Now do this for 300+ employees constantly. It's not sustainable.
We need scoped MCPs before any of this is viable.
The receiving end needs a setting that "user X's ChatGPT MCP can access directories [x,y,z] in Google Drive. This wouldn't require any changes to the MCP protocol in general.
OR the whole spec must be changed so that when an MCP is connecting, there is a negotiation about the scope (select which directories are shared) AND that list is checked on the receiving end against a whitelist of allowed directories.
We need scoped MCPs before any of this is viable.
The receiving end needs a setting that "user X's ChatGPT MCP can access directories [x,y,z] in Google Drive. This wouldn't require any changes to the MCP protocol in general.
OR the whole spec must be changed so that when an MCP is connecting, there is a negotiation about the scope (select which directories are shared) AND that list is checked on the receiving end against a whitelist of allowed directories.