you brought some great points. what we are hoping to do next iteration is to add audit logs of actions taken (of high risk actions) that way even if the user "accidentally" blank agrees their mcp service to take the rm action then at least they can see if the action was something they typed or suggested by the LLM.

if you have some improvements around this space love to chat and collaborate!