undefined | Better HN

0 pointshinkley11mo ago0 comments

Doesn’t “behind an api” still have Bobby Tables problems?

How do I put it behind an API without dumbing it down to inutility?

0 comments

On the "bobby tables" thing, my point is basically that all the same rules for API services still applies. You still have to sanitize sql and all the other stuff we've already been doing for decades.

> How do I put it behind an API without dumbing it down to inutility?

I dunno, I'm still feeling this out and just asking honest questions. But so far, most of the MCP functions I've seen have struck me as "this could be done behind an auto-generated RPC service running in a sandboxed environment".

j / k navigate · click thread line to collapse

0 pointshinkley11mo ago0 comments

Doesn’t “behind an api” still have Bobby Tables problems?

How do I put it behind an API without dumbing it down to inutility?

0 comments

sanderjd11mo ago

On the "bobby tables" thing, my point is basically that all the same rules for API services still applies. You still have to sanitize sql and all the other stuff we've already been doing for decades.

> How do I put it behind an API without dumbing it down to inutility?

j / k navigate · click thread line to collapse