Joined May 2016
- Tweets 2,765
- Following 486
- Followers 808
- Likes 2,683
305 Photos and videos
Pinned Tweet
mcp-grpc-transport is now on npm (v0.1.0).
Pluggable gRPC transport for MCP that supports:
- Full protobuf surface (ListTools, CallTool, streaming ops, pagination, cancellation)
- Bidirectional Mcp.Session stream (NDJSON compatibility)
- gRPC health checking optional server reflection
- TLS/mTLS via env vars
- Interceptors and custom options
This is the transport many teams have been waiting for, especially those already running gRPC microservices.
If you’re building production MCP servers and already operate in a gRPC-heavy environment, this should feel like a natural fit. It also pairs excellently with unified MCP servers that embed optimized internal layers (like GraphQL proxies for token efficiency).
Installation & basic usage is straightforward (see code snippet in comments or npm page).
One-liner integration via maybeStartGrpcMcpServer({ createMcpServer }).
Perfect drop-in for teams tired of JSON serialization overhead or wanting native mesh routing.
Docs & examples on the npm page. Built as part of the ClawQL stack but completely generic.
Try it with ClawQL (now unified single-process) or your own MCP server. Feedback, issues, and contributions welcome.
Repo: github.com/danielsmithdevelo…
npm: npmjs.com/package/mcp-grpc-t…
Feedback, bug reports, and PRs are very welcome. Let’s make MCP even more cloud-native and production-ready together.
#MCP #gRPC #AI #AgenticAI #TypeScript #Kubernetes #EnterpriseAI
3
2
7
1,555
New Mr Beest challenge:
Last bee holding on gets to keep the plane
39
This is absolutely amazing 🙏🏻
Jun 10
JUST IN: Florida hospital reveals Palantir software has cut sepsis deaths by more than half since it was installed.
13
This is why you secure the capabilities, not the agent. The agent itself should not be where you handle these restrictions.
Secure environments with principle of least privilege regarding tool access and permissions.
Lots of great topics to start with:
docs.clawql.com/security/bes…
Jun 10
NEW: malware developers added nuclear & biological weapons text to to their spyware.
Goal? To trigger LLM safety refusals... so that their spyware wouldn't be analyzed by an AI security scanner.
Cleanest practical example I can think of for why over-indexing on first order safety alignment is risky.
When closed (and open) models ship with aggressive refusals, they will be sprinkled with second-order blindspots that attackers will discover...and exploit.
We are only in the earliest days of attackers leveraging these features, and it wouldn't surprise me if users systems that need to handle complex cybersecurity issues demand that models be less safety-blunted.
In the weeds: @SocketSecurity's post also shows why intention matters in how you design a malware analysis pipeline to avoid prompt manipulation.
H/T to colleagues that shared this with me socket.dev/blog/mini-shai-hu…
25
Daniel Smith | Building ClawQL Agents retweeted
Jun 10
NEW: malware developers added nuclear & biological weapons text to to their spyware.
Goal? To trigger LLM safety refusals... so that their spyware wouldn't be analyzed by an AI security scanner.
Cleanest practical example I can think of for why over-indexing on first order safety alignment is risky.
When closed (and open) models ship with aggressive refusals, they will be sprinkled with second-order blindspots that attackers will discover...and exploit.
We are only in the earliest days of attackers leveraging these features, and it wouldn't surprise me if users systems that need to handle complex cybersecurity issues demand that models be less safety-blunted.
In the weeds: @SocketSecurity's post also shows why intention matters in how you design a malware analysis pipeline to avoid prompt manipulation.
H/T to colleagues that shared this with me socket.dev/blog/mini-shai-hu…
227
2,158
12,654
1,548,574
Anyone looking at self improving agent loops needs to be familiar with ouroboros
Amazing stuff from @JqOnly
It uses a multi-phase evolutionary loop with a philosophical approach at its core. It’s meant to not loop forever but until it converges or detects stagnation. Pragmatic
Ouroboros v0.41.0 Release
Run it anywhere, and trust what it ships
1. Pi is now a first-class Ouroboros runtime (Finally!!)
2. Ouroboros has always opened with a single questioner. Now that questioner has a panel. Milestone lateral review is promoted from a non-blocking advisory to a required lightweight subagent pass at exactly the moments hidden assumptions start to bite.
3. The more autonomous the loop, the more its "done" has to mean done. This release makes the verifier's decision typed, auditable, and policy-routed (I believe this looks like real Agent OS)
github.com/Q00/ouroboros/rel…
1
1
3
738
Pretending to care about web3 and lying about dropping out of a PHD program when you don’t even have a bachelors is surely a couple of extremely exhausting lies to keep up.
Go to sleep Charles. Let the real builders focus on pushing web3 forward. We’ll be fine without you here.
I'm taking a break. TTYL
53
Daniel Smith | Building ClawQL Agents retweeted
vendoring is so back baby
Jun 3
I really believed a whole generation of developers, who only know open source from npm and pypi, miss how open source actually used to work.
When Debian or a Linux distribution ships a dependency they take responsibility of it. If there is a security issue and it’s not fixed by the developer upstream, they fix it for their users.
Debian and others basically vendor every thing they distribute. They honor the license and they maintain patches. Most of the stuff that you get from your Linux distribution is basically a (small) fork.
The same is true for Apple, Microsoft and others. The open source software they ship, they carry that responsibility.
That doesn’t mean that security fixes are not upstreamed, but Apple or Debian or anyone else won’t jump in Twitter to shame a developer into compliance with their ways. They are not dependent on the health of a packaging infrastructure. They own their software including all the things it depends on.
I want that thinking back. Because it fundamentally makes people feel more responsibility and it shares the burden of issues. It also does not put so much focus and attention on the one overworked developer who just happened to have too much of the world depend on their library. Remember: they carry a responsibility they never signed up to and they never got compensated for.
