惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

K
Kaspersky official blog
Engineering at Meta
Engineering at Meta
D
DataBreaches.Net
Stack Overflow Blog
Stack Overflow Blog
Microsoft Security Blog
Microsoft Security Blog
Y
Y Combinator Blog
B
Blog RSS Feed
GbyAI
GbyAI
P
Proofpoint News Feed
aimingoo的专栏
aimingoo的专栏
MyScale Blog
MyScale Blog
D
Docker
阮一峰的网络日志
阮一峰的网络日志
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Recorded Future
Recorded Future
美团技术团队
The Register - Security
The Register - Security
V
Visual Studio Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
T
Tailwind CSS Blog
爱范儿
爱范儿
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
T
The Blog of Author Tim Ferriss
博客园 - 司徒正美
量子位
B
Blog
F
Fortinet All Blogs
Martin Fowler
Martin Fowler
博客园 - 【当耐特】
MongoDB | Blog
MongoDB | Blog
A
About on SuperTechFans
I
InfoQ
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
有赞技术团队
有赞技术团队
雷峰网
雷峰网
大猫的无限游戏
大猫的无限游戏
J
Java Code Geeks
L
LangChain Blog
Latest news
Latest news
S
SegmentFault 最新的问题
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Blog — PlanetScale
Blog — PlanetScale
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cisco Talos Blog
Cisco Talos Blog
F
Full Disclosure
C
Cisco Blogs
D
Darknet – Hacking Tools, Hacker News & Cyber Security
W
WeLiveSecurity
T
Tenable Blog
T
Tor Project blog

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
这个 GitHub 开源项目让你 5 分钟把任何 API 变成 MCP Server,11K+ Stars 但 90% 的人用错了
· 2026-05-08 · via DEV Community

这个 GitHub 开源项目让你 5 分钟把任何 API 变成 MCP Server,11K+ Stars 但 90% 的人用错了

你知道吗?GitHub 上有一个 11,849 Stars 的开源项目,能让你用 5 行代码把任何 FastAPI 接口暴露为 MCP 工具。但问题是——大多数团队用它搭的 MCP Server,一上线就崩。

Model Context Protocol(MCP)在 2026 年已经是 AI Agent 开发的事实标准。Anthropic 在推,Google 在用,Cursor 和 Claude Code 都在靠它吃饭。但真正的问题是:如何在生产环境下稳定运行 MCP Server

我花了几周时间深度研究 GitHub 上最热门的 MCP 相关项目——fastapi_mcp(11,849 Stars)和 mcp-agent(8,312 Stars)——同时追踪了 Hacker News 和 Reddit 上的真实讨论。挖出来的东西,比任何官方文档都更有价值。

今天我要分享 5 个 MCP Server 生产级实践,这些都是真正上线过的团队才知道的血泪经验。


实践一:别再手动传工具了——用 Workflow 自动路由

大多数人的 MCP 用法是:写一堆 tools=[...],每次调用 LLM 都要手动指定。这是错误的起点。

正确姿势是 Workflow 级别的工具路由——系统自动判断任务类型,分配对应的工具链。你只需要一个入口,剩下的由 Agent 自己决定。

# mcp-agent 的 workflow 自动路由模式
from mcp_agent import Agent, Workflow

# 定义专门化的子 Agent
research_agent = Agent(
    name="researcher",
    model="claude-sonnet-4",
    instructions="你负责深度研究。使用网络搜索和 Zotero 工具。"
)

code_agent = Agent(
    name="coder",
    model="claude-sonnet-4",
    instructions="你负责写代码和审查。使用文件系统工具。"
)

# 工作流编排器——自动路由任务
workflow = Workflow(
    agents=[research_agent, code_agent],
    routing_policy="auto",  # 系统自动分类并路由
    max_loops=3
)

# 单一入口,Agent 自己决定用哪些工具
result = await workflow.run(
    "调研一下最新的 MCP Server 性能测试数据,然后用最快的那个实现一个原型"
)

Enter fullscreen mode Exit fullscreen mode

为什么大多数人不知道这个:官方文档里展示的永远是单 Agent 单工具调用的例子。Workflow 路由需要理解 Agent 系统的协调机制——这个门槛劝退了很多人。但一旦你理解了这套模式,你就能构建真正可扩展的 MCP 系统。

HN 真实讨论:一个 58分的 HN 帖子专门讨论了"把 Agent 表示为 MCP Server",核心观点是:把工具当作 API 服务来设计,而不是当作 LLM 的参数列表。


实践二:FastAPI 接口直接变 MCP 工具,但你忘了加 Auth

这是最容易被忽略的安全漏洞:你的内部 API 有 JWT Token 验证,但你的 MCP Server 是裸奔的。

fastapi_mcp 库(11,849 Stars)的解决方案很优雅——让 FastAPI 原生的依赖注入系统直接为 MCP 工具服务。

# fastapi_mcp:给每个 MCP 工具加 Auth
from fastapi import FastAPI, Depends, HTTPException
from fastapi_mcp import MCPRouter, verify_jwt_token
from pydantic import BaseModel

app = FastAPI()

