Score MCP message inspection policies from content risk, tool intent, auth context, payload shape, and audit need