Table of Contents
- Start With Read-Only Requests
- Use Previews for Change-Making Workflows
- Understand Tool Risk Levels
- Check the Target Tenant and Campaign
- Avoid Ambiguous Requests
- Do Not Share Secrets
- When to Ask a Brightidea Administrator
Start With Read-Only Requests
Before making any changes, start with a read-only request to confirm the connector is pointed at the correct tenant and campaign. Good first requests include:
Search for ideas about customer onboarding.Summarize the current campaign pipeline.Generate a campaign health summary.
Use Previews for Change-Making Workflows
For workflows that can update multiple records, always ask for a preview or dry run before applying changes:
Preview moving these ideas to the next step. Do not apply changes yet.Show me what would change before updating these idea tags.
If the tool supports a dry run, review the output before approving the final action.
Understand Tool Risk Levels
| Tool Type | Examples | Recommended Practice |
|---|---|---|
| Read-only | Search, summarize, inspect, report | Use freely within your data-access policy. |
| Write | Draft or submit ideas, update selected campaign content | Review generated content and target records first. |
| Admin | Groups, rules, widgets, branding, phase schedules | Confirm you are in the correct tenant and campaign. |
| Delete | Supported delete actions | Confirm record IDs and business impact before approval. |
| Bulk | Moving or updating many ideas | Always request a preview or dry run first. |
Check the Target Tenant and Campaign
Before approving any write, admin, delete, or bulk action, confirm:
- The tenant is correct.
- The campaign or community is correct.
- The target idea, group, widget, rule, or step IDs are correct.
- The requested action matches your intent.
- The preview output is complete and expected.
Avoid Ambiguous Requests
Vague requests can produce unexpected results. Instead of:
Clean this up.
Be specific:
Review campaign <campaign_id> and suggest changes. Do not apply changes.
Then make a second request when you're ready to apply a specific change.
Do Not Share Secrets
Do not paste passwords, MFA codes, API keys, OAuth tokens, client secrets, or private keys into the AI client. Brightidea OAuth handles sign-in separately.
When to Ask a Brightidea Administrator
Check with an administrator before using MCP for any of the following:
- Large bulk updates
- Campaign rule changes
- Group membership changes
- Site branding or page layout changes
- Deletion workflows
- Any action that affects production campaigns or broad user audiences
Related Articles
- Brightidea MCP Authentication and Access
- Data Accessed by Brightidea MCP
- Troubleshoot Brightidea MCP Connections
Comments