# 你现有的 JWT 认证依赖
async def get_current_user(token: str = Depends(verify_jwt_token)):
    """标准 FastAPI 认证——现在在 MCP 工具里也生效"""
    if not token:
        raise HTTPException(status_code=401, detail="无效 Token")
    return token

# MCP 路由,认证直接内置
mcp_router = MCPRouter(
    prefix="/mcp",
    auth_dependency=get_current_user,  # 每个 MCP 工具都需要认证
    debug=False
)

@mcp_router.tool()
async def query_database(sql: str, user=Depends(get_current_user)):
    """这个 MCP 工具现在有 JWT 保护了"""
    # user 包含已认证的用户信息
    return execute_sql_with_rls(sql, user_id=user["sub"])

# MCP Server manifest 暴露了认证要求
@mcp_router.tool(requires_auth=True)
async def admin_tool(action: str):
    """manifest 里明确标注了需要认证"""
    return {"status": "executed", "action": action}

app.include_router(mcp_router)

Enter fullscreen mode Exit fullscreen mode

为什么重要:MCP 协议本身不强制传输层认证。如果你不在 Server 层面加上认证,那你的 MCP Server 就是一扇敞开的大门。fastapi_mcp 的做法好就好在它复用你现有的 FastAPI 认证模式,不需要维护额外的认证基础设施。


实践三:多 Agent 协作 + 共享内存,这才是生产级的玩法

单 Agent MCP 方案很快就会遇到瓶颈。真实的生产场景需要 多 Agent 协调 + 共享状态

MultiAgentPPT 项目(1,591 Stars)实现了一套生产级的方案,用 A2A(Agent-to-Agent)+ MCP + ADK 架构来协调多个专业 Agent。

# 多 Agent 协作,共享内存模式
from mcp_agent import Agent
from shared_memory import MemoryStore
import asyncio

# 共享内存存储——所有 Agent 都可以读写共享上下文
memory = MemoryStore()

# Agent 1:研究 Agent,接入 arxiv MCP
researcher = Agent(
    name="researcher",
    mcp_servers=["arxiv-mcp"],
    memory=memory
)

# Agent 2:写作 Agent,接入 PowerPoint MCP
writer = Agent(
    name="writer",
    mcp_servers=["office-powerpoint-mcp"],
    memory=memory
)

# Agent 3:分析 Agent,接入 Excel MCP
analyst = Agent(
    name="analyst",
    mcp_servers=["excel-mcp"],
    memory=memory
)

async def generate_research_presentation(topic: str):
    """多 Agent 流水线,共享内存协调"""

    # 阶段一:研究
    research_task = await researcher.run(
        f"在 arXiv 上找关于 {topic} 的 5 篇最相关论文"
    )
    papers = memory.read("papers")  # 共享读取

    # 阶段二:分析
    analysis_task = await analyst.run(
        f"分析这些论文,提取关键统计数据:{papers}"
    )
    stats = memory.read("statistics")

    # 阶段三:生成 PPT
    presentation = await writer.run(
        f"根据这些内容创建 PPT:论文={papers}, 统计={stats}"
    )

    return presentation

# 运行流水线
result = asyncio.run(generate_research_presentation("MCP Server 性能测试"))

Enter fullscreen mode Exit fullscreen mode

为什么这个模式被低估了:绝大多数 MCP 教程只展示单 Agent 设置。但对于任何超越"玩具演示"的真实工作流,没有共享内存的多 Agent 协调是不可行的——每个 Agent 各干各的,无法协作。这个模式需要你在架构层面做设计,但回报是系统能力的指数级提升。


实践四:MCP "Rug Pull" 攻击——你集成第三方 MCP 前有没有做安全审计?

MCP 生态有一个黑暗秘密,到现在都没得到足够重视:MCP Rug Pull 攻击。这是指第三方 MCP Server 在版本更新时悄悄改变工具行为,导致你的 Agent 执行意想不到(甚至恶意)的操作。

