diff --git a/README.md b/README.md
index eb5a4bd..af9f7a3 100644
--- a/README.md
+++ b/README.md
@@ -2,202 +2,155 @@
mcp-name: io.github.appwrite/mcp
-## Overview
+A [Model Context Protocol](https://modelcontextprotocol.io) server for Appwrite.
+It exposes Appwrite's API — databases, users, functions, teams, storage, and more
+— as tools your MCP client can call.
-A Model Context Protocol server for interacting with Appwrite's API. It provides tools to manage databases, users, functions, teams, and more within your Appwrite project.
+Connect to the hosted server at **`https://mcp.appwrite.io/mcp`** and authenticate
+through your browser. The first time you connect, your client opens an Appwrite
+consent screen; approve the scopes and you're connected. There are no keys to
+copy.
-Appwrite Cloud is available as a hosted [OAuth 2.1 Resource Server](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization) over MCP [Streamable HTTP](https://modelcontextprotocol.io/specification/2025-06-18/basic/transports). Self-hosted Appwrite instances use the local MCP `stdio` transport with an Appwrite project API key.
+## Connect your client
-## Quick Links
-- [Cloud hosted MCP](#cloud-hosted-mcp)
-- [Self-hosted stdio MCP](#self-hosted-stdio-mcp)
-- [How Cloud authentication works](#how-cloud-authentication-works)
-- [Tool surface](#tool-surface)
-- [Local development](#local-development)
-- [Debugging](#debugging)
+Pick your client below. Each adds the hosted Appwrite Cloud server.
-## Cloud hosted MCP
+
+Claude Code
-Add the server to any MCP client that supports remote (Streamable HTTP) servers by its URL:
-
-```
-https://mcp.appwrite.io/mcp
+```bash
+claude mcp add --transport http appwrite https://mcp.appwrite.io/mcp
```
-For example, in a client that accepts a JSON server config:
+
+
+
+Claude Desktop
+
+Go to **Settings → Connectors → Add custom connector** and paste
+`https://mcp.appwrite.io/mcp`.
+
+On the free plan, bridge the remote server through stdio instead (requires
+Node.js) by editing your config via **Settings → Developer → Edit Config**:
```json
{
"mcpServers": {
"appwrite": {
- "type": "http",
- "url": "https://mcp.appwrite.io/mcp"
+ "command": "npx",
+ "args": ["mcp-remote", "https://mcp.appwrite.io/mcp"]
}
}
}
```
-The first time you connect, the client opens an Appwrite consent screen in your browser. Approve the requested scopes and the client is connected — there are no keys to copy.
-
-## Self-hosted stdio MCP
+
-Self-hosted users should run the MCP server locally over stdio and authenticate with a project API key from their Appwrite Console.
+
+Cursor
-Create a project API key with the scopes you want the MCP server to use, then configure your MCP client with:
+Edit `~/.cursor/mcp.json` (global) or `.cursor/mcp.json` (project).
```json
{
"mcpServers": {
"appwrite": {
- "command": "uvx",
- "args": ["mcp-server-appwrite"],
- "env": {
- "APPWRITE_PROJECT_ID": "",
- "APPWRITE_API_KEY": "",
- "APPWRITE_ENDPOINT": "https:///v1"
- }
+ "url": "https://mcp.appwrite.io/mcp"
}
}
}
```
-For the local Appwrite development compose setup in `/Users/chiragaggarwal/Desktop/appwrite/appwrite`, the endpoint is typically:
-
-```text
-http://localhost:9501/v1
-```
-
-`stdio` is the default transport for the package command. You can also make it explicit:
-
-```bash
-APPWRITE_ENDPOINT=http://localhost:9501/v1 \
-APPWRITE_PROJECT_ID= \
-APPWRITE_API_KEY= \
-uvx mcp-server-appwrite --transport stdio
-```
-
-The server validates the endpoint, project ID, API key, and at least one supported service during startup. If credentials or scopes are wrong, the MCP server fails before accepting tool calls.
-
-## How Cloud authentication works
+
-The MCP server validates the bearer access token on every request and forwards it to the Appwrite REST API, which accepts the OAuth2 access token directly. The flow (handled automatically by MCP-aware clients):
+
+VS Code (GitHub Copilot)
-1. The client requests `/mcp` without a token and receives `401` with a `WWW-Authenticate` header pointing to the protected-resource metadata.
-2. The client fetches `GET /.well-known/oauth-protected-resource/mcp` (RFC 9728), which lists the authorization server (`/oauth2/console`) and supported scopes.
