1 item
Yes, with guardrails: approval before destructive writes, scoped keys, and a dated bug history. Here is mumcp's real security changelog, by commit.