Comment by BeetleB
6 days ago
> These people aren’t doing bash loops, they’re regular non-technical people who just want to use an AI Agent to access services and aggregate data.
Over the last few months, this pattern of discussion has become pervasive on HN.
Point.
Counterpoint.
(Not finding a flaw with the counterpoint) "Yeah, but most people aren't smart enough to do it right."
I see it in every OpenClaw thread. I see it here now.
I also saw it when agents became a thing ("Agents are bad because of the damage they can do!") - yet most of us have gotten over it and happily use them.
If your organization is letting "regular non-technical" people download/use 3rd party MCPs without understanding the consequences, the problem isn't with MCP. As others have pointed out in this thread, you can totally have as secure an MCP server/tool as a sandboxed CLI.
Having said that, I simply don't understand yours (and most of others') examples on how CLI is really any different. If the CLI tool is not properly sandboxed, it's as damaging as an unsecured MCP. Most regular non-technical people don't know how to sandbox. Even where I work, we're told to run certain agentic tools in a sandboxed environment. Yet they haven't set it up to prevent us from running the tools without the sandbox. If my coworker massively screws up, does it make sense for me to say "No, CLI tools are bad!"?
My basic point is: why don't major multimillion dollar companies provide us with a way to limit MCP access? "With this ID, this specific MCP connection can only access database X in read-only mode" or "With this ID, this MCP connection can create new pages under this page, but cannot delete anything or modify pages it didn't create". Very very basic stuff.
I _can_ make a custom CLI, a custom MCP wrapper and whatever else to limit the things agents can access. But why do I need to? Am I the only one in the world who doesn't want to let ChatGPT run wild on our internal Notion without any hard limitations? We pay them ungodly amounts every month for the service and basic safeties aren't included unless we build them in.