[karussell]

Wouldn't the OpenAPI spec work too? Then no additional components are necessary. Just a link to the spec file...

[jjfoooo4]

(I'm the author of the post)

This would be my critique of MCP-specific security implementations. I think robust tools for this already exist, and in general AI API calls can and should be treated like any other RPC call.