Comment by michaelmior
2 days ago
> with the only restrictions being up to the app owner rather than it being up to me.
I don't see any reason sites using MCP-B couldn't have settings to restrict access to certain data based on user configuration.
2 days ago
> with the only restrictions being up to the app owner rather than it being up to me.
I don't see any reason sites using MCP-B couldn't have settings to restrict access to certain data based on user configuration.
Sure, but the leak risk is happening in a place outside the site's control.
If the purpose of the MCP-B tool on mail.com is to summarize your email, then the site needs to allow the agent to pull your email into the context window. Once it's in the context window it's available to any other MCP-B enabled site that can convince the agent to send it along.