| ▲ | doppelgunner 8 days ago | |
What's your preferred way, based on your experience? | ||
| ▲ | benreesman 8 days ago | parent [-] | |
The OpenAPI proposal is actually pretty reasonable in my view. I don't love it, but it's got pretty good tooling now, the semantics are firming up (even AsyncAPI is starting to come together and get used here and there). I'd prefer a more rigorous approach to integrating random stochastic agents deployed by people who don't care about me into my own data, but at least with OpenAPI/"REST" there's a bunch of infrastructure and know-how on not getting pwned constantly. The LLMs all know how to deal with JSON at this point, they even know how to read and write it based on a spec, it seems like Swagger is as good as anything with those design constraints. I'm cynical enough about real things that I don't need to invent new things to be cynical about, and I honestly don't know which side of Hanlon's Razor to slice with on the never-ending-unfixable-infinite-pwn-forever future of MCP: maybe they just rushed it out to get market share / mind share. Maybe normalizing criminally negligent security practices was a price someone was willing to pay to have number go up. IDK. I know MCP needs a re-think. | ||