{"id":488,"date":"2025-11-03T05:40:30","date_gmt":"2025-11-03T05:40:30","guid":{"rendered":"https:\/\/blog.adlington.fr\/index.php\/2025\/11\/03\/mcp-as-secure-gateway\/"},"modified":"2025-11-16T11:24:31","modified_gmt":"2025-11-16T11:24:31","slug":"mcp-as-secure-gateway","status":"publish","type":"post","link":"https:\/\/blog.adlington.fr\/index.php\/2025\/11\/03\/mcp-as-secure-gateway\/","title":{"rendered":"MCP as Secure Gateway"},"content":{"rendered":"<blockquote><p>Instead of a bloated API, an MCP should be a simple, secure gateway that provides a few powerful, high-level tools:<\/p>\n<p>download_raw_data(filters&#8230;)<br \/>\ntake_sensitive_gated_action(args&#8230;)<br \/>\nexecute_code_in_environment_with_state(code&#8230;)<br \/>\nIn this model, MCP&#8217;s job isn&#8217;t to abstract reality for the agent; its job is to manage the auth, networking, and security boundaries and then get out of the way.<\/p>\n<p>This makes a lot of sense to me. Most of my MCP usage with coding agents like Claude Code has been replaced by custom shell scripts for it to execute, but there&#8217;s still a useful role for MCP in helping the agent access secure resources in a controlled way.<br \/>\n\u2014 Read on <a href=\"https:\/\/simonwillison.net\/2025\/Nov\/2\/how-i-use-every-claude-code-feature\/\">simonwillison.net\/2025\/Nov\/2\/how-i-use-every-claude-code-feature\/<\/a><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Instead of a bloated API, an MCP should be a simple, secure gateway that provides a few powerful, high-level tools: download_raw_data(filters&#8230;) take_sensitive_gated_action(args&#8230;) execute_code_in_environment_with_state(code&#8230;) In this model, MCP&#8217;s job isn&#8217;t to abstract reality for the agent; its job is to manage the auth, networking, and security boundaries and then get out of the way. This makes [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[5,24,27,25,26],"class_list":["post-488","post","type-post","status-publish","format-standard","hentry","category-blog","tag-ai","tag-computing","tag-context","tag-mcp","tag-security"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/posts\/488","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/comments?post=488"}],"version-history":[{"count":1,"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/posts\/488\/revisions"}],"predecessor-version":[{"id":508,"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/posts\/488\/revisions\/508"}],"wp:attachment":[{"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/media?parent=488"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/categories?post=488"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.adlington.fr\/index.php\/wp-json\/wp\/v2\/tags?post=488"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}