Show HN: Polymcp – Turn Any Python Function into an MCP Tool for AI Agents
23 pointsby justvugg14 days ago2 comments
  • rahimnathwani14 days ago
    If you want people to adopt your tool, you may need to explain any advantage this has over fastmcp.

    It's already easy to expose a python function as an MCP server. From the fastmcp docs:

      from fastmcp import FastMCP
  
  mcp = FastMCP("Demo ")
  
  @mcp.tool
  def add(a: int, b: int) -> int:
      """Add two numbers"""
      return a + b
  
  if __name__ == "__main__":
      mcp.run()
    • justvugg14 days ago
      Hi thanks for the comment, I’m not trying to replace FastMCP (or anything else), and I’m not really comparing on the “basic MCP server” use case.

      PolyMCP, beyond creating MCP servers over HTTP and stdio, WASM (Pyodide) bundle to run tools in the browser/edge with an “MCP-style” tool interface,provides unified agent/orchestration across multiple MCP servers, plus an Inspector UI and production guardrails (budgets, logging, redaction, allowlists, retries).

      The goal is to be a single, end-to-end toolkit for developers: tool exposure + debugging + governance + orchestration.

      • rahimnathwani14 days ago
        None of this came across in what you wrote in your Show HN.
        • justvugg14 days ago
          because I wanted to introduce this part of PolyMCP that can take you from code with only functions to an MCP.
  • nulone13 days ago
    How do you handle side-effectful tools and secrets? Least-privilege and auditing seem hard once any Python function can become a tool (scoped creds, revocation, logs).
    • justvugg13 days ago
      Hi Thanks for the comment, The unified agent doesn’t execute untrusted code — it orchestrates. Side effects only happen at explicit execution boundaries (remote tools or the CodeAgent). The CodeAgent is sandboxed in Docker; the planner/router isn’t, because it never executes arbitrary code. Least-privilege and auditing are enforced at the execution boundary, not per function. Do you have any suggestions for making PolyMCP better?
      • nulone12 days ago
        Makes sense — execution boundary is the right place.

        I'd prioritize audit logs + correlation IDs, and short-lived creds per tool call. Do you expose tool capabilities to the planner without exposing creds?