A key tool missing in most applications of MCP is better underlying authorization controls. Instead of granting large-scale access to data like this at the MCP level, just-in-time authorization would dramatically reduce the attack surface.
See the point from gregnr on
> Fine-grain permissions at the token level. We want to give folks the ability to choose exactly which Supabase services the LLM will have access to, and at what level (read vs. write)
Even finer grained down to fields, rows, etc. and dynamic rescoping in response to task needs would be incredible here.
replies(1):