useing some mcp servers that include production access, just wanted more granular control and validation on what gets and does not get executed.

ex. supabase mcp does allow 'read only', but then asks write access permissions... which led me thinking: hmmmmm. can I really trust these mfs?