-3. The client discovers the authorization server (RFC 8414 / OIDC) and **self-registers** via RFC 7591 Dynamic Client Registration — the OAuth server exposes an open `registration_endpoint`, so there is no client ID or secret to pre-provision. MCP clients register as public (PKCE) clients automatically.
-4. The client runs the OAuth 2.1 + PKCE authorization-code flow, including the RFC 8707 `resource` parameter that binds the token's audience to this server.
-5. The client calls `/mcp` with `Authorization: Bearer `.
+Edit `.vscode/mcp.json` (workspace) or your user configuration via the Command
+Palette → **MCP: Open User Configuration**.
-## Tool surface
-
-The server starts in a compact workflow so the MCP client only sees a small operator-style surface while the full Appwrite catalog stays internal.
-
-- Up to 4 MCP tools are exposed to the model:
- - `appwrite_get_context`
- - `appwrite_search_tools`
- - `appwrite_call_tool`
- - `appwrite_search_docs` — semantic search over the Appwrite documentation (only registered when the docs index and `OPENAI_API_KEY` are present; see [Documentation search](#documentation-search)).
-- The full Appwrite tool catalog stays internal and is searched at runtime.
-- `appwrite_get_context` gives the client a quick workspace summary. With a local project API key it returns the configured project and readable service totals/samples. With hosted OAuth it also includes account, organization, and discovered project context.
-- Large tool outputs are stored as MCP resources and returned as preview text plus a resource URI.
-- Mutating hidden tools require `confirm_write=true`.
-- Every Appwrite service the installed SDK ships is registered automatically — 25 in total, each becoming a tool-name prefix: `account`, `activities`, `advisor`, `apps`, `avatars`, `backups`, `databases`, `functions`, `graphql`, `health`, `locale`, `messaging`, `oauth2`, `organization`, `presences`, `project`, `proxy`, `sites`, `storage`, `tables_db`, `teams`, `tokens`, `usage`, `users`, and `webhooks`. Which ones a given user can actually call is gated by the scopes their OAuth token was granted (enforced per-route by the Appwrite API), not by the catalog.
-
-## Documentation search
-
-`appwrite_search_docs` runs semantic search over the Appwrite documentation entirely in-process, replacing the standalone docs MCP server. It embeds the query with OpenAI `text-embedding-3-small` and ranks a prebuilt index of doc pages by cosine similarity, returning the most relevant pages with their full content. It needs no `project_id`.
-
-The index is a small artifact committed under `src/mcp_server_appwrite/data/` (`docs_index.npz` + `docs_index_meta.json`) and shipped in the image. The tool is registered only when both the artifact and `OPENAI_API_KEY` are available; otherwise the server boots without it.
-
-### Runtime configuration
-
-- `OPENAI_API_KEY` — required to embed incoming queries (one OpenAI call per search).
-- `DOCS_SEARCH_MIN_SCORE` — minimum cosine score for a match (default `0.25`).
-- `DOCS_SEARCH_LIMIT` — default maximum pages returned (default `5`, max `10`).
-
-### Rebuilding the index
-
-Re-run the build script when the docs change and commit the refreshed artifact:
-
-```bash
-OPENAI_API_KEY=sk-... uv run python scripts/build_docs_index.py
-```
-
-It downloads `appwrite/website` docs from GitHub, chunks each page, embeds the chunks, and writes the artifact. Optional env vars: `DOCS_WEBSITE_REF` (git ref, default `main`), `DOCS_EMBED_BATCH` (default `100`).
-
-## Local development
-
-### Clone and install `uv`
-
-```bash
-git clone https://github.com/appwrite/mcp.git
-cd mcp
-# Linux or MacOS
-curl -LsSf https://astral.sh/uv/install.sh | sh
-# Windows (PowerShell)
-# powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"
+```json
+{
+ "servers": {
+ "appwrite": {
+ "type": "http",
+ "url": "https://mcp.appwrite.io/mcp"
+ }
+ }
+}
```
-### Run the server
-
-With Docker Compose, the server runs the hosted HTTP/OAuth transport:
+
-```bash
-docker compose up --build
-```
+
+Codex
-Compose defaults to `MCP_PUBLIC_URL=http://localhost:8000` and exposes the MCP endpoint at:
+Edit `~/.codex/config.toml`.
-```text
-http://localhost:8000/mcp
+```toml
+[mcp_servers.appwrite]
+url = "https://mcp.appwrite.io/mcp"
```
-To enable documentation search locally, provide `OPENAI_API_KEY` in your shell or a local `.env` file before running Compose.
