[simonw]

How can you disagree with my first point? You can't use skills if you don't have a Bash environment in which to run them. Do you disagree?

Skills with an API exposed by the service usually means your coding agent can access the credentials for that service. This means that if you are hit by a prompt injection the attacker can steal those credentials.

[ntonozzi]

Something like Cloudflare's Code Mode fixes both of these! No privileged bash environment, no VM necessary, no exposing credentials to the LLM.

As the article states, LLMs are fantastic at writing code, and not so good at issuing tool calls.

[m11a]

Cloudflare's Code Mode is conceptually the same as Anthropic's Code Mode (https://www.anthropic.com/engineering/code-execution-with-mc...), or the various open source implementations that predate and postdate those blog posts.

tbh, that companies tried to make something proprietary of this concept is probably why its adoption has been weak and why we have "MCP vs CLI/Skills/etc" debates in the first place. In contrast, CLI tools only require a general a bash shell (potentially in a sandbox environment), which is very standardised.

[simianwords]

Fair points, learned something new.