Everyone loves Cursor + MCP because it enables truly autonomous workflows. You ask for something, and it's magically done. Impressive, even though expected – that's exactly what MCP promised to solve when it came out in late 2024: connecting LLMs to the real world.
This protocol basically wraps APIs from any tool and plugs them into your LLM-powered application. That makes the model able to do all the things you could do, but at machine speed.
In a previous blog post, I made an example of my team plugging the WhatsApp MCP Server into Cursor. So, when we were in the flow and couldn't answer phone calls, we could ask each other to stop calling. Which was a useful thing. The bad part is that the model once misunderstood the name of the person I wanted to send the "don't bother me" message to, and sent it to someone who was not a colleague of mine.
That rang a bell in my mind: what if I am using Cursor to edit a CRM or a codebase, and it inadvertently does something wrong? It's like me doing something wrong, but 10x the impact and 100x the speed.
Now, think if you're working for a big co and delete thousands of rows of CRM data, it would be like you turned into a crazy, bad Speedy Gonzales kind of employee. And your boss would be really mad at you.
The consequences of giving an LLM your full permissions, are enormous. And people are starting to experience the side effects of doing so.
As a friend of mine once said: "If you’re streaming raw MCPs into your Cursor and working at a big co, hire a good lawyer first!"
But we like to solve problems when they come up, so we found a solution to the issue. It’s called Eunomia, and it’s an Open Source MCP middleware released by us at whataboutyou.ai. It lets you set dynamic fine-grained authorization policies via your CLI. You just need to add a couple of lines of code to each MCP server you’re using. And it’s officially integrated with FastMCP. Just implementing something like sending emails to my colleagues only, and only between 8 AM and 8 PM could save a lot of embarrassment if things go rogue.
I hope this will help fellow comrades risking their job just because they were too lazy or naive to let Cursor inherit all the permissions they have.