Remix.run Logo
vessenes 12 hours ago

This is great. As someone who has made a few MCP servers in the last few months, MAN this spec moves fast; well ahead of Anthropic's internal support for it, and well ahead of documentation for implementation. It's like the Javascript community suddenly got automatic code creation agents, and went to town..

That said, the original spec needed some rapid iteration. With https support finally in relatively good shape, I hope we'll be able to take a year to let the API dust settle. Spec updates every three months are really tough, especially when not versioned, thoroughly documented, or archived properly.

zackify 3 hours ago | parent | next [-]

It has been moving fast.

One weird thing I found a few weeks ago, when I added my remote MCP to Claude's integration tab on the website, I was getting OAuth errors.

Turns out they are requiring a special "claudeai" scope. Once I added that to my server, I was able to use it remotely in claude desktop!

I couldn't find any docs or reasons online for them requesting this scope.

Also, I have been using remote mcps in claude code for weeks with the awesome mcp-remote proxy tool. It's nice to not need that any longer!

Then as I'm writing a book currently on MCP Servers with OAuth, Elicitations come out! I'm rushing to update this book and be the best source for every part of the latest spec, as I can already see lots of gaps in documentation on all these things.

Huge shout out to VS Code for being the best MCP Client, they have support for Elicitations in Insiders already and it works great from my testing.

stingraycharles 10 hours ago | parent | prev | next [-]

Yeah, security really is an afterthought with most of these tools, but man the community is moving insanely fast — probably because most of these people are using these automation tools to develop their MCP servers in the first place.

It’s interesting to see other tools struggling to keep up. ChatGPT supposedly will get proper MCP client support “any day now”, but I don’t see codex supporting it any time soon.

Aider is very much struggling to adapt as well, as their whole workflow of editing and navigating files is easily replaced by MCP servers (probably better as well, as it provides much effective ways of reducing noise vs signal), so it’ll be interesting to see how tools adapt.

I’d love for Claude Code (or any tool for that matter) to fully embrace the agentic way of coding, e.g. have multiple agents specialize in different topics and some “main” agent directing them all. Those workflows seem to be working really well.

ljm 5 hours ago | parent | next [-]

The real security issue is around the use of ‘YOLO mode’ where you just let the agent invoke tools in a completely unattended manner. It’s not much different than slapping sudo in front of every shell command or running as root.

People are going to continue doing that because these agentic tasks can take some time to run and checking in to approve a command so often becomes an annoyance.

I can’t see a way around that except to have some kind of sandboxing or a concept of untrusted or tainted input rather than treating all tokens as the same. Maybe a way of detecting if the response of a tool is within a threshold of acceptability within the definition of the MCP (which is easier with structured output), which is used to force a manual confirmation or straight up rejection if it’s deemed to be unusual or unsafe.

alvis 4 hours ago | parent | next [-]

It's indeed an issue. I love codex that it contains everything in a sandbox and I can review what has changed. It's proper and I've much better idea what's going on.

That said, I ditched codex for claude code... Sorry open ai. No MCP and no way to interact during execution is a huge drawback.

wunderwuzzi23 3 hours ago | parent [-]

ChatGPT Codex has internet access since a few weeks ago. It's super configurable on where it can connect to.

anuramat 3 hours ago | parent | prev [-]

anthropic provides a custom devcontainer for sandboxing, but I have fallen in love with bubblewrap - it's a single command, and I get to keep all the infrastructure: e.g. it can do nix flakes without duplicating every derivation

vessenes 4 hours ago | parent | prev | next [-]

The aider slowdown is a real bummer. I’d love to have Claude code UI with the model choice aider gets me, but I’m not willing to give up tool integration.

Maxious 9 hours ago | parent | prev [-]

https://github.com/ruvnet/claude-code-flow adds some of the multiagent features ontop

stingraycharles 8 hours ago | parent [-]

Yeah that’s what I’m experimenting with, but I think it’s overengineered, especially with the whole dogmatic SPARC approach. I’m personally a more minimalistic person, and I would prefer it to be natively integrated into the app and being able to define exactly the (system) prompts for each of the agents.

jmsdnns 5 hours ago | parent | prev | next [-]

> Spec updates every three months are really tough, especially when not versioned, thoroughly documented, or archived properly.

Couldnt AI help with that..?

vessenes 4 hours ago | parent [-]

Ironically the updates make it hard to get llm coding support for it. Very ironically.

CharlieDigital 8 hours ago | parent | prev | next [-]

    > Javascript community suddenly got automatic code creation agents, and went to town.
I've been working on an MCP server[0] that let's LLMs safely and securely generate and execute JavaScript in a sandbox including using `fetch` to make API calls. It includes a built in secrets manager to prevent exposing secrets to the LLM.

I think this unlocks a lot of use cases that require code execution without compromising security. Biggest one is that you can now ask the LLM to make API calls securely because the JS is run in a C# interpreter with constraints for memory, time, and statement limits with hidden secrets (e.g. API keys).

The implementation is open source with sample client code in JS using Vercel AI SDK with a demo UI as well.

[0] https://github.com/CharlieDigital/runjs

rvnx 10 hours ago | parent | prev [-]

The crazy thing about things moving fast is that people bought Cursor for hundreds of millions when it is already outdated by Claude Code. Very foolish by the purchasers but very smart for the founders

diggan 8 hours ago | parent [-]

I think this is why we're seeing founders selling so quickly with these startups. You could wait some weeks or months to sell higher, but seems chances are higher that whatever you've built is outdated by then so why risk it?