01 DEC 2025
David decided: Commissioned granular MCP audit: full profile control plane vs narrow draft tooling
David asked 8 Opus 4.7 agents to audit the granular MCP connector and assess how far it was from an ideal state where any AI could fully manipulate a user's profile, including a hard constraint against the AI lying on the user's behalf.
David framed the audit with a specific tension he wanted resolved:
run 8 agents (opus 4.7 max) to go and audit the app and mcp connector against the ideal end state where the mcp connector lets the user's AI fully manipulate the full state of their profile, every primitive, every section etc and come back with a final plan. the constraint must be that the system design cannot allow the user's AI to lie on their behalf. is there a way of knowing which ai is writing to our MCP server? ie. if its claude code, claude chat, claude cowork, codex, chatgpt etc? we need
The audit found the current connector was narrow draft-entry tooling, not a full profile control plane. The AI attribution question — could you tell which tool wrote a given entry? — came back as not deterministically solvable without client/vendor proof, which shaped subsequent thinking about the anti-lying architecture.