alt Hacker NewsI know of two benefits to MCP over Skills:
- If your agent doesn't have a full Bash-style code execution environment it can't run skills. MCP is a solid option for wiring in tools there.
- MCP can help solve authentication, keeping credentials for things in a place where the agent can't steal those credentials if it gets compromised. MCPs can also better handle access control and audit logging in a single place.
Replies
Can you explain the auth part? I feel like auth for an agent is largely a matter of either verifying its context or issuing it a JWT that's scoped to its rights, which I assume is quite similar to how any tools would work. But I'm very unfamiliar with MCP.
- MCPs can be long-running processes that have state, e.g., they can maintain a persistent connection with a server or local software.
- MCPs are trivial to write and maintain - at least in my experience and language of choice - and bash scripts are cursed. But I guess you can use a different scripting language.
- Agents can pollute their context by reading the script. I want to expose a black box that just works.
[dead]
I don't agree with either. Skills with an API exposed by the service solves both your problems.
The LLM can look at the OpenAPI spec and construct queries - I often do this pretty easily.