Forum Posts Feed
AI-infused
View this topic | Back to topic list
Posted by eastgate
Sep 29, 2025 at 02:45 PM
There comes a point — and we are at that point right here — where this becomes merely speaking of fear, uncertainty, and doubt. This forum is typically better than this.
MCP is very simple.
TRANSPORT: An MCP server, such as Tinderbox, reads from stdin and writes to stdout. There’s *no* security risk here; if the bad guys can fiddle with stdin and stdout, they own the entire system already. (There’s also a https variant, but that’s irrelevant here.)
PAYLOAD: The rest of MCP concerns what messages the client (such as Claude Desktop) sends, and how the server responds. These are really quite straightforward. For example, the client can ask “What tools do you offer?”, and the server sends back a list of tools with the name, description, and arguments for each tool. Sure, I might have done things a little bit differently here, but I always feel that way, and so, probably, do you. It’s fine.
Now, let’s look at some little things we can do with MCP that would be a pain in the neck without it.
* A user — a senior German academic — has a hunk of XML that represents a pile of attributes and their values. He wants to parse this into a Tinderbox note, creating user attributes as required. The standard approaches might include (a) request a new Tinderbox operator that converts the XML object to a Tinderbox dictionary; (b) use regular expressions in Tinderbox actions to break up the XML and extract the juicy bits; (c) convert the XML to an intermediate format that’s easier for Tinderbox’s stream operators to parse; or (d) convert the XML to the corresponding JSON, because Tinderbox does have a JSON operator.
This is easy enough for the technically proficient, but plenty of smart people don’t really know enough to do this comfortably.
Instead, we could ask Claude to reformat the XML to a simple textual list. This is boring work, but it’s the sort of work LLMs can do. And if the LLM tries to shirk the job or botches it, you’re likely to notice immediately.
* I’m writing a book. I’ve got a resource I want to add to my reference database. Bookends imports RIS/Endnotes, which most digital libraries support. But *this* library only provides BibTeX. Best Answer: add BibTeX to Tinderbox: an easy three-day job for me, challenging for me, but challenging for most people. OK Answer: Ask Claude to convert this BibTeX to RIS, and import the RIS. If it’s right, we’re done. If Claude botches it or invents some other hunk of RIS, it won’t import or the imported reference will refer to the Audubon with the errata on page 23, not the Cognitive Architectures for Language Agents paper you were expecting.
* Ben Shneiderman and his AI list are quite engaged by a recent paper by Floridi on the relationship between Scope and Confidence in computational results. Floridi uses a construct known as Kolmogorov Complexity, of which I have never heard. “Does everyone else know this?” I ask myself. “Is it sound, or cranky?” Old answer: call a few mathematicians and ask them. But lots of people don’t have a lot of math professors on speed dial. Ask Claude, and in minutes you can have a pile of references from a range of fields, and an explanation of why you haven’t heard it before. Yes: it might all be fabulation, but I’ll find out as soon as I read those references.
Can we please stop with the emotional appeals for and against AI — we’ve been doing that since Asimov and Phillip K. Dick — and think about what we can do with the tools?
MadaboutDana wrote:
But at the same time, there is a huge amount of security expertise out
>there nowadays (one of my family members works as a high-level software
>in banking security – a real laugh a minute!), and it does appear
>that whoever put MCP together didn’t take the time to consult the
>really experienced experts in anything like enough detail.