INCIDENT
MCP - User discovered excessive permissions exposed by MCP inte...
User discovered excessive permissions exposed by MCP integrations, including ability to execute arbitrary SQL and delete repositories.
Updated: 3/26/2026
high Severity
Status: active
Description
I tried something simple last month. Connected a Postgres MCP to one of our bots. Wanted read access. The server also exposed DELETE, execute arbitrary SQL, and DROP TABLE. GitHub MCP — added for code reading. Also had delete_repository. Slack MCP — wanted search. Got https://t.co/1gDzJiJD2C
Impact
User discovered excessive permissions exposed by MCP integrations, including ability to execute arbitrary SQL and delete repositories.
Attack Vectors
- Postgres integration
- Slack integration