Update excluded-tools documentation

Phil Whittaker · claude · Phil Whittaker · commit 0125524f1c6c · 2025-10-25T07:41:40.000+01:00
🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/16/umbraco-cms/reference/developer-mcp/excluded-tools.md b/16/umbraco-cms/reference/developer-mcp/excluded-tools.md
@@ -130,84 +130,4 @@ These endpoints are intentionally not implemented in the MCP server, typically b
 
 ### Dynamic (2 endpoints)
 - `getDynamicRootSteps` - Dynamic root configuration steps (advanced configuration functionality)
-- `postDynamicRootQuery` - Dynamic root query processing (advanced configuration functionality)
-
-## Rationale
-
-Import/Export endpoints are excluded because:
-1. They typically handle complex file operations that are better managed through the Umbraco UI
-2. Import operations can have wide-ranging effects on the system
-3. Export formats may be complex and not suitable for MCP tool responses
-4. These operations often require additional validation and user confirmation
-
-Install endpoints are excluded because:
-1. Installation operations modify core system configuration and should only be performed during initial setup
-2. Database validation during installation involves sensitive system checks
-3. Installation settings contain system-level configuration that should not be exposed or modified after setup
-4. These operations are typically only relevant during the initial Umbraco installation process
-
-Package endpoints are excluded because:
-1. Package creation and management involve complex file operations
-2. Package installation can have system-wide effects requiring careful validation
-3. Package migration operations should be handled with caution in the Umbraco UI
-4. Download functionality may not be suitable for MCP tool responses
-
-Security endpoints are excluded because:
-1. Password reset operations involve sensitive security workflows
-2. These operations typically require email verification and user interaction
-3. Security configuration changes should be handled carefully through the Umbraco UI
-4. Automated security operations could pose security risks if misused
-
-Telemetry endpoints are excluded because:
-1. System telemetry data may contain sensitive system information
-
-User Group membership endpoints are excluded because:
-1. These operations present severe permission escalation risks
-2. AI could potentially assign users to administrator groups
-3. User group membership changes can compromise system security
-4. These sensitive operations should only be performed through the Umbraco UI with proper oversight
-
-PublishedCache endpoints are excluded because:
-1. Cache rebuild operations can significantly impact system performance and should be carefully timed
-2. Cache operations can affect site availability and user experience during execution
-3. Cache rebuild status monitoring could expose sensitive system performance information
-
-Upgrade endpoints are excluded because:
-1. System upgrade operations involve critical system modifications that could break the installation
-2. Upgrade settings contain sensitive system configuration that should not be exposed
-3. Upgrade authorization involves system-level changes that require careful oversight
-4. These operations are typically only relevant during major version upgrades and should be handled through the Umbraco UI
-
-User endpoints are excluded because:
-1. User creation could enable account proliferation and privilege escalation attacks
-2. User deletion could cause denial of service by removing critical admin accounts and permanent data loss
-3. Password operations could enable account takeover and bypass security controls
-4. 2FA management could compromise multi-factor authentication security
-5. Client credentials expose sensitive API keys and authentication tokens
-6. User invitation system could be abused for spam or unauthorized account creation
-7. User state changes (disable/enable/unlock) could be used for denial of service attacks
-8. These operations require secure UI flows with proper validation and user confirmation
-9. Automated user security operations pose significant risks if misused by AI systems
-
-Profiling endpoints are excluded because:
-1. These endpoints control the MiniProfiler, which is a frontend debugging tool for web browsers
-2. Profiler activation and status are not relevant for MCP operations that work with data rather than UI
-3. The MiniProfiler is designed for developer debugging during web development, not for automated API interactions
-4. These operations are frontend-specific functionality that has no use case in the MCP context
-
-Preview endpoints are excluded because:
-1. Content preview functionality is designed for frontend website display and user interface interactions
-2. Preview operations are primarily used for content editors to see how content will appear on the website
-3. These operations are frontend-specific and not relevant for automated data management through MCP
-
-Oembed endpoints are excluded because:
-1. oEmbed functionality is used for embedding external media content (videos, social media posts) into rich text editor
-2. This is primarily a frontend feature for content display and presentation
-
-Object endpoints are excluded because:
-1. Object type enumeration provides internal system metadata about Umbraco's object structure
-2. This information is primarily used by the Umbraco backend for internal operations and UI generation
-
-Dynamic endpoints are excluded because:
-1. Dynamic root functionality is an advanced configuration feature for creating custom content tree structures
-2. These operations are better compled using the UI
+- `postDynamicRootQuery` - Dynamic root query processing (advanced configuration functionality)
