The Toolhive team just added semantic search for MCP tool usage. Intent is to drive down tool pollution and improve performance for agents. Check it out:

dev.to/stacklok/cut...

Was just installing OpenAI Atlas on my Mac and it asked for Bluetooth access. Have I just watched too much Black Mirror, or is this indeed cause enough to abandon ship?

PSA: Out of an abundance of caution we rebuilt all Toolhive MCP images in response to the npm chalk and debug npm package exploit. Practically container isolation would significantly mitigate the impact regardless.

Reminder: friends don’t let friends npx run random shit off the internet

I could probably be persuaded…

The Toolhive team just dropped a major release that includes a slick client app to support the path for production MCP server hosting. Check it out at toolhive.dev

The @stacklok.com crew has been thinking a lot recently about multi-tenant MCP service auth* and task delegation.

I imagine a lot of folks out there are jamming on the same problem. Would love to chat if you are…

dev.to/stacklok/tok...

Definitely an area we are focusing on:

dev.to/stacklok/who...

Check out our new labs project ToolHive to streamline MCP server hosting. We are trying out ideas to make using MCP servers simpler, safer and friendlier.

www.linkedin.com/pulse/introd...

Agentic systems are amazing, but you would be right to be a bit nervous about the security implications. The Codegate team is working hard to bring clean, invisible, local and perhaps most significantly community friendly controls so that you can use these tools with confidence.

Fun video featuring Codegate: youtu.be/mcEcJ_QgYLw

Nice article on @thenewstack.io about Codegate: thenewstack.io/codegate-ope...

Super excited to announce codegate.ai.

Docker run your way to a local security and privacy solution for codegen tools.

Oh, it is also OSS.

I wish managers would stop thinking about their relationship with employees through the lens of finite game theory. The median tenure of employees in the US public sector is 3.9 years. West Coast tech is probably 1-2 years. Great relationships span decades. See the human being and invest in them.

This is the way.

Mainframe era: Vertically integrated; closed system
Client server era: open(ish) ecosystem on two monopolies (Intel/Microsoft).
Cloud era: Vertically integrated with ecosystem as a neccessary afterthought.
GenAI era: ?

I vote for open ecosystem.

I liked the ecosystem centric flavor of AWS’s GenAI announcements this week. More energy spent on unlocking partners, providing better picks and shovels and unlocking data access to GenAI than on the simply slogging it out with Meta, Alphabet, et al on FMs and direct integration.

As a manager, always provide feedback in the moment. Never in the heat of the moment.

Yeah, marketing…

12 months later, still too goddam difficult.

Join us today at 10am ET / 3pm GMT for another edition of #MinderMonday. In this episode we'll dive into writing rules and profiles in the @openssf.org sandbox project #Minder with Juan Antonio "Ozz" Osorio.

📺 See you there!

youtube.com/live/eXp0nyd...

Why is naming so goddam difficult?

Looks amazing!

Exciting times ahead! Today marks the birth of Stacklok, where innovation and security meets purpose. We're on a mission to secure software supply chains, with the way we know best, open source technologies! https://www.stacklok.com/post/stacklok-has-launched