User Guides
Permission Model
Design clear permission boundaries for agents and human operators.
Why permission modeling matters
Most production incidents are not caused by missing features. They are caused by excessive privileges in the wrong place.
outline-mcp gives you explicit action controls so each client can receive only the capabilities it needs.
Action model
| Action | Scope | Typical tools |
|---|---|---|
read | Non-mutating operations | list_collections, search_documents, read_document, list_events |
write | Mutating but non-destructive operations | create_document, update_document, move_document, comments, memberships, leases |
delete | Destructive operations | delete_document, delete_comment, delete_collection, batch delete |
admin | Reserved advanced control | Rarely needed in standard flows |
Recommended role mapping
| Role | Actions | Reasoning |
|---|---|---|
| Reader agent | read | Safe default with zero mutation risk |
| Writer agent | read,write | Supports creation/editing without destructive paths |
| Operator agent | read,write,delete | Owns cleanup and lifecycle execution |
Rollout governance
Use a progressive model:
- Start every new client at
read. - Promote to
read,writeonly after successful validation. - Grant
deleteonly to explicit operator paths. - Review action sets during each incident retrospective.
Example profiles
Read-only
OUTLINE_ALLOWED_ACTIONS=readRead and write
OUTLINE_ALLOWED_ACTIONS=read,writeFull operator
OUTLINE_ALLOWED_ACTIONS=read,write,deleteNext step
Continue to Tool Reference.