thanks for sharing this, it resonates with me. as some other commenters have said, CLIs, cURL, and other shell tools are composable and discoverable. it seems like a good direction.

auth considerations are present in the design of MCP. this, as opposed to the hodgepodge auth story with CLIs. there are APIs that either don't support OAuth or where using bare credentials is more expedient, and using agent-visible env vars is a security incident waiting to happen. but that doesn't necessarily mean we must use MCP. i think it's a matter of time before agentic tools come bundled with a proxy layer from which secrets / env vars can be set and used but not directly read [0].

[0] https://www.joinformal.com/blog/using-proxies-to-hide-secret...