alt Hacker NewsI think they’re saying you could start up the mcp and pass it creds/auth for some downstream service, and then the LLM uses the tool and has auth but doesn’t know the creds.
Replies
staticassertion • today at 12:39 AM
Oh. Yeah, that's neat at least. I don't think it's a big deal but that's nice enough.
JambalayaJimbo • yesterday at 9:55 PM
The MCP implementation is itself an agent right? Is that not just pushing the problem somewhere else?
Also, I run programs on my machine with a different privilege level than myself all the time. Why can’t an agent do that?
➕ show 2 replies
Right. If you're running a CLI tool that is authenticated there's effectively no way to prevent the coding agent from accessing those credentials itself - they're visible to the process, which means they're visible to the agent.
With MCP you can at least set things up such that the agent can't access the raw credentials directly.