June 22, 2026
I’m not a developer. Let me say that upfront, because it matters when I say the things I’m about to say. I’ve always had ideas that I could put forth to somebody who can code. But now, because of AI, I can ask it to do things that I can verbally explain, and it can create what I am asking for. That’s one of the reasons I’m so excited about GenAI.
Before the GenAI boom started a few years ago, at ARCAD we had already gone down this road with a product called Discover. We had already tied chat into it, tied it into what’s behind the scenes in our metadata repository. It was an eureka moment: We could ask AI stuff about your application repository and get information out of it.
The GenAI came along, and one of the things that was developed by Anthropic was Model Context Protocol, which is an open protocol and which is a nice way to be LLM agnostic – meaning we don’t have to be an Anthropic shop, or an OpenAI shop, or an Azure OpenAI shop, but we can use the right models and talk to them in the same way. Because when it comes to AI, you will have a variety of different model options. Some models do better at different things. ARCAD has hundreds of APIs already built into its tools. When it comes to AI and tying that information into an ARCAD repository, you get to pick your tools.
I know that things like IBM’s Bob are going to have that same function. And here’s an interesting thing – with the preview model of Bob, you could actually do an export of the chat, and they had the lines in there saying which LLM it was using. That’s no longer there, but people know. They’re relicensing Anthropic Claude, just like Perplexity does. And that’s fine. What matters is being LLM agnostic.
GenAI Is Not Just About The Developer
When most people think about GenAI these days, they think about developers writing code and assembling code that comes from LLMs front-ended with code assistants. But there are other users out there within your organization that can make use of this LLM access into your application history. Your business analyst. Your chief technology officer. Anybody in the C suite can ask questions now to an AI bot and get deterministic outcomes – and this is one of the key things I love, deterministic outcomes – because you are using APIs and MCPs against your real data.
From a business side of things, I tell people: Don’t just think about the developer side of it even if that is obviously the killer app for GenAI. Think about everybody making use of this.
What I Tell People Who Are Just Getting Started
I have people come up to me – at PowerUP, for example – and say they are bringing AI into their shop. I tell them that’s fabulous, and I applaud them for going down that route. But then I ask them: What use case and problem are you trying to solve? And they pause. Because they don’t know what problem or use case they want to solve yet. They just know they see the news every days and AI is everywhere.
So I say, as you’re going through this process of onboarding, think of something you do daily and ask yourself: Is this something where I usually go ask Google? Am I having a hard time writing these fifteen lines of code, just trying to get the syntax right? Am I trying to build this presentation? Those are the things to be thinking about. If you could speed this up and get factual information quickly – that’s your use case.
Let me give you my use case for GenAI. I don’t like the taste of cumin. So for certain recipes, I need a good substitute for cumin – when it’s pork, or chicken, or beef. And ChatGPT or Claude goes out and finds me a good substitute. Sometimes it’s wrong – I can see this isn’t going to work. But other times I get an answer I wouldn’t have thought of that. And that’s the key: I wouldn’t have thought of that.
Think about what that means. When you think of an AI-trained model, the one thing I don’t think people really fully grasp is that the information it’s been trained on is almost instantaneously available. The human brain can’t comprehend holding all that information and accessing it the way an AI engine can. I look at it as a gigantic file cabinet for knowledge.
I created an MCP myself to read IBM i source code for an IBM i connector. I’m not a developer. I did that myself, because I wanted to. That was something I wanted to do. Our MCP server, which is under development now, is going to be doing the same thing, written by developers for developers, and that’s going to be fabulous.
Don’t Let AI Be Your Voice
Here’s another key to using GenAI in business. Don’t let GenAI be your voice. Let it assist your voice.
I do research with the help of GenAI models, and I can do research on something, and I need to find references that pertain to this, and it will go find those references. I knew though the US economy was going to grow at around 3 percent, for instance, but I was wrong, the economic surveys average to 4 percent. That’s the AI research assistant use case. AI is great about knowing things. It does crawl well.
And you look at something and think: Is this going to take me five minutes to code? Then that’s not a problem you reach for AI to solve. But if you need to look through thousands of source code members and find where something is referenced – that’s valuable. Our forthcoming MCP server will help you do that. It can pull it all up and say which version it was changed on. So you know: if I change it here, I’m about to change it in 15 other places. “Hey Claude, I need to update this field, but in doing this, I need to add it to all this other code that you have referenced. Add that line to all these codes.” Boom, done. You hit enter, it goes off and does it. You’ve moved on to your next thing and your AI buddy is doing the hard work. That’s a use case.
The Question Of Security
After playing around with GenAI for a bit, one of the things people finally get around to asking is how secure are the applications that have AI accessing them and enhancing them.
When IBM was trying to make their code assistant for IBM i before Bob was launched, Big Blue asked was for customers to send them their data and send them their source code with explanations to train on. Very few companies are going to do that. Imagine if you are Bank of America and you send in your source code on how you calculate mortgage rates, and Chase Bank queries an LLM and says, “I need to find a better way to calculate mortgage rates” — and that model was trained on Bank of America’s data and applications. You basically just taught them how to do your proprietary work.
Some models allow training based on your subscription. Some you can turn it off, some you can turn it on. When it comes to security, that’s one of the things here at ARCAD that we’re looking at.
We actually had the conversation: Should we even open this up within our MCP server? Is there a security concern? My response was, I would rather us control the security of accessing the application than have a user write their own. I’d rather us control how application data is accessed, because we can guarantee that it’s secure, that only authorized users are using it – versus a developer just writing it to get it done and thinking about the security after the fact. “I need to go back and harden this.” No, you’ve already moved on. It never gets fixed.
