I had evaluated fnox. However you have a dependency of encryption/decryption.
So imagine the use case where you need to roll out a password change to 10 repos or offboard an engineer from the team.
In either case, the touch point now becomes 10 repos which need to be co-ordinated against.
Now imagine doing this at scale, you need to migrate password stores entirely. Not that it happens often, however I have been at start-ups where we moved from one cloud provider to another because we gained better discounts on contracts. The password store migration then would be an effort vs just updating 1 line in registry and it resolves.
Similarly user offboarding is handled by IAM permission as well, as soon as the user access is revoked the secret resolution is gone.
Thank you for bringing up fnox and mise. This was something I had evaluated and even written about in the security threat model. :)
it's middleware between you and Claude. a python program that computes emotional state through math — mood, trust, personality — and passes numbers to Claude instead of personality prompts. Claude sees "trust=0.95" not "be caring". the state evolves on its own even when nobody's talking.
well if you read this you will know that progressive disclosure is actually now possible with MCP... well it always has been as a pattern in the spec - but claude code actually honours the spec as of Jan 2026... so there is no bloat baby
Yeah, I'm well aware of the pattern, and I'm aware of the Cloudflare code paper and I know that the overhead of MCP is still unneeded because you still have to have those open HTTP connections or local connections or whatever the case is. Those are completely unnecessary when your harness can use a tool like a CLI. It's way more efficient. You can explain it in less tokens or you can type script out the entire primitive so that you don't need the overhead.
I still don't see it. I appreciate that you do and that you made a product to deal with it but I just think it's still a bad pattern.
tbh the whole code mode thing is actually kind of what were doing with commandable mcp.
The agent is essentially given a sandbox to write abitrary code against an API, with the users credentials for that api stored securly...
The pattern i assumed is that the agent would then 'save' this code as a tool to reuse later...
But youve got me thinking - maybe commandable should be more just like full code mode every time - every tool call be a new custom script written right then and executed immediately.
Maybe 'saving' those actions for later is just something the agent could do if it needs it more frequently...
reply