Title: MCP Gives LLMs Full Access: Postman Fixes it Publication: Ready, Set, Cloud! Author: Allen Helton Published: June 19, 2025 URL: https://www.readysetcloud.io/talks/mcp-gives-llms-full-access-postman-fixes-it/ On Between 2 Devs at Postcon, Hannah Seligson and I unpack MCP’s “full access” problem for LLMs, why that’s a trust and safety issue, and how Postman’s endpoint-level controls make agent tooling safer and more practical. #### Description In this episode of Between 2 Devs at Postcon, Hannah Seligson (HubSpot) and I dig into a core safety problem with MCP: by default, servers hand LLMs full access to every tool. That is a trust and safety risk if you are serious about agentic systems in production. We talk about how Postman approaches this with granular, endpoint-level access, so teams can build agents on verified APIs without handing over the keys to everything. We also get into spec-driven development, mock servers, and the trap of over-relying on codegen.