> I bet we will move from CLIs to something else in about 3-6 months.

My bet would be OpenAPI specs. The model will think its calling a cli but we intercept the tool call and proxy it with the oauth credentials.

There are some implementations already out there in open web ui and bionic gpt.

Yeah, I think that’s broadly right.

MCP has plenty of problems, but standardising on OAuth was one of the better calls. Expiry, scopes, rotation, delegated access, all much better than the usual CLI pattern of long-lived API keys. The CLI story there is still pretty rough.

And once the policy model is host/path matching, GraphQL and JSON-RPC become awkward immediately unless the proxy starts understanding payload semantics.

What this appears to be is that we are now reinventing proxies with policy control and the best part of this is the solution (OneCLI) has no security audit. This would give a complete dismissal from the infosec teams to even attempt integrating this vibe-coded slop.

As long as the fake keys are known, they can be mapped directly to the real key with the endpoint in OneCLI to exfiltrate the data and you don't need to leak any keys anyway.

The correct solution is that there should be no sort of keys in the VM / Container in the first place.

> It is backwards. I bet we will move from CLIs to something else in about 3-6 months.

The hype around CLIs is just as unfounded as was MCPs and made no-sense just like OpenClaw did. Other than hosting providers almost no-one is making money from OpenClaw and from its use-cases; which is just wasting tokens.

We'll move on to the next shiny vibe-coded thing because someone else on X said so.