|
|
|
|
|
|
by dezsirazvan
7 days ago
|
|
|
the read-only-by-default angle is underrated. been building an activity-log layer for agents and the moment we considered exposing write tools through MCP the security review story exploded. kept it query-only and integration went from "needs a security architecture doc" to "install the agent, done." most of the value of giving agents access to a system is just letting them read - the write part can usually go through whatever ops tooling already exists. |
|
|