u/Drowning_2025

​

Been running MCP in prod for a while now and request-level auth is mostly solved. You scope tokens per server with Resource Indicators and validate audience on every call. What still bugs me is that OAuth can confirm each individual call is authorized but it can't tell you whether the full sequence of tool calls the agent is chaining together is actually legitimate behavior. An agent chaining five legitimate tools in the right order can produce an outcome no one intended to permit.

Put a gateway in front of our MCP servers to evaluate requests with context from what came before. It's more infrastructure than I'd like but nothing else really fits.

Curious how others are handling this, and also how you prevent tokens from leaking into model context.

Legit question, because I was failing miserably. Between the local train commute and year-end pressure, my flat was starting to look like a godown. I tried keeping a regular maid, but the morning 7 AM doorbell was killing my sleep, and then she’d take random leaves anyway.

I finally started using Snabbit last week and honestly, it’s a game changer for my mental health. Now, I don’t worry about a fixed timing. I just book it on the app while I’m leaving the office, and by the time I reach my building, the professional is already there.

The best part is I don’t have to manage them. They come, they’re super professional, they do the dishes/mopping in like mins, and they're out. It feels so much more organized than the traditional way. I actually got a full 8 hours of sleep today because I didn't have to wake up early to let a maid in. If you’re struggling with “adulting" chores like I was, definitely give this a shot. It’s worth every rupee just for the peace of mind. #MakeSnabbitAHabbit