MCP - User discovered excessive permissions exposed by MCP inte...

I tried something simple last month. Connected a Postgres MCP to one of our bots. Wanted read access. The server also exposed DELETE, execute arbitrary SQL, and DROP TABLE. GitHub MCP — added for code reading. Also had delete_repository. Slack MCP — wanted search. Got https://t.co/1gDzJiJD2C Source: https://x.com/navinsharmacse/status/2037162035084202060