INCIDENT
MCP - Security best practice critique: agent loops and MCP
Security best practice critique: agent loops and MCP servers are over-provisioned with excessive permissions (write access, production secrets, broad filesystem) when minimal scoped access (lookup, dev data, docs search) would suffice.
Updated: 5/24/2026
high Severity
Status: active
Description
The loop had a write tool when it only needed lookup. The shell had production secrets when it only needed dev data. The MCP server exposed a broad filesystem when it only needed docs search.
Impact
Security best practice critique: agent loops and MCP servers are over-provisioned with excessive permissions (write access, production secrets, broad filesystem) when minimal scoped access (lookup, dev data, docs search) would suffice.
Attack Vectors
- write tool
- lookup tool
- shell
- filesystem access