-
-With `uv` directly:
+
-```bash
-MCP_PUBLIC_URL=http://localhost:8000 APPWRITE_ENDPOINT=https://cloud.appwrite.io/v1 \
- uv run mcp-server-appwrite --transport http
-```
+
+OpenCode
-For local self-hosted stdio development, run with API-key credentials:
+Edit `opencode.json` (project) or `~/.config/opencode/opencode.json` (global).
-```bash
-APPWRITE_ENDPOINT=http://localhost:9501/v1 \
-APPWRITE_PROJECT_ID= \
-APPWRITE_API_KEY= \
-uv run mcp-server-appwrite
+```json
+{
+ "$schema": "https://opencode.ai/config.json",
+ "mcp": {
+ "appwrite": {
+ "type": "remote",
+ "url": "https://mcp.appwrite.io/mcp",
+ "enabled": true
+ }
+ }
+}
```
-## Testing
+
-### Unit tests
+
+Windsurf
-```bash
-uv run python -m unittest discover -s tests/unit -v
-```
+Edit `~/.codeium/windsurf/mcp_config.json`.
-### Live integration tests
-
-These create and delete real Appwrite resources against a real project. They authenticate to the Appwrite API with an API key supplied via the environment or `.env` (`APPWRITE_PROJECT_ID`, `APPWRITE_API_KEY`, `APPWRITE_ENDPOINT`) and are skipped when no credentials are present.
-
-```bash
-uv run --extra integration python -m unittest discover -s tests/integration -v
+```json
+{
+ "mcpServers": {
+ "appwrite": {
+ "serverUrl": "https://mcp.appwrite.io/mcp"
+ }
+ }
+}
```
-## Debugging
+
-Use the MCP Inspector against a running server URL:
+## Self-hosted Appwrite
-```bash
-npx @modelcontextprotocol/inspector
-```
+Running your own Appwrite instance? Run the MCP server locally over `stdio` and
+authenticate with a project API key. See [docs/self-hosted.md](docs/self-hosted.md)
+for per-client setup.
-Point it at `https://mcp.appwrite.io/mcp` and complete the OAuth flow when prompted.
+## Documentation
-For self-hosted stdio debugging, start Inspector in stdio mode and use `uv run mcp-server-appwrite` as the command with the `APPWRITE_*` environment variables above.
+- [Tool surface](docs/tool-surface.md) — the tools exposed to the model and the
+ internal Appwrite catalog.
+- [How Cloud authentication works](docs/authentication.md) — the OAuth 2.1 flow.
+- [Documentation search](docs/documentation-search.md) — the in-process
+ `appwrite_search_docs` tool and how to rebuild its index.
+- [Self-hosted Appwrite](docs/self-hosted.md) — run the server locally with a
+ project API key.
+- [Local development](docs/development.md) — running, testing, and debugging the
+ server locally.
+- [AGENTS.md](AGENTS.md) — full contributor guide and pre-PR checklist.
## License
-This MCP server is licensed under the MIT License. This means you are free to use, modify, and distribute the software, subject to the terms and conditions of the MIT License. For more details, please see the LICENSE file in the project repository.
+This MCP server is licensed under the MIT License. See the [LICENSE](LICENSE) file
+for details.
diff --git a/docs/authentication.md b/docs/authentication.md
new file mode 100644
index 0000000..38684dc
--- /dev/null
+++ b/docs/authentication.md
@@ -0,0 +1,39 @@
+# How Cloud authentication works
+
+Appwrite Cloud is a hosted
+[OAuth 2.1 Resource Server](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization)
+served over MCP
+[Streamable HTTP](https://modelcontextprotocol.io/specification/2025-06-18/basic/transports).
+On every request it validates the client's bearer token and forwards it to the
+Appwrite REST API, which accepts the OAuth2 access token directly.
