The hottest Standards Substack posts right now

And their main takeaways
Category
Top Culture Topics

Using MCP Tools Inside Workflows

The API Changelog • 0 implied HN points • 28 Nov 25
đź•ą Technology Standards
  1. MCP is a standardized way to expose capabilities using JSON-RPC, so it talks about operations (not resources) and is easier to discover and consume than vague REST APIs.
  2. You can call MCP tools from workflows by making JSON-RPC requests, initializing a session to get the mcp-session-id, and mapping each tool's inputSchema to workflow inputs; outputs may be structured or unstructured and might need parsing.
  3. Putting MCP tools into workflows gives predictable, traceable, and more secure execution with easier debugging and reliability, though adapting unstructured tool outputs to procedural steps has some implementation cost.

2025 Podcast Roundup

ciamweekly • 0 implied HN points • 05 Jan 26
đź•ą Technology Standards
  1. There’s no single perfect authentication solution—organizations must support multiple methods like passwords, passkeys, magic links, OTPs, and MFA to meet different user needs. Passkeys offer big security gains but still have UX and implementation friction, while magic links and OTPs face deliverability and browser issues, and shared password managers can introduce new risks.
  2. AI agents are fast and unpredictable and become dangerous when they can access private data, read untrusted content, and communicate externally. Treat agents like users: apply least privilege, separate access for subagents and tools, and build on existing standards (like OAuth/MCP) for authentication and authorization.
  3. A good developer environment is fast and low-latency, and many teams prefer local-first setups for quicker feedback and more direct security control. Make security part of the workflow by adding useful tests and developer-friendly security tools so they get used without slowing developers down.