The Model Context Protocol (MCP) is designed to connect AI agents with tools, data sources, and APIs, focusing on standardization rather than security, which is left to the implementers. Although MCP includes detailed authentication mechanisms like OAuth 2.1 flows, token validation, and Protected Resource Metadata, it does not dictate the permissions or what authenticated users can do, leaving authorization decisions to those implementing the protocol. This gap has led to security breaches involving unauthorized data access, such as prompt injection attacks and over-privileged token use, underscoring the necessity for precise permission controls. While AI-based detection can aid in identifying anomalies, core authorization decisions must be deterministic to ensure security. As MCP evolves rapidly, with significant backing from major tech companies and a growing ecosystem, the need for adaptable and scalable authorization infrastructures becomes critical. This includes treating agents and tools as first-class subjects and ensuring permissions are reevaluated at every execution to prevent unauthorized data access.