Every processed story in chronological order, with the newest coverage first. Filter by tag, source, or score to drill in.
The paper provides the first empirical measurement of whether LLM agents honor a voluntary in-band access-deny signal, revealing both that current capable models can be made to comply and that compliance is cooperative rather than absolute — collapsing under explicit operator-authorization framing.
Teams deploying MCP-connected agents in production should implement tool-level allow-lists and per-tenant audit trails now, since the protocol's own OAuth 2.1 model only secures the server entry point and leaves individual tool access and supply chain risks unaddressed.