from Hacker News

From OpenAPI spec to MCP: How we built Xata's MCP server

by tudorg on 5/25/25, 8:41 AM with 17 comments

• by lmeyerov on 5/27/25, 6:53 PM

  Slightly different experience here

  We have been adding MCP remote server to louie.ai, think a semantic layer over DBs for automating investigations, analytics, and viz over operational systems. MCP is nice so people can now use from Slack, VS Code, CLI, etc, without us building every single integration when they want to use it outside of our AI notebooks. And same starting point of openAPI spec, and even better, fastapi standard web framework for the REST layer.

  Using frameworks has been good. However, for chat ergonomics, we find we are defining custom tools, as talking directly to REST APIs is better than nothing, but that doesn't mean it's good. The tool layer isn't that fancy, but getting the ergonomics right matters, at least in our experience. Most of our time has been on security and ergonomics. (And for fun, we had an experiment of vibe coding this while hitting enterprise-level quality goals.)

• by jedisct1 on 5/28/25, 6:09 AM

  If you got an OpenAPI spec and want to expose it as MCP, https://jedisct1.github.io/openapi-mcp/ is an easy way to do it.

• by alooPotato on 5/27/25, 5:31 PM

  i really dont get why we cant just feed the openapi spec to the LLM instead of having this intermediate MCP representation. Don't really buy the whole 'the api docs will overwhelm an LLM" - that hasn't been my experience.

• by _pdp_ on 5/27/25, 4:46 PM

  I mean there are 2 other posts related to data exfiltration attacks against MCP severs on the main page of HN at the time of this comment - at this point I think you want to involve a security person to make sure it is not vulnerable to stupid things.