Sensitive actions, confirmations and revocation
Secure sensitive MCP actions by reviewing the target, confirming once, and revoking access quickly.
Updated
In short
An MCP action can send or modify a communication, change an account, handle a task, or adjust a setting. Before confirming, review the tool name, organization, target, and every value. Avoid permanent approval for write tools. If anything is unclear, reject the call; you can revoke consent and reconnect the client with fewer rights.
Expected result
No sensitive modification runs without an explicit target, visible parameters, and informed human confirmation.
Before you start
- The client must show tool calls and request approval for write operations.
- Know where to disconnect the client and revoke its Billabex consent.
Procedure
- Read the proposed tool name and description before reviewing the assistant’s drafted response.
- Check the organization, account or task identifier, recipients, content, and amounts.
- Reject grouped or ambiguous actions and request a narrower operation.
- Confirm the correctly parameterized call once; do not enable permanent approval to save a few clicks.
- After temporary or suspicious use, disconnect the client and revoke Billabex consent.
What Billabex does
Billabex scopes prevent a write tool from running under read-only consent. The AI client controls how confirmation is displayed, so security also depends on its approval settings and human review.
If the result is not what you expected
- If the tool or its parameters are hidden, cancel and use Billabex directly.
- After an unexpected action, record the time, organization, and target before revoking access.
- A reconnection creates new consent: review the scopes instead of automatically reusing previous ones.