser()
+
+    # Get corpus (raises Corpus.DoesNotExist if not found or not public)
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+
+    # Get documents in corpus via DocumentPath (source of truth), filtered by visibility
+    corpus_doc_ids = corpus.get_documents().values_list("id", flat=True)
+    qs = Document.objects.visible_to_user(anonymous).filter(id__in=corpus_doc_ids)
+
+    if search:
+        qs = qs.filter(Q(title__icontains=search) | Q(description__icontains=search))
+
+    total_count = qs.count()
+    documents = list(qs[offset : offset + limit])
+
+    return {
+        "total_count": total_count,
+        "documents": [format_document_summary(d) for d in documents],
+    }
+
+
+def get_document_text(corpus_slug: str, document_slug: str) -> dict:
+    """
+    Retrieve full extracted text from a document.
+
+    Args:
+        corpus_slug: Corpus identifier
+        document_slug: Document identifier
+
+    Returns:
+        Dict with document slug, page count, and full text
+    """
+    from opencontractserver.corpuses.models import Corpus
+    from opencontractserver.documents.models import Document
+
+    anonymous = AnonymousUser()
+
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+    # Get document in corpus via DocumentPath, filtered by visibility and slug
+    corpus_doc_ids = corpus.get_documents().values_list("id", flat=True)
+    document = Document.objects.visible_to_user(anonymous).get(
+        id__in=corpus_doc_ids, slug=document_slug
+    )
+
+    full_text = ""
+    if document.txt_extract_file:
+        try:
+            with document.txt_extract_file.open("r") as f:
+                full_text = f.read()
+        except Exception:
+            full_text = ""
+
+    return {
+        "document_slug": document.slug,
+        "page_count": document.page_count or 0,
+        "text": full_text,
+    }
+
+
+def list_annotations(
+    corpus_slug: str,
+    document_slug: str,
+    page: int | None = None,
+    label_text: str | None = None,
+    limit: int = 100,
+    offset: int = 0,
+) -> dict:
+    """
+    List annotations on a document with optional filtering.
+
+    Args:
+        corpus_slug: Corpus identifier
+        document_slug: Document identifier
+        page: Optional page number filter
+        label_text: Optional label text filter
+        limit: Number of results (max 100)
+        offset: Pagination offset
+
+    Returns:
+        Dict with total_count and list of annotations
+    """
+    from opencontractserver.annotations.query_optimizer import AnnotationQueryOptimizer
+    from opencontractserver.corpuses.models import Corpus
+    from opencontractserver.documents.models import Document
+
+    limit = min(limit, 100)
+    anonymous = AnonymousUser()
+
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+    # Get document in corpus via DocumentPath, filtered by visibility and slug
+    corpus_doc_ids = corpus.get_documents().values_list("id", flat=True)
+    document = Document.objects.visible_to_user(anonymous).get(
+        id__in=corpus_doc_ids, slug=document_slug
+    )
+
+    # Use query optimizer - eliminates N+1 permission queries
+    qs = AnnotationQueryOptimizer.get_document_annotations(
+        document_id=document.id, user=anonymous, corpus_id=corpus.id
+    )
+
+    # Apply filters
+    if page is not None:
+        qs = qs.filter(page=page)
+
+    if label_text:
+        qs = qs.filter(annotation_label__text=label_text)
+
+    total_count = qs.count()
+    annotations = list(qs.select_related("annotation_label")[offset : offset + limit])
+
+    return {
+        "total_count": total_count,
+        "annotations": [format_annotation(a) for a in annotations],
+    }
+
+
+def search_corpus(corpus_slug: str, query: str, limit: int = 10) -> dict:
+    """
+    Semantic search within a corpus using vector embeddings.
+
+    Falls back to text search if embeddings are unavailable.
+
+    Args:
+        corpus_slug: Corpus identifier
+        query: Search query text
+        limit: Number of results (max 50)
+
+    Returns:
+        Dict with query and ranked results
+    """
+    from opencontractserver.corpuses.models import Corpus
+    from opencontractserver.documents.models import Document
+
+    limit = min(limit, 50)
+    anonymous = AnonymousUser()
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+
+    # Try to use vector search
+    try:
+        # embed_text() returns (embedder_path, query_vector) tuple
+        embedder_path, query_vector = corpus.embed_text(query)
+
+        if query_vector:
+            # Get document IDs in corpus via DocumentPath (source of truth)
+            corpus_doc_ids = corpus.get_documents().values_list("id", flat=True)
+            # Search documents using vector similarity, filtered by corpus membership
+            doc_results = list(
+                Document.objects.visible_to_user(anonymous)
+                .filter(id__in=corpus_doc_ids)
+                .search_by_embedding(query_vector, embedder_path, top_k=limit)
+            )
+
+            results = []
+            for doc in doc_results:
+                results.append(
+                    {
+                        "type": "document",
+                        "slug": doc.slug,
+                        "title": doc.title or "",
+                        "similarity_score": float(getattr(doc, "similarity_score", 0)),
+                    }
+                )
+
+            return {"query": query, "results": results}
+    except Exception:
+        pass
+
+    # Fallback to text search
+    return _text_search_fallback(corpus, query, limit, anonymous)
+
+
+def _text_search_fallback(corpus, query: str, limit: int, user) -> dict:
+    """Fallback to text search when embeddings are unavailable."""