开源工具 Driftcop(在最近的 HN AI Agent 安全讨论中被提及)专门实现了针对 MCP 漏洞的 SAST 扫描。

# MCP Server 安全审计脚本
import subprocess
import json

def audit_mcp_server(manifest_url: str) -> dict:
    """
    在集成第三方 MCP Server 之前进行审计。
    检测:工具 schema 漂移、可疑权限、缺失的速率限制。
    """
    # 使用 driftcop 扫描 MCP manifest
    result = subprocess.run(
        ["npx", "driftcop", "scan", "--manifest", manifest_url],
        capture_output=True, text=True
    )

    report = json.loads(result.stdout)

    findings = []
    for issue in report.get("issues", []):
        severity = issue["severity"]
        if severity in ["HIGH", "CRITICAL"]:
            findings.append({
                "tool": issue["tool"],
                "issue": issue["description"],
                "recommendation": issue["fix"]
            })

    if findings:
        raise SecurityError(
            f"MCP Server 安全审计未通过:发现 {len(findings)} 个问题。"
            f"详情:{findings}"
        )

    return {"status": "approved", "report": report}

# 示例:集成前审计第三方 MCP Server
try:
    result = audit_mcp_server(
        "https://raw.githubusercontent.com/example/third-party-mcp/main/manifest.json"
    )
    print(f"✅ MCP Server 审计通过:{result['status']}")
except SecurityError as e:
    print(f"🚨 安全审计失败:{e}")
    # 不集成未通过审计的 MCP Server

Enter fullscreen mode Exit fullscreen mode

残酷的现实:大多数团队正在集成 GitHub 上的各种 MCP Server,但完全没有安全审查。GitHub 上有 8000+ MCP Server 仓库,却没有中央注册机构——攻击面巨大。这个模式应该成为你 CI/CD 流程的一部分。


实践五:Context Window 是隐形杀手——动态加载工具才是正解

每个 MCP 教程都会忽略这个问题:工具描述正在蚕食你的 Context Window。当你注册 50 个 MCP 工具,每个 200 tokens 的描述,加载一次就消耗了 10,000 tokens——用户还没说一句话,钱就已经花出去了。

mcp-agent 库通过 动态工具加载 来解决这个问题——只有当前任务相关的工具才会被加载到上下文里。

# 动态工具加载——节省 80% Context 成本的秘诀
from mcp_agent import Agent
from mcp_agent.tool_manager import ToolRegistry

# 工具注册表持有所有可用 MCP 工具
registry = ToolRegistry()

# 注册多个 MCP Server
registry.register("arxiv-mcp", tools=[
    "search_papers", "get_paper_pdf", "get_citations",
    "get_related_papers", "get_author_papers"  # 5 个工具
])
registry.register("zotero-mcp", tools=[
    "search_library", "get_notes", "add_annotation",
    "export_bibliography", "get_collections"  # 5 个工具
])
registry.register("excel-mcp", tools=[
    "read_cells", "write_cells", "create_chart",
    "apply_formatting", "run_macro"  # 5 个工具
])
# 总计:注册了 15 个工具

# 动态加载 Agent——只加载相关工具
agent = Agent(
    name="context-aware-agent",
    tool_registry=registry,
    context_mode="on-demand",  # 根据任务动态加载工具
    max_context_tools=5  # 上下文里永远不超过 5 个工具
)

# 任务一:只加载 arxiv 工具
result1 = await agent.run("找一下 Transformer 架构相关的论文")
# 上下文中的工具:[search_papers, get_paper_pdf, get_citations]

# 任务二:加载不同的工具集
result2 = await agent.run("分析这个 Excel 表格的趋势")
# 上下文中的工具:[read_cells, create_chart, apply_formatting]

Enter fullscreen mode Exit fullscreen mode

算一笔账:以 $3-15/百万 tokens 的价格,每次请求加载 50 个工具描述(10K tokens)就要花 $0.03-$0.15——用户完全感知不到这部分价值。动态加载把工具数控制在 5-8 个,成本直接降 80%。


行业数据验证

上面这些模式不是空穴来风,而是有真实数据支撑的:

  • GitHub 数据fastapi_mcp(11,849 Stars)和 mcp-agent(8,312 Stars)是 AI Agent 工具类最热门的 Python 仓库,合计 Fork 超过 1,700
  • Hacker News讨论"MCP Server 作为 Agent 的基础设施"(58 分)里,开发者们一致认为 MCP 的工具发现机制是扩展 Agent 系统的关键
  • Dev.to 趋势:AI Agent 搭建类文章反应数是普通编程教程的 2-3 倍,读者需求强劲
  • The Verge 报道AI 公司正将 MCP 定位为"新互联网"的基础——这意味着生产级 MCP 知识会越来越值钱

结语

MCP 正在真正改变 AI Agent 与世界交互的方式。但"MCP 演示"和"MCP 生产系统"之间的鸿沟,比大多数教程展示的要宽得多。

我分享的五个实践——工作流路由认证集成多 Agent 编排安全加固上下文优化——代表了从概念验证到生产部署之间那道看不见的墙。

最后问你一个问题:你们团队现在缺哪个实践? 你是在把 MCP 当插件系统用,还是在把它当作生产级基础设施层来设计?评论区见,特别是想听大家怎么处理安全问题的——这是目前社区成熟度最低的领域。

看完不过瘾?再来几篇: