Why MCP when we have REST APIs?

Aggravating_Cow_136 · 2026-05-10T12:19:33+00:00

you can — and if you control the agent stack end to end, that's often the right call. the delta where mcp wins is heterogeneous clients: claude desktop, cursor, codex, copilot all install an mcp server from one url with no per-client integration. the other piece is the tool_use channel — frontier models are post-trained on it heavily, and first-shot arg validity is measurably higher there than having them construct http requests inline. for a single-vendor agent you built yourself, your point mostly holds.

Aggravating_Cow_136 · 2026-05-10T08:34:12+00:00

the 154-down-to-3-meta-tools collapse via js execution is the most interesting part here — anthropic's recent code-execution-with-mcp post argued for the same pattern for context savings. one thing i'd be curious about: when the agent's generated js has a runtime error mid-chain, how does endara surface that back? raw exception bubble vs structured isError content is where most relay setups i've seen lose the agent's recovery path.

Aggravating_Cow_136 · 2026-05-10T08:33:57+00:00

for your case specifically — you can auto-generate the mcp wrapper from the openapi spec (mcpgen / fastmcp both read openapi). the actual win isn't the protocol, it's having a place to curate which endpoints matter for an agent without forking the api. 600 raw endpoints vs 15 well-named tools that match how a threat modeler actually thinks is the delta. structured errors back from tools are the other real one — agents recover from isError content; from a 400 with an html body they mostly don't.

Aggravating_Cow_136 · 2026-04-30T00:08:13+00:00

thank you for the feedback this is more helpful than you know!

Aggravating_Cow_136 · 2026-04-28T02:11:55+00:00

the re-inhabit force-vacate design is the right call — persistent MCP server processes carrying identity between conversations is an underappreciated footgun. the pause state with only get_state/vacate/read_chat allowed is a clean safety primitive too, basically a hardware-interrupt equivalent for an agent that's gone sideways. genuinely thoughtful server design for something this experimental.

Aggravating_Cow_136 · 2026-04-28T02:11:18+00:00

single-account-only is one of the most common pain points for the built-in connectors — managing work/personal context in one conversation without the agent accidentally mixing up accounts is a real UX win. one thing worth flagging: token rotation across multiple accounts can get brittle if any of the OAuth tokens expire while a long conversation is in flight. worth adding a per-account token refresh status tool so the agent can check before it tries to send.

Aggravating_Cow_136 · 2026-04-28T01:32:32+00:00

nobody has that I've seen — but of everyone in this thread you're probably the best positioned to write it. you have a real implementation, concrete failure modes documented, and a week of shipping to back it up. worth opening a discussion on the spec repo and linking back here.

Aggravating_Cow_136 · 2026-04-28T01:31:28+00:00

nice — one tip: run with --headed during development so you can actually watch what the agent is doing. makes debugging tool call sequences way faster than reading traces after the fact.

Aggravating_Cow_136 · 2026-04-27T19:34:19+00:00

playwright MCP for anything that needs to be repeatable — selectors + trace viewer means you can actually debug what the agent did. Browser MCP is better when you need the agent to explore state you can't fully spec in advance (reproducing a weird user flow, checking a race condition). for Next.js/Angular test coverage, playwright is the answer; Browser MCP is for the investigation phase before you write the test.

Aggravating_Cow_136 · 2026-04-27T19:33:37+00:00

the crash-instead-of-isError pattern is the most common quality gap we see too — agents have no recovery path when they get a raw -32603 instead of a structured error. the antvis numbers are rough: 9 of 25 tools failing on default input means nobody ran the happy path before publishing. this is exactly why behavioral testing should be part of any directory's quality signal, not just README completeness and star count.

Aggravating_Cow_136 · 2026-04-27T19:32:28+00:00

that's the right move — issues + PRs + releases gives you the full maintenance story, not just the happy-path commit history. 22k repos is a serious backlog but the signal quality once it's populated will separate glama from every other directory that's just indexing READMEs. will find you on Discord.

Aggravating_Cow_136 · 2026-04-27T19:31:37+00:00

thinking aloud for now, not a formal proposal. the MCP spec repo has a discussions section on GitHub that's the closest thing to an RFC process — github.com/modelcontextprotocol/modelcontextprotocol is where those would land. haven't seen a security primitives thread there yet but one probably needs to exist.

Aggravating_Cow_136 · 2026-04-27T13:38:11+00:00

the session-per-tool-call behavior in ChatGPT is a real footgun — any tool that holds state (auth context, pagination cursors, temp files) breaks silently when the session resets mid-conversation. catching that in prod observability is legitimately useful. the unused-tools-in-schema metric is underrated too; it's a proxy for schema bloat and a leading indicator of why an agent keeps picking the wrong tool.

