Sometimes a single comment says more than a whole whitepaper. On June 19, Simon Willison highlighted a remark by Sean Lynch from a Hacker News thread that I haven’t been able to shake since: the real value MCP offers over Skills or a simple CLI is isolating the auth flow outside the agent’s context window — and ideally out of the harness the model runs in entirely.
The provocative version
Lynch takes the conclusion even further: maybe the idealized form of MCP is just an auth gateway for an API — and nothing else. And even that, he writes, would still be a win.
That’s a bold claim, and it hits a sore spot. For months the community has been debating when you should actually build a full MCP server versus reaching for a leaner Skill — Markdown plus a few scripts — or simply a command-line tool. For a lot of tasks, a complete MCP server feels like overkill. Skills are lighter, faster to write, and need no server infrastructure of their own.
Why the auth point lands so hard
What often gets lost in the comparison: authentication is the genuinely hard part. Tokens, OAuth flows, secrets — none of that belongs in the model’s context window, where it could be logged, leaked, or extracted by a poisoned prompt. This is exactly where MCP plays to its strength: it can wrap the login in a place the agent never gets to see.
Frame it that way and you get a surprisingly clean division of labor. MCP handles what it does best — the secure bridge to the outside world and to credentials. Skills and CLI tools handle the actual logic, lightweight and transparent.
My take
I find the idea convincing because it matches my own experience. For lots of small things, I felt the pull of a Skill right away — less overhead, faster to the goal. But the moment real logins entered the picture, it got tricky. Seeing MCP not as a Swiss Army knife for everything, but as a specialized, clean auth layer, takes a lot of the heat out of the eternal “MCP or Skill?” question. Maybe the right answer is, in fact: both — each for what it does best.
Sources: Simon Willison: Sean Lynch on MCP and auth, Hacker News: comment by Sean Lynch