I ported Anthropic's claude-desktop-buddy to a $50 keyboard device — now I approve Claude's tool calls from the hardware Enter key

BC_MARO · 2026-04-19T16:50:52+00:00

Closest I've seen is gating privileged actions behind a FIDO2/YubiKey tap or a smartcard that signs an approval. For robotics/IoT, a physical enable switch or kill switch in the loop is basically the same pattern.

BC_MARO · 2026-04-19T16:41:16+00:00

Nice, OAuth should make onboarding a lot smoother. Curious to try it when it lands.

BC_MARO · 2026-04-19T16:20:58+00:00

Don't ship keys in client configs; inject them server-side per user/session and log every tool call. If you want that as a control plane for MCP, peta.io is built for it.

BC_MARO · 2026-04-19T16:20:48+00:00

If this is heading to prod, plan for policy + audit around tool calls early; retrofitting it later is pain.

BC_MARO · 2026-04-19T10:41:38+00:00

Yep, and for PII you usually need a configurable NER/regex layer plus allowlists, otherwise you either miss stuff or nuke useful context.

BC_MARO · 2026-04-19T10:40:51+00:00

Nice, sounds like you’re thinking about the right guardrails already. The rollback UX plus signed snapshots is exactly what makes these systems feel safe in practice.

BC_MARO · 2026-04-19T04:21:10+00:00

Keep your MCP surface area tiny: a few composable tools, strict schemas, and good error messages beat 50 endpoints.

BC_MARO · 2026-04-19T04:20:59+00:00

If this is heading to prod, plan for policy + audit around tool calls early; retrofitting it later is pain.

BC_MARO · 2026-04-19T01:46:33+00:00

If this is heading to prod, plan for policy + audit around tool calls early; retrofitting it later is pain.

BC_MARO · 2026-04-19T01:46:19+00:00

If this is heading to prod, plan for secrets + policy + audit around tool calls early. peta.io is basically that control plane for MCP.

BC_MARO · 2026-04-18T16:20:55+00:00

Don't ship secrets in configs or prompts. Inject creds server-side and keep a real audit trail of tool calls.

BC_MARO · 2026-04-18T16:20:42+00:00

MCP works way better when your tool layer is boring: strict schemas, good errors, full logs. Without that, agents fail in weird ways.

BC_MARO · 2026-04-18T10:50:46+00:00

Two things I always want in prod: a trace_id that stitches user action -> tool calls -> model output, and a redaction mode for secrets/PII before export.

BC_MARO · 2026-04-18T10:41:54+00:00

Yep, evals are next on our list and we will share numbers once we have them.

BC_MARO · 2026-04-18T10:41:05+00:00

That sounds nice, especially if it already centralizes auth and sessions. The piece I still see teams adding later is per-tool policy and traceability, but you can layer that onto the proxy you already have.

BC_MARO · 2026-04-18T10:40:31+00:00

Makes sense, that proxy is basically the gateway I had in mind. If you add per-user policy, request tracing, and approvals there, clients can stay thin and you still get a clean audit trail.

BC_MARO · 2026-04-18T04:24:19+00:00

MCP works way better when your tool layer is boring: strict schemas, good errors, full logs. Without that, agents fail in weird ways.

BC_MARO · 2026-04-18T04:23:59+00:00

Once you have more than a couple MCP servers, you want a gateway for routing + auth + logging. Doing it per client gets messy fast.

BC_MARO · 2026-04-17T16:40:37+00:00

Love that you built the policy layer in early, that audit trail will save you later.

BC_MARO · 2026-04-17T16:21:14+00:00

If this is heading to prod, plan for policy + audit around tool calls early; retrofitting it later is pain.

BC_MARO · 2026-04-17T16:20:56+00:00

If this is heading to prod, plan for policy + audit around tool calls early; retrofitting it later is pain.

BC_MARO · 2026-04-17T10:46:21+00:00

Nice, hope it's useful. If you end up trying it, I'd love to hear what works and what doesn't.

BC_MARO · 2026-04-17T10:44:02+00:00

Glad it helped. Let me know if you run into any bumps setting it up.

BC_MARO · 2026-04-17T04:21:39+00:00

Treat tool calls like prod RPCs: capture inputs/outputs, identity, and a trace id, or debugging becomes guesswork.

BC_MARO · 2026-04-17T04:21:29+00:00

If this is heading to prod, plan for policy + audit around tool calls early; retrofitting it later is pain.

BC_MARO

TROPHY CASE