Comment by daveguy
13 hours ago
Well, I guess 80-90% protective is better than nothing. Better might be a lock that requires positive confirmation by the user.
13 hours ago
Well, I guess 80-90% protective is better than nothing. Better might be a lock that requires positive confirmation by the user.
It is possible to configure it like that - when a trifecta is detected, it is possible for the gateway to wait for confirmation before allowing the last MCP call to proceed. The issue with that MCP clients are still in early stages and some of them don't like waiting for a long time until they get a response and act in weird or inconvenient ways if something times out (some of them sensibly disable the entire server if a single tool times out, which in our case disables the entire gateway and therefore all MCP tools). As it is, it's much better to default to returning a block message, and emit a web notification from the gateway dashboard to get the user to approve the usecase, then rerun their previous prompt.