We can build that in. We can make it an auditable trail: user X, using this API key, accessed this MCP tool to access this information about your application. They can show auditors that they actually have security. And that’s a big deal. That’s one of the things we’re building into our tools – who’s having access to what. You’ve got an API key, and you can only have it for 30 days. We have 70-plus tools, but you’re going to get these five, because that’s all your job requires. Limiting that access – that’s as important as giving access in the first place.
The ARCAD MCP Server
This is all the ARCAD MCP server. We released it as a tech preview in March – it is fairly new, because we started looking at how we could make this work. The next release, 26.1, is coming out at the end of this month with a whole lot more security features built in and a whole lot more tools as well.
The ARCAD MCP Server ties into the overall ARCAD DevOps suite, but it’s also expanding out to other tools – our Drops for orchestration, our Code Checker for code quality. You will be able to ask the LLM about your code quality from a security standpoint. From Claude Desktop, you’ll be able to ask those questions without having to be in VS Code with a chatbot. That’s the other side of the picture that I don’t think people are seeing: It’s more than just the developer that you’re opening this up to.
So many people are embracing AI – they’re going to write their own, they’re going to figure it out. Let’s control the narrative and the security of how that information is put forth. That’s what’s key.
Here is another thing I always tell people who are starting to embrace AI: When you’re using an MCP written over select data, you remove hallucinations from the LLM because you are giving it real data. It doesn’t have to make stuff up. That is key. That’s the deterministic value of an MCP tied in through an API into real data – the LLM does not have to figure out what comes between A and D. It knows that B and C show up. It doesn’t have to fake it.
Context Is The Key
Here’s one of the things I hear people say: “This is going to kill computer science majors and programming.” No, It’s just evolving. Those computer science majors are now going to become prompt context engineers, and those are people are sometimes going to be philosophy majors, or English majors, or history majors. Because if you phrase a proper context, a proper prompt into an AI, yes, you’re eating some of your context tokens upfront with a little bit longer description of what you need, but you’re taking out the thrashing on the back end.
Take a prompt like “John needs to travel to LA.” What is the model supposed to do with that? Compare this with: “I’ve got a conference in LA on October 15. I need to find some things to do around this hotel. I kind of want to stay away from spicy foods.” Give some context, and you’ll get a much better result. Same thing when it comes to developing code, to asking things about your application, and to asking things about the business.
Coming from a business analyst: “I need to look at our distribution rates between zip code 10101 and 55055. I’m trying to find what products are really being shipped to each one and why they vary so much. Can you do some analysis on those products and those zip codes?” Now it can go read your data and figure out the real things and do those computations for you. Versus: “I’m trying to figure out the difference between these two zip codes and the products that are shipped.” Okay – what do you want me to do with that? Do you want only these products or all the products? How do you want me to find this? Because this is going to be a firehose of data. Refine the data.
In the end, all LLMs are doing is writing basically Python code with SQL and querying that information about your data. That’s really what’s going on in the back end. You can see it doing Python code to do your stuff. Context is key. The prompt is key. But so it the use case, the problem that you are trying to solve.
The IBM i Perspective
We all know that the IBM i community is getting older. You have one or two generations of people that understand the IBM i platform, its databases, and the applications they have running atop of them. And in the future, you’re going to have a whole bunch of people coming in that don’t have a clue. They need to be trained on the fundamentals. Once you have the fundamentals, AI makes total sense and can be a total value win.
And that’s what we’re trying to do at ARCAD. We are trying to keep the fundamentals in place – security authorizations, limitability, auditability of the application. Yes, you can use GenAI to just go write some code and be done. But can you trust what’s coming out of it? But when you have tools to control how the GenAI is being use, you have a little bit more trust in the results that you’re getting. That’s the goal.
Alan Ashley is a DevOps consultant at ARCAD Software.
This content is sponsored by ARCAD Software.
RELATED STORIES
Strategic Topics To Think About For 2026, Part 2
Strategic Topics To Think About For 2026, Part 1
Three Things For IBM i Shops To Consider About DevSecOps
VS Code Will Be The Heart Of The Modern IBM i Platform
Using AI To Derive Application Intelligence And Drive Modernization
ARCAD Discover: Global Application Analysis With An AI Interface
How To Have The Wisdom Of Experts Woven Into Your Code
Untangling Legacy Spaghetti Code To Cook Up Microservices
DevOps Means Using The Tools You Already Have Better
Hybrid Release Management Means Creating An Application Schema
Take A Progressive Approach To DevOps
The First Step In DevOps Is Not Tools, But Culture Change
VS Code Is The Full Stack IDE For IBM i
Realizing The Promise Of Cross Platform Development With VS Code
If You Aren’t Automating Testing, You Aren’t Doing DevSecOps
The Lucky Seven Tips Of IBM i DevSecOps
Git Is A Whole Lot More Than A Code Repository
Learning To Drive Fast On The DevOps Roadmap
Expanding Fields Is A Bigger Pain In The Neck Than You Think
Value Stream Management: Bringing Lean Manufacturing Techniques To IBM i Development
Unit Testing Automation Hits Shift Left Instead of Ctrl-Alt-Delete Cash
It’s Time For An Application Healthcheck
The New Economy Presents New Opportunities For IBM i
Creating Web Services APIs Can Be Easy On IBM i
Jenkins Gets Closer IBM i Hooks, Courtesy Of ARCAD
DevOps Transformation: Engage Your IBM i Team
The All-Knowing, Benevolent Dictator Of Code
Software Change Management Has To Change With The DevOps Times
Attention Synon Users: You Can Automate Your Move To RPG Free Form And DevOps
Git Started With GitHub And ARCAD On IBM i
One Repository To Rule The Source – And Object – Code
Data Needs To Be Anonymized For Dev And Test



