+
+## The flow
+
+MCP-aware clients run this automatically:
+
+```mermaid
+sequenceDiagram
+ participant C as MCP Client
+ participant S as MCP Server (/mcp)
+ participant A as Appwrite OAuth Server
+ participant API as Appwrite REST API
+
+ C->>S: GET /mcp (no token)
+ S-->>C: 401 + WWW-Authenticate → metadata URL
+ C->>S: GET /.well-known/oauth-protected-resource/mcp
+ S-->>C: auth server + scopes (RFC 9728)
+ C->>A: Discover (RFC 8414 / OIDC)
+ C->>A: Self-register as public PKCE client (RFC 7591)
+ A-->>C: client_id (no secret to pre-provision)
+ C->>A: OAuth 2.1 + PKCE auth-code flow (RFC 8707 resource)
+ A-->>C: access token (audience bound to this server)
+ C->>S: GET /mcp + Authorization: Bearer
+ S->>API: Forward bearer token
+ API-->>S: Response
+ S-->>C: Response
+```
+
+The key detail is that clients **self-register** — the auth server exposes an open
+`registration_endpoint` (RFC 7591), so there's no client ID or secret to
+pre-provision. Everything else is standard OAuth 2.1 + PKCE, with the RFC 8707
+resource indicator binding each token's audience to this server.
diff --git a/docs/development.md b/docs/development.md
new file mode 100644
index 0000000..622f6fc
--- /dev/null
+++ b/docs/development.md
@@ -0,0 +1,74 @@
+# Local development
+
+> Full contributor guide — architecture, conventions, and the pre-PR checklist
+> that mirrors CI — lives in [AGENTS.md](../AGENTS.md).
+
+## Clone and install `uv`
+
+```bash
+git clone https://github.com/appwrite/mcp.git
+cd mcp
+# Linux / macOS
+curl -LsSf https://astral.sh/uv/install.sh | sh
+# Windows (PowerShell)
+# powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"
+```
+
+## Transports at a glance
+
+| Transport | Auth | Use case |
+| --- | --- | --- |
+| `http` (hosted) | OAuth 2.1 bearer token | Cloud / production parity |
+| `stdio` (self-hosted) | Project API key | Local self-hosted dev |
+
+## Run the server
+
+**Docker Compose** — hosted HTTP/OAuth transport, endpoint at
+`http://localhost:8000/mcp` (default `MCP_PUBLIC_URL=http://localhost:8000`):
+
+```bash
+docker compose up --build
+```
+
+> To enable docs search locally, set `OPENAI_API_KEY` in your shell or `.env`
+> before running Compose.
+
+**`uv` directly — HTTP:**
+
+```bash
+MCP_PUBLIC_URL=http://localhost:8000 APPWRITE_ENDPOINT=https://cloud.appwrite.io/v1 \
+ uv run mcp-server-appwrite --transport http
+```
+
+**`uv` directly — self-hosted stdio:**
+
+```bash
+APPWRITE_ENDPOINT=http://localhost:9501/v1 \
+APPWRITE_PROJECT_ID= \
+APPWRITE_API_KEY= \
+ uv run mcp-server-appwrite
+```
+
+## Testing
+
+| Suite | Command | Needs credentials |
+| --- | --- | --- |
+| Unit | `uv run python -m unittest discover -s tests/unit -v` | No |
+| Integration | `uv run --extra integration python -m unittest discover -s tests/integration -v` | Yes |
+
+Integration tests create and delete **real** Appwrite resources. They
+authenticate via `APPWRITE_PROJECT_ID`, `APPWRITE_API_KEY`, `APPWRITE_ENDPOINT`
+(shell or `.env`) and are skipped when no credentials are present.
+
+## Debugging
+
+Run the MCP Inspector against a server:
+
+```bash
+npx @modelcontextprotocol/inspector
+```
+
+To debug the hosted transport, point it at `https://mcp.appwrite.io/mcp` and
+complete the OAuth flow when prompted. For self-hosted, start the Inspector in
+stdio mode with `uv run mcp-server-appwrite` as the command and the `APPWRITE_*`
+env vars above.
diff --git a/docs/documentation-search.md b/docs/documentation-search.md
new file mode 100644
index 0000000..875de70
--- /dev/null
+++ b/docs/documentation-search.md
@@ -0,0 +1,36 @@
+# Documentation search
+
+`appwrite_search_docs` runs semantic search over the Appwrite documentation
+entirely in-process (replacing the standalone docs MCP server). It needs no
+`project_id`. Each query is embedded with OpenAI's `text-embedding-3-small` model,
+matched against a prebuilt index by cosine similarity, and the top-ranked pages
+are returned with their full content.
+
+The index is a small committed artifact under `src/mcp_server_appwrite/data/`
+(`docs_index.npz` + `docs_index_meta.json`), shipped in the image. The tool
+registers **only** when both the artifact and `OPENAI_API_KEY` are available;
+otherwise the server boots without it.