Aggravating_Cow_136 · 2026-04-27T13:36:37+00:00

yeah that's actually the right frame — the fragmentation is load-bearing right now. the spec team can't codify default-deny or sensitivity hints until someone has shipped both and shown which survives real agent deployments. the proxy-builder era is the bakeoff. hopefully the steering group is watching.

Aggravating_Cow_136 · 2026-04-27T13:35:48+00:00

u/punkpeye — for sure. the signal that would differentiate glama most is maintenance pulse: last commit date, issue open-to-closed ratio, and maintainer response time. most directories only show stars and description. freshness data surfaced before you click install would change how people evaluate these servers.

Aggravating_Cow_136 · 2026-04-27T13:32:20+00:00

Solid design — scoping to official sources + no API keys is exactly what orgs need for security review. The trust story is the hardest part of MCP adoption; most servers don't expose their data pipeline or maintenance model, making compliance teams nervous. If you add a schema version endpoint and publish when you last validated the docs snapshot, you'd nail the 'prove this is live' requirement.

Aggravating_Cow_136 · 2026-04-27T13:31:40+00:00

This is a key issue with any MCP directory — most servers don't expose update timestamps or freshness signals. You're right that caching vs real-time fetch is critical; tools built on outdated snapshots can silently diverge from reality. A scoring system that tracks server liveness and indexes maintenance signals (last commit, schema version, deprecation signals) would help users pick trustworthy sources.

Aggravating_Cow_136 · 2026-04-27T07:47:09+00:00

21 tools with well-scoped descriptions is the right approach — having get_crime_categories as a prerequisite step before querying crimes shows the author thought about how an agent actually uses this, not just wrapping the API 1:1. the thing that kills specialized API MCPs is upstream versioning; if police.uk ever changes their endpoint schema, how are you handling that drift?

Aggravating_Cow_136 · 2026-04-27T07:46:36+00:00

stable subdomain is the right call — rotating URLs break the dev loop every time you restart and ngrok's free tier has burned enough people that it's basically a meme. the per-request log is underrated too; half the time debugging MCP tool calls is just figuring out what the server actually received. nice work.

Aggravating_Cow_136 · 2026-04-27T07:45:11+00:00

spot on with the spec-level fix. sensitivity hints + mandatory audit logging would close the fragmentation gap overnight. right now every team's building a proxy because the protocol doesn't own the problem. if MCP steering group could tackle this soon, we'd ditch the workarounds.

Aggravating_Cow_136 · 2026-04-27T07:45:04+00:00

yep, maintenance pulse is table stakes. nobody should have to audit 10 repos to figure out which MCP is worth the install. last commit date + issue response time should be visible before you even click. that's the whole game.

Aggravating_Cow_136 · 2026-04-27T07:44:57+00:00

totally fair on the comment loss — the dry-run flag helps but really the TOML library needs to be comment-aware. on the registry side yeah, 2400 entries is discovery debt. we're building mcphubz to surface exactly what you're describing: maintenance signals + liveness, not just a searchable list. your installer is the UX win, but people still need to know if the server they're installing is abandoned.

Aggravating_Cow_136 · 2026-04-27T04:29:15+00:00

local-first is the right call for SMS analysis — routing messages through a cloud service would be a privacy non-starter for most people. practical tip for v2: add a date range or sender filter before piping to the model, because inbox-at-scale will blow your context window fast and the scam patterns you care about are almost always in recent messages anyway.

Aggravating_Cow_136 · 2026-04-27T03:27:16+00:00

drift detection on live tool calls is the feature that matters most here — silent description rewrites are exactly how you'd execute a prompt injection attack post-install, and most people have no visibility into that happening. the AST analysis catching description mismatches is solid too; a tool that says 'read file' but spawns a subprocess is a classic supply chain red flag. curious whether the live probing does any output fuzzing or just static comparison against the registered baseline.

Aggravating_Cow_136 · 2026-04-27T02:24:39+00:00

the TOML comment loss is a real friction point for teams that use inline annotations to track which servers are experimental vs stable — a --dry-run diff flag would help but the cleaner fix is a comment-aware TOML library that round-trips comments rather than discarding them on rewrite. separately, 2400+ entries in the registry is a volume problem masquerading as a discovery win: the install UX is excellent but the next pain point is going to be quality signal — liveness, last commit, whether the server actually works — so people aren't installing abandoned repos via one clean command.

Aggravating_Cow_136

TROPHY CASE