# Disabling tools that can work as read/write operations (n8n_executions, n8n_workflow_versions)

[mahmoudnaif]

Read-Only Usage Concerns with Certain MCP Tools

Hello everyone 👋

We’re planning to use this excellent MCP in read-only mode, and overall, it fits our needs really well. There is already an environment variable that allows disabling tools globally, which is great.

However, we ran into an issue with tools that support both read and write operations within the same tool.

---

Example: n8n_workflow_versions

The n8n_workflow_versions tool is a good example.
As shown in the image below, the tool can operate in both read and write modes, depending on the selected attributes:

Read operations

• List workflow versions
• Get workflow version details

These would be extremely valuable for our users in a read-only setup.

Write / destructive operations

• Delete versions
• Roll back to a previous version
• Truncate versions

Because these actions are exposed through the same tool, simply enabling or disabling the tool as a whole doesn’t give us the level of control we need.

---

Missing Read-Only Control

Unfortunately, I couldn’t find:

• An out-of-the-box read_only_mode for such tools, or
• A way to restrict the tool to GET / LIST operations only, while disabling mutating actions

(Please correct me if I’m missing something here.)

---

Another Example

The same concern applies to the n8n_executions tool, which also mixes read-only and write/destructive capabilities.

---

Any guidance, best practices, or planned support for per-operation read-only control would be greatly appreciated.

Thanks! 🙏