+
+## Runtime configuration
+
+| Variable | Required | Default | Purpose |
+| --- | --- | --- | --- |
+| `OPENAI_API_KEY` | Yes | — | Embeds each incoming query (one OpenAI call per search). |
+| `DOCS_SEARCH_MIN_SCORE` | No | `0.25` | Minimum cosine score for a match. |
+| `DOCS_SEARCH_LIMIT` | No | `5` (max `10`) | Default max pages returned. |
+
+## Rebuilding the index
+
+Re-run when the docs change, then commit the refreshed artifact:
+
+```bash
+OPENAI_API_KEY=sk-... uv run python scripts/build_docs_index.py
+```
+
+The script pulls the docs from the `appwrite/website` repo, chunks each page,
+embeds the chunks, and writes the artifact to `data/`. Optional build env vars:
+
+| Variable | Default | Purpose |
+| --- | --- | --- |
+| `DOCS_WEBSITE_REF` | `main` | Git ref to pull docs from. |
+| `DOCS_EMBED_BATCH` | `100` | Embedding batch size. |
diff --git a/docs/self-hosted.md b/docs/self-hosted.md
new file mode 100644
index 0000000..dc220b0
--- /dev/null
+++ b/docs/self-hosted.md
@@ -0,0 +1,176 @@
+# Self-hosted Appwrite
+
+Running your own Appwrite instance? Run the MCP server locally over `stdio` and
+authenticate with a project API key instead of OAuth.
+
+## Setup
+
+1. In your Appwrite Console, create a project API key with the scopes you want the
+ server to use.
+2. Add the server to your client using the config below, replacing the
+ placeholders:
+ - `` — your Appwrite project ID.
+ - `` — the API key you just created.
+ - `` — your instance domain, e.g. `localhost:9501` for a
+ local Docker setup.
+
+Self-hosted runs use `uvx`, so make sure [`uv`](https://docs.astral.sh/uv/) is
+installed and on your `PATH`. `stdio` is the default transport for the package
+command. The server validates the endpoint, project ID, API key, and at least one
+supported service at startup, and fails before accepting tool calls if anything is
+wrong.
+
+## Connect your client
+
+
+Claude Code
+
+```bash
+claude mcp add appwrite \
+ --env APPWRITE_PROJECT_ID= \
+ --env APPWRITE_API_KEY= \
+ --env APPWRITE_ENDPOINT=https:///v1 \
+ -- uvx mcp-server-appwrite
+```
+
+
+
+
+Claude Desktop
+
+Edit your config via **Settings → Developer → Edit Config**
+(`~/Library/Application Support/Claude/claude_desktop_config.json` on macOS,
+`%APPDATA%\Claude\claude_desktop_config.json` on Windows), then fully restart the
+app.
+
+```json
+{
+ "mcpServers": {
+ "appwrite": {
+ "command": "uvx",
+ "args": ["mcp-server-appwrite"],
+ "env": {
+ "APPWRITE_PROJECT_ID": "",
+ "APPWRITE_API_KEY": "",
+ "APPWRITE_ENDPOINT": "https:///v1"
+ }
+ }
+ }
+}
+```
+
+
+
+
+Cursor
+
+Edit `~/.cursor/mcp.json` (global) or `.cursor/mcp.json` (project).
+
+```json
+{
+ "mcpServers": {
+ "appwrite": {
+ "command": "uvx",
+ "args": ["mcp-server-appwrite"],
+ "env": {
+ "APPWRITE_PROJECT_ID": "",
+ "APPWRITE_API_KEY": "",
+ "APPWRITE_ENDPOINT": "https:///v1"
+ }
+ }
+ }
+}
+```
+
+
+
+
+VS Code (GitHub Copilot)
+
+Edit `.vscode/mcp.json` (workspace) or your user configuration via the Command
+Palette → **MCP: Open User Configuration**.
+
+```json
+{
+ "servers": {
+ "appwrite": {
+ "type": "stdio",
+ "command": "uvx",
+ "args": ["mcp-server-appwrite"],
+ "env": {
+ "APPWRITE_PROJECT_ID": "",
+ "APPWRITE_API_KEY": "",
+ "APPWRITE_ENDPOINT": "https:///v1"
+ }
+ }
+ }
+}
+```
+
+
+
+
+Codex
+
+Edit `~/.codex/config.toml`.
+
+```toml
+[mcp_servers.appwrite]
+command = "uvx"
+args = ["mcp-server-appwrite"]
+
+[mcp_servers.appwrite.env]
+APPWRITE_PROJECT_ID = ""
+APPWRITE_API_KEY = ""
+APPWRITE_ENDPOINT = "https:///v1"
+```
+
+
+
+
+OpenCode
+
+Edit `opencode.json` (project) or `~/.config/opencode/opencode.json` (global).
