GitHub user musaabhasan added a comment to the discussion: MCP: agents need in-place edits and cleanup tools — current write-only surface causes object sprawl
This is a real risk with agent-facing MCP surfaces. A create-only API nudges agents toward object sprawl because the lowest-friction repair path is to create a new dataset/chart/dashboard instead of reconciling what already exists. I would add mutation tools with guardrails rather than broad write access: patch-style updates with revision or ETag preconditions, dry-run diff output, idempotency keys, object ownership/session tags, and soft delete with restore. The cleanup tool should first list objects created by a session or service identity and refuse deletion when there are external references unless explicitly confirmed. For Superset specifically, it would help to keep the mutation boundaries narrow: update dataset metadata separately from SQL, chart properties separately from dashboard layout, and permissions separately from content. Every mutation should record the RBAC user, MCP tool name, source request id, before/after summary, and whether the operation came from a dry run or an executed request. That gives agents enough power to repair work while still preserving auditability and least privilege. GitHub link: https://github.com/apache/superset/discussions/39864#discussioncomment-16860757 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