+    from opencontractserver.documents.models import Document
+
+    # Get document IDs in corpus via DocumentPath (source of truth)
+    corpus_doc_ids = corpus.get_documents().values_list("id", flat=True)
+    documents = list(
+        Document.objects.visible_to_user(user)
+        .filter(id__in=corpus_doc_ids)
+        .filter(Q(title__icontains=query) | Q(description__icontains=query))[:limit]
+    )
+
+    results = []
+    for doc in documents:
+        results.append(
+            {
+                "type": "document",
+                "slug": doc.slug,
+                "title": doc.title or "",
+                "similarity_score": None,
+            }
+        )
+
+    return {"query": query, "results": results}
+
+
+def list_threads(
+    corpus_slug: str, document_slug: str | None = None, limit: int = 20, offset: int = 0
+) -> dict:
+    """
+    List discussion threads in a corpus or document.
+
+    Args:
+        corpus_slug: Corpus identifier
+        document_slug: Optional document filter
+        limit: Number of results (max 100)
+        offset: Pagination offset
+
+    Returns:
+        Dict with total_count and list of thread summaries
+    """
+    from opencontractserver.conversations.models import (
+        Conversation,
+        ConversationTypeChoices,
+    )
+    from opencontractserver.corpuses.models import Corpus
+    from opencontractserver.documents.models import Document
+
+    limit = min(limit, 100)
+    anonymous = AnonymousUser()
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+
+    qs = (
+        Conversation.objects.visible_to_user(anonymous)
+        .filter(
+            conversation_type=ConversationTypeChoices.THREAD, chat_with_corpus=corpus
+        )
+        .annotate(message_count=Count("chat_messages"))
+    )
+
+    if document_slug:
+        # Get document in corpus via DocumentPath, filtered by visibility and slug
+        corpus_doc_ids = corpus.get_documents().values_list("id", flat=True)
+        document = Document.objects.visible_to_user(anonymous).get(
+            id__in=corpus_doc_ids, slug=document_slug
+        )
+        qs = qs.filter(chat_with_document=document)
+
+    # Order by pinned first, then recent activity
+    qs = qs.order_by("-is_pinned", "-modified")
+
+    total_count = qs.count()
+    threads = list(qs[offset : offset + limit])
+
+    return {
+        "total_count": total_count,
+        "threads": [format_thread_summary(t) for t in threads],
+    }
+
+
+def get_thread_messages(
+    corpus_slug: str, thread_id: int, flatten: bool = False
+) -> dict:
+    """
+    Retrieve all messages in a thread with hierarchical structure.
+
+    Args:
+        corpus_slug: Corpus identifier
+        thread_id: Thread identifier
+        flatten: If True, return flat list instead of tree
+
+    Returns:
+        Dict with thread_id, title, and messages
+    """
+    from django.core.exceptions import ObjectDoesNotExist
+
+    from opencontractserver.conversations.models import (
+        ChatMessage,
+        Conversation,
+        ConversationTypeChoices,
+    )
+    from opencontractserver.corpuses.models import Corpus
+
+    anonymous = AnonymousUser()
+    corpus = Corpus.objects.visible_to_user(anonymous).get(slug=corpus_slug)
+
+    thread = (
+        Conversation.objects.visible_to_user(anonymous)
+        .filter(
+            conversation_type=ConversationTypeChoices.THREAD,
+            chat_with_corpus=corpus,
+            id=thread_id,
+        )
+        .first()
+    )
+
+    if not thread:
+        raise ObjectDoesNotExist(f"Thread {thread_id} not found")
+
+    if flatten:
+        messages = list(
+            ChatMessage.objects.visible_to_user(anonymous)
+            .filter(conversation=thread)
+            .order_by("created_at")
+        )
+        return {
+            "thread_id": str(thread.id),
+            "title": thread.title or "",
+            "messages": [format_message(m) for m in messages],
+        }
+
+    # Build hierarchical structure with prefetch
+    root_messages = list(
+        ChatMessage.objects.visible_to_user(anonymous)
+        .filter(conversation=thread, parent_message__isnull=True)
+        .prefetch_related("replies__replies")
+        .order_by("created_at")
+    )
+
+    return {
+        "thread_id": str(thread.id),
+        "title": thread.title or "",
+        "messages": [format_message_with_replies(m, anonymous) for m in root_messages],
+    }
diff --git a/requirements/base.txt b/requirements/base.txt
index bbe50c6d9..f8d257e11 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -76,6 +76,10 @@ posthog==3.8.3  # https://github.com/posthog/posthog-python
 # ------------------------------------------------------------------------------
 jsonschema==4.25.1
 
+# Model Context Protocol
+# ------------------------------------------------------------------------------
+mcp>=1.0.0  # https://github.com/anthropics/python-sdk
+
 # Not directly required, pinned by Snyk to avoid a vulnerability
 # ------------------------------------------------------------------------------
 twisted>=24.7.0rc1 # not directly required, pinned by Snyk to avoid a vulnerability