VS Code: deny in settings should prevent MCP tools from loading into context, not just block execution
Resolved 💬 2 comments Opened Mar 4, 2026 by sipak Closed Apr 2, 2026
Bug description
When a VS Code extension registers an MCP server, there is no clean way to prevent its tools from being loaded into Claude Code's context. The deny permission in ~/.claude/settings.json only blocks tool execution but still loads all tool definitions into context, wasting tokens (8.4k tokens for 14 tools in my case).
What I tried (in order)
- Disabled the VS Code extension (Pencil) — MCP tools still loaded into context
- Removed the server entry from
~/Library/Application Support/Code/User/mcp.json— still loaded - Added
"deny": ["mcp__pencil"]to~/.claude/settings.json— tools still loaded into context (deny only blocks execution, not loading) - Ran
code --uninstall-extension highagency.pencildev— still loaded (old version 0.6.28 remained on disk alongside 0.6.30) - Manually deleted both extension directories from
~/.vscode/extensions/— finally worked after VS Code reload
Expected behavior
deny in Claude Code settings should prevent MCP tools from loading into context entirely — not just block their execution. Users should have a mechanism to control which MCP servers consume their context budget.
Alternatively, Claude Code should respect VS Code's extension disabled state and not register MCP servers from disabled extensions.
Impact
- 14 MCP tools × ~600 tokens each = 8.4k tokens wasted per session with no way to reclaim them short of uninstalling the extension
- Users who occasionally need an MCP-providing extension have to fully uninstall/reinstall instead of toggling it
Environment
- macOS 14 (Darwin 23.6.0)
- Claude Code v2.1.68
- VS Code (latest)
- Extension: highagency.pencildev (Pencil)
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