The post highlights a concrete security gap in MCP agent workflows — that a one-time tool approval does not account for subsequent changes to a tool's capability surface — and presents Interlock as an open-source mechanism to detect and quarantine such drift before execution.