module 08 connect tools

Read vs write access

System Text-to-Speech Ready
Slide: 0:00 / 0:00
Slide 1 of 0Interactive Deck

Full Lesson Reference

MCPs give Claude real access to real platforms with real data. Getting the permissions wrong costs real money. This lesson is about setting up MCPs safely from the start.

The default: read-only

Every MCP you install should default to read-only. Claude can pull data, analyse, report - but cannot change anything on the platform.

Read-only operations are safe

  • Pull campaign performance data
  • Read email campaigns that have already been sent
  • Query product catalogues
  • Get website analytics
  • List anything

All of that is fine. Mistakes are cheap - bad queries waste tokens, nothing else.

Write access: opt-in per project

Write access lets Claude mutate the platform - create campaigns, send emails, post, change settings.

Only enable write access when

  • You specifically need Claude to do a mutation
  • You've built up enough trust with Claude on read operations first
  • You're ready to approve each mutation carefully (every permission prompt = real impact)
  • You have auto mode OFF for that project (Module 03)

What happens if writes go wrong

Google Ads

Claude pauses the wrong campaign. Your client's top-performing product stops getting spend for hours until you notice. Lost revenue.

Meta Ads

Claude creates an ad with the wrong spend cap. Budget overruns before you catch it.

Klaviyo

Claude sends a draft email to a live segment instead of a test segment. Customers get a half-finished email with placeholder text.

Slack

Claude posts to #general instead of #test. Publicly visible mistake.

The pattern: one wrong move on a write-enabled MCP can affect customers, spend, or public image. Different from a read mistake which just wastes a few seconds.

The 2 rules for write-enabled MCPs

  1. Always approve mutations manually

Module 03 covered permission prompts. For any write operation, default to option 4 (No) first. Read what Claude wants to do. Only approve after you've confirmed:

  • Exact action (what campaign, what email, what segment)
  • Scope (one item or many?)
  • Reversibility (can you undo if wrong?)
  • Impact (how much spend? how many customers?)
  1. Never give auto mode to write MCPs

Auto mode (Module 03) skips routine permission prompts. NEVER combine it with write access to ad platforms or email tools. Read-only auto mode is fine; write auto mode is how expensive accidents happen.

Setting up write access per platform

Most MCPs default to read-only. You have to explicitly opt in to writes - which is the right default.

When you do need writes

Enable write access for the Google Ads MCP in this project. I want Claude to be able to pause campaigns and adjust budgets, but only with my explicit approval on each action.

Claude updates .mcp.json, confirms the permissions, and notes in your project CLAUDE.md that writes are enabled + which operations require approval.

Read vs write split by platform

Recommended defaults for common platforms

  • Google Ads - read-only by default. Writes only for accounts you actively optimise.
  • Meta Ads - read-only. Writes require a second-check before creating campaigns.
  • Klaviyo - read-only. Manual approval every time for sends.
  • GA4, GSC - read-only is all that exists effectively.
  • Notion - read + write often useful (draft docs, meeting notes). Still prompt-check.
  • Slack - read useful, writes rare (prompt-check always).
  • Gmail - read cautiously (customer data). Writes for draft creation only, not sends.
  • Shopify - read-only is plenty for analysis. Writes are rare and always prompt.

Test before trust

Before you trust Claude with any write access

  1. Run the same operation manually in the platform UI 2-3 times so you know what correct looks like
  2. Watch Claude do it once with full permission prompts
  3. Review the result carefully
  4. Repeat 2-3 times before you batch operations

Earn the trust before you extend it.

Revoking access

If you mess up the config or want to reset

Remove the Google Ads MCP write permissions. Revert to read-only.

Claude updates .mcp.json, confirms read-only, done. You can always re-enable later.

Power-user tips

  • Write access is a privilege, not a default - enable per operation, never "just in case"
  • Keep a "write log" in your project CLAUDE.md - list which MCPs have write access enabled and for what purpose. Review quarterly.
  • Use sandbox accounts where possible - Meta + some tools let you create test accounts. Practice writes there first.
  • Match write permissions to your comfort level - when in doubt, read-only

Action items

☐ Default every new MCP to read-only

☐ Review existing MCPs - any that should be downgraded to read-only?

☐ For any write-enabled MCP: note which operations are allowed + require approval

☐ Never combine auto mode with write access

☐ Build trust gradually - test writes with manual approval before batching

Module complete. Next: Module 09 - Build reusable skills.

Exercises

  1. Review the concepts covered in this lesson: Read vs write access.
  2. Write down your key takeaway from this lesson.
  3. Practice running any commands or prompts mentioned above inside your terminal.