7
2
84
5,556
Daniel Smith | Building ClawQL Agents retweeted
Jun 3
I really believed a whole generation of developers, who only know open source from npm and pypi, miss how open source actually used to work.
When Debian or a Linux distribution ships a dependency they take responsibility of it. If there is a security issue and it’s not fixed by the developer upstream, they fix it for their users.
Debian and others basically vendor every thing they distribute. They honor the license and they maintain patches. Most of the stuff that you get from your Linux distribution is basically a (small) fork.
The same is true for Apple, Microsoft and others. The open source software they ship, they carry that responsibility.
That doesn’t mean that security fixes are not upstreamed, but Apple or Debian or anyone else won’t jump in Twitter to shame a developer into compliance with their ways. They are not dependent on the health of a packaging infrastructure. They own their software including all the things it depends on.
I want that thinking back. Because it fundamentally makes people feel more responsibility and it shares the burden of issues. It also does not put so much focus and attention on the one overworked developer who just happened to have too much of the world depend on their library. Remember: they carry a responsibility they never signed up to and they never got compensated for.
22
91
940
52,810
There is no silver bullet. You layer in the best defenses you can but focus needs to be on mitigation of the impact
Simulate beforehand. How quickly can you detect and recover from a compromise? What controls are in place to patch and rollout fixes and how quickly can you do so?
Jun 3
My best advice for AI agent security is to not trust anyone who claims they know how to solve AI agent security.
There are so many hard problems in this space, and anyone who claims otherwise doesn't know what they're doing.
24
Yes this is where everyone installs @ClawQL for the token savings
It uses code mode to abstract token bloat in context plus a graphql layer that trims the output tokens to exclusively what’s needed
This means lower token usage/cost & more importantly better performance too 🍻🫡
they should do it as per-diem and you get to keep what you don't use if they actually want to see people use ai effectively.
33
If y’all want to see what an MCP done right looks like then check out @ClawQL
Built around codemode with graphql layer to trim token payloads. Saves cost and improves performance.
Search/Execute for any API
Cache short term info
Memory for long term info
Heavy defense-in-depth
Jun 2
Satya talking on stage about MCP is so validating when so many of you people said MCP was dead.
48
Daniel Smith | Building ClawQL Agents retweeted
May 31
I’ve mentioned this before: this is one of the oncoming trains for corp-security. We’ve long failed at least-privilege, but weren’t often punished for it.
Helen in HR (or Bob in accounts) didn’t know what to do with the extra perms they didn’t know they had.
Their agents will.
24
197
2,426
163,558
Honestly yes. The way AI first workflows have changed over the years, this is the ideal time for this type of feature. iPhone was made was to allow per-app customization and experiences not tied to a fixed keyboard. This brings that vision back again at the right time for it tbh.
May 29
The touchbar was too early and didn't deserve to die, it deserved an LLM.
Static shortcut buttons were the wrong bet.
Imagine buttons that rewrite themselves based on whatever you're doing, that's the keyboard that feels right for an AI-native Mac.
1
113
Daniel Smith | Building ClawQL Agents retweeted
May 28
Non-cyber people will be like "damn cybersecurity is crazy right now" and then two days later post "gotta give your agent access to prod or you're ngmi."
They don't see the connection between these things, and that's why cybersecurity is hard.
22
21
201
5,743
I’m trying to put together the most comprehensive “don’t let your agent get compromised” and “mitigate the effects of agent compromise” security guide I can
Meanwhile the idiots at YC are literally giving direct access to their production DBs and calling it trust-by-default
Wtf
May 27
One night I quietly gave our AI agent full access to YC's production database. It made the agent 10x more useful. That's what convinced me that trust-by-default is the only way to get the most out of agents.
2
74
Man goes to doctor. Says he's depressed about AI. He fears the permanent underclass.
Doctor says, "Treatment is simple. Read Gary Marcus. LLMs are stochastic parrots—they can't reason out of distribution."
Man bursts into tears. "But doctor..." he says, "I am in distribution!"
66
348
5,248
226,240
Daniel Smith | Building ClawQL Agents retweeted
May 25
The biggest threat AI poses to cybersecurity isn't the vulnerability apocalypse. It's that it’s now trivially cheap for security vendors to build products that look like they work but don’t.
The real threat actors are the unethical vendors we met along the way.
40
39
312
12,520
It’s time to bring back LeetCode
I’m not kidding either. LeetCode grinding is the exact kind of mental workout we need to supplement the deterioration
And I don’t mean literally LeetCode itself but I do mean go and challenge your brain for a bit and think through hard puzzles🧠
May 22
Ok, confession time: I use agentic coding *all the time* and *every day*. And have been doing so for many months.
I am *terrified* of skill deterioration on my side. I see the studies, I can feel it myself. The agents make me much more productive, but I feel I need to force...
1
1
93
Passkeys are rolling out everywhere but many still don’t understand how they work.
Here’s a technical breakdown going over FIDO2/WebAuthn, public-key crypto, comparisons to TOTP, YubiKey, and biometrics, plus real trade-offs
Bit technical but we should know how passkeys work🙏🏻
May 21
Passkeys just showed up one day and the general public has absolutely no clue what they are nor how they work.
1
1
116
Business wins:
Fewer support tickets, higher conversion, better compliance.
Users love the seamless biometric flow.
Adoption doubling year-over-year in many ecosystems.
1
13
Practical Advice:
• Create passkeys on supported accounts
• For high-security: Pair with YubiKey password manager.
• Use synced passkeys via your ecosystem
Passkeys aren’t perfect everywhere yet, but they’re the biggest leap in auth since 2FA
The future is passwordless 🫡
1
1
41