-
Beta Was this translation helpful? Give feedback.
Replies: 7 comments
-
|
My take: inline tools should be the default for Texera-native actions; MCP is for third-party systems. MCP earns its overhead when you integrate a system you don't own — e.g. a stock-market feed in a finance app — where you consume someone else's server instead of writing tools yourself. But our agent tools are thin adapters over our own REST endpoints. Putting an MCP boundary between our agent and our own API just adds a hop and a service to maintain, with no ownership line to justify it. Proposal: make the endpoints themselves agent-ready, so adding a tool is zero extra effort. Instead of hand-writing a tool wrapper in // 1) Endpoint declares its agent metadata next to the JAX-RS annotations.
@AgentTool(
name = "list_datasets",
description = "List datasets the current user can access. Use before wiring data into a workflow."
)
@GET @Path("/list")
@Produces(Array(MediaType.APPLICATION_JSON))
def listDatasets(
@AgentParam("Filter by visibility: all | public | private", required = false)
@QueryParam("visibility") visibility: String = "all",
@Auth user: SessionUser // injected context — NOT exposed to the agent
): List[DashboardDataset]A registry scans these at startup and serves a manifest at // 2) One adapter registers every annotated endpoint — no per-tool file.
for (const t of await fetchAgentToolManifest()) {
tools[t.name] = tool({
description: t.description,
inputSchema: jsonSchema(t.inputSchema),
execute: (args, { abortSignal }) =>
callBackend(t.http, args, { token: userToken, abortSignal }),
});
}Net effect: a new agent capability = an endpoint + two annotations. No new TS file, no hand-synced schema, descriptions live with the code, and auth/context params are filtered out automatically. (Sketch to frame the idea, not a finished design — open to iterating on the annotation surface and how read-only vs. side-effecting tools get gated.) |
Beta Was this translation helpful? Give feedback.
-
|
Hello new to the discussions here, I’d be cautious with server-side MCP sessions. SEP-2567 removes Mcp-Session-Id and pushes MCP toward explicit handles returned by tools and passed back as arguments. For Texera, that maps naturally: workflows already live in the backend under workflowId, so tools can take workflowId/computingUnitId handles instead of relying on MCP session state. The MCP server should expose those handles clearly, while the agent or AI consumer layer should be responsible for threading them through subsequent calls. This is similar to the pattern we are using in AsterixDB (MCP) async query API: return a handle, let the client use it later, and keep the protocol layer stateless so follow-up requests don’t depend on sticky routing or a shared session store. One nuance I’d add is that we should separate workflow state from conversation state. Texera should remain the source of truth for durable workflow/execution state through handles like workflowId, computingUnitId, and possibly executionId; the agent/client layer should be responsible for remembering and passing those handles through later calls. That keeps the MCP server (if we decide to go this direction) stateless without making the agent’s context implicit or hidden. |
Beta Was this translation helpful? Give feedback.
-
|
@aicam To help the discussion, please add related visual diagrams. |
Beta Was this translation helpful? Give feedback.
-
|
@bobbai00 what is your idea? |
Beta Was this translation helpful? Give feedback.
-
|
@bobbai00 Please chime in. |
Beta Was this translation helpful? Give feedback.
-
|
After looking into this topic, I support @aicam 's proposal of "inline tools should be the default for Texera-native actions; MCP is for third-party systems." for its simplicity on the software architecture and code implementation. MCP indeed serves as a different purpose |
Beta Was this translation helpful? Give feedback.
-
|
I would avoid making the split purely "owned system = inline, third-party system = MCP." Ownership matters, but the more useful boundary is whether the capability needs to be reused, governed, audited, or executed outside one agent conversation. For Texera, I would keep the truly live working-copy operations inline at first. If the agent is doing speculative graph editing against an in-memory DAG, inline tools have a real advantage: lower latency, direct access to conversation-local state, and fewer protocol questions about who owns a draft workflow that may never be saved. The pieces I would move toward an MCP-shaped boundary are the durable or shareable ones:
That gives other MCP clients something useful without forcing the MCP server to become the owner of transient conversation state. I would also be careful with "one REST endpoint = one MCP tool." That usually mirrors the backend too closely and makes the model spend tokens rediscovering product workflow. A better split is by operational intent and audit boundary: read catalog metadata, propose or validate a workflow change, start execution, fetch execution evidence. Side-effecting tools should be especially explicit about resource handle, action class, idempotency key, and the receipt they return. On auth and governance, centralizing through So my bias would be a hybrid path: keep draft graph mutation inline, expose durable read/execution surfaces through MCP, and make every state transition return handles that the agent must pass explicitly. That preserves the simple path while leaving a clean surface for IDEs, Claude Desktop/Cursor-style clients, and future policy/audit integrations. Disclosure: I work on Armorer Labs. |
Beta Was this translation helpful? Give feedback.

After looking into this topic, I support @aicam 's proposal of "inline tools should be the default for Texera-native actions; MCP is for third-party systems." for its simplicity on the software architecture and code implementation. MCP indeed serves as a different purpose