Problem

In read-only mode, documentation specifies that all manage_* tools are hidden. However, some manage_* tools currently expose read-only actions:

• manage_context — session-only actions (show, list_presets, set_scope, etc.)
• manage_webhook — read action
• manage_integration — get action

These read-only actions should live in the corresponding browse_* tools, not in manage_*.

Target State

Move read-only actions into browse_* tools:

• manage_webhook action read → browse_webhooks (or list_webhooks) action get
• manage_integration action get → list_integrations action get (or new browse_integrations)
• manage_context — evaluate if this belongs in browse_context or stays as-is (session-only, no GitLab writes)

Then in read-only mode, ALL manage_* tools are hidden cleanly — no action-level filtering needed.

Benefits

• Clean CQRS contract: browse_* = read, manage_* = write
• Simpler read-only filtering (no per-action runtime checks)
• Documentation matches code exactly

References

• Documentation: docs/security/read-only.md
• Code: src/registry-manager.ts, entity get*ReadOnlyToolNames() functions
• PR docs: Critical documentation refactor - VitePress site with MCP install badges #133