On the "bobby tables" thing, my point is basically that all the same rules for API services still applies. You still have to sanitize sql and all the other stuff we've already been doing for decades.
> How do I put it behind an API without dumbing it down to inutility?
I dunno, I'm still feeling this out and just asking honest questions. But so far, most of the MCP functions I've seen have struck me as "this could be done behind an auto-generated RPC service running in a sandboxed environment".
> How do I put it behind an API without dumbing it down to inutility?
I dunno, I'm still feeling this out and just asking honest questions. But so far, most of the MCP functions I've seen have struck me as "this could be done behind an auto-generated RPC service running in a sandboxed environment".