Parent: #7680 (5.11 Instance configuration)
Tool file: new forge/ee/lib/mcp/tools/instanceConfig.js
destructiveHint: true. Kept separate from ordinary writes so MCP clients gate them behind confirmation by default. One tool per delete endpoint.
| Tool |
Endpoint |
Scope |
Annotation |
platform_delete_instance_file |
DELETE /projects/:id/files/_/:path |
project:files:delete |
destructive |
platform_delete_instance_http_token |
DELETE /projects/:id/httpTokens/:tid |
project:edit |
destructive |
(Mirror the http-token delete tool for devices with device:edit.)
Design notes: deleting an HTTP bearer token revokes access for that token; surface the outcome descriptively.
Scopes to allow-list + access-tag (#7445): project:files:delete (write), project:edit (write), device:edit (write).
Tool definitions (description + zod inputSchema):
platform_delete_instance_file: {
description: 'Deletes a file or directory from a hosted instance file store.',
inputSchema: z.object({
instanceId: z.string().uuid().describe('UUID of the hosted instance'),
path: z.string().describe('Path of the file or directory to delete')
})
}
platform_delete_instance_http_token: {
description: 'Deletes an HTTP bearer token from a hosted instance, revoking access for that token. The device variant takes { deviceId, tokenId }.',
inputSchema: z.object({
instanceId: z.string().uuid().describe('UUID of the hosted instance'),
tokenId: z.string().describe('Opaque hashid of the HTTP bearer token to delete')
})
}
Tests:
- Every tool carries
destructiveHint: true.
- Read-only PAT rejected.
- Feature-disabled instance returns the descriptive gate error.
Parent: #7680 (5.11 Instance configuration)
Tool file: new
forge/ee/lib/mcp/tools/instanceConfig.jsdestructiveHint: true. Kept separate from ordinary writes so MCP clients gate them behind confirmation by default. One tool per delete endpoint.platform_delete_instance_fileDELETE /projects/:id/files/_/:pathproject:files:deleteplatform_delete_instance_http_tokenDELETE /projects/:id/httpTokens/:tidproject:edit(Mirror the http-token delete tool for devices with
device:edit.)Design notes: deleting an HTTP bearer token revokes access for that token; surface the outcome descriptively.
Scopes to allow-list + access-tag (#7445):
project:files:delete(write),project:edit(write),device:edit(write).Tool definitions (description + zod inputSchema):
Tests:
destructiveHint: true.