What does a rising approval-rejection ratio signal in a production MCP integration?
A rising rejection rate is a behavioral signal of eroding user trust: a leading indicator of tool poisoning, scope creep, or a rug pull, not a transport fault.
Picture a security guard who waves people through a door all day. Suddenly he starts turning lots of them away. The door did not break and the hallway is fine. Something about the people, or what they are carrying, started looking wrong to him. The approval-rejection ratio is that guard. Each time the assistant wants to run a tool, the user is the guard who says yes or no. When the 'no' count climbs, the wires are not the problem. The users are noticing that a tool is asking for more than it should, or doing something its description never mentioned. That is a trust signal, and trust signals point at the tool and its intent, not at the cable carrying the message.
Detailed answer & concept explanation~8 min readEverything you need to truly understand this topic: intuition, mechanics, step by step explanation, code, formulas, and worked example. Click to expand.
Everything you need to truly understand this topic: intuition, mechanics, step by step explanation, code, formulas, and worked example. Click to expand.
Everything you need to truly understand this topic: intuition, mechanics, step by step explanation, code, formulas, and worked example.
Everything important, quickly.
4 min: separate human-trust metrics from machine-health metrics, explain why rejections lead security regressions, and show the correlation diagnostic with drift.
| Metric | What it senses | Points at |
|---|---|---|
| Approval-rejection ratio | User trust in tool intent | Poisoning, scope creep, rug pull |
| Tool call error rate | Failed invocations | Server bug, bad arguments, contract break |
| Per-tool latency | Slow responses | Server load, network, heavy work |
| Server uptime | Availability | Crash, deploy, connection loss |
| Capability or version drift | Changed schema or tools | Silent update, rug-pull candidate |
Real products, models, and research that use this idea.
- Claude Code and Claude Desktop gate each MCP tool call behind a user approval prompt, producing the approve or reject signal directly.
- The OWASP MCP Top 10, published in 2025, lists tool poisoning and rug pulls as named risks that a rising rejection rate can surface.
- Cursor and Zed, both MCP hosts, expose per-tool approval flows whose rejection counts can be aggregated into an observability dashboard.
What an interviewer would ask next. Try answering before peeking at the approach.
QWhich other MCP metric would you correlate with the rejection rate to confirm a rug pull?
QHow would you design alerting so one bad tool does not hide in the aggregate?
Don't say thisRed flags and common mistakes that signal junior thinking. Click to expand.
Red flags and common mistakes that signal junior thinking. Click to expand.
Reading the rejection rate as a transport or caching bug. It is a behavioral trust metric, so it points at tool intent and permissions, not the wire.
The night-before-the-interview bullets. Scan these on the way to the call.
Primary sources. Skim if you want the original framing.
Same topic, related formats. Practice these next.