How does this handle context that becomes stale? E.g., if one tool updates a deployment state and another tool's memory still has the old version. MCP gives you the pipe but not the consistency model.
Interesting approach for embedded use cases. Curious how you see this compared to the OIDC trend in CI/CD where the goal is eliminating stored secrets entirely — different problem space but related threat model.
On the defensive side, we are pushing to OIDC short-lived tokens - eliminating the this risk altogather