+
+```json
+{
+ "$schema": "https://opencode.ai/config.json",
+ "mcp": {
+ "appwrite": {
+ "type": "local",
+ "command": ["uvx", "mcp-server-appwrite"],
+ "enabled": true,
+ "environment": {
+ "APPWRITE_PROJECT_ID": "",
+ "APPWRITE_API_KEY": "",
+ "APPWRITE_ENDPOINT": "https:///v1"
+ }
+ }
+ }
+}
+```
+
+
+
+
+Windsurf
+
+Edit `~/.codeium/windsurf/mcp_config.json`.
+
+```json
+{
+ "mcpServers": {
+ "appwrite": {
+ "command": "uvx",
+ "args": ["mcp-server-appwrite"],
+ "env": {
+ "APPWRITE_PROJECT_ID": "",
+ "APPWRITE_API_KEY": "",
+ "APPWRITE_ENDPOINT": "https:///v1"
+ }
+ }
+ }
+}
+```
+
+
diff --git a/docs/tool-surface.md b/docs/tool-surface.md
new file mode 100644
index 0000000..517c5f7
--- /dev/null
+++ b/docs/tool-surface.md
@@ -0,0 +1,49 @@
+# Tool surface
+
+The server boots in a compact workflow: the MCP client sees a small
+operator-style surface while the full Appwrite catalog stays internal and is
+searched at runtime.
+
+```mermaid
+flowchart LR
+ M[Model] -->|sees| E
+
+ subgraph E[Exposed surface — up to 4 tools]
+ C[appwrite_get_context]
+ ST[appwrite_search_tools]
+ CT[appwrite_call_tool]
+ SD[appwrite_search_docs *]
+ end
+
+ ST -.searches.-> CAT
+ CT -.invokes.-> CAT
+
+ subgraph CAT[Internal catalog — 25 services]
+ direction LR
+ K[account · databases · functions
storage · teams · users · …]
+ end
+
+ CT -->|large output| R[(MCP resource
preview + URI)]
+```
+
+`*` `appwrite_search_docs` is registered only when the docs index **and**
+`OPENAI_API_KEY` are present — see [Documentation search](documentation-search.md).
+
+## Exposed tools
+
+| Tool | What it does |
+| --- | --- |
+| `appwrite_get_context` | Workspace summary. API key → project + readable service totals/samples. OAuth → also account, organization, discovered projects. |
+| `appwrite_search_tools` | Searches the internal catalog at runtime. |
+| `appwrite_call_tool` | Invokes a catalog tool. Mutating calls require `confirm_write=true`. |
+| `appwrite_search_docs` | Semantic search over Appwrite docs (conditional — see above). |
+
+## Behavior
+
+- **Large outputs** are stored as an MCP resource and returned as preview text
+ plus a resource URI.
+- **Writes** through hidden mutating tools require `confirm_write=true`.
+- **Access** is gated per-route by the scopes the OAuth token was granted, not by
+ the catalog.
+- **Registration** is automatic — every service the installed SDK ships becomes a
+ catalog entry.
diff --git a/images/appwrite-logo-darkbg.png b/images/appwrite-logo-darkbg.png
deleted file mode 100644
index aedb30e..0000000
Binary files a/images/appwrite-logo-darkbg.png and /dev/null differ
diff --git a/images/appwrite-logo-lightbg.png b/images/appwrite-logo-lightbg.png
deleted file mode 100644
index 16d5fe3..0000000
Binary files a/images/appwrite-logo-lightbg.png and /dev/null differ
diff --git a/images/claude-desktop-integration.png b/images/claude-desktop-integration.png
deleted file mode 100644
index 5036897..0000000
Binary files a/images/claude-desktop-integration.png and /dev/null differ
diff --git a/images/cursor-integration.png b/images/cursor-integration.png
deleted file mode 100644
index b122908..0000000
Binary files a/images/cursor-integration.png and /dev/null differ
diff --git a/images/vs-code-integration.png b/images/vs-code-integration.png
deleted file mode 100644
index fd78495..0000000
Binary files a/images/vs-code-integration.png and /dev/null differ
diff --git a/images/windsurf-integration.png b/images/windsurf-integration.png
deleted file mode 100644
index 8a2da16..0000000
Binary files a/images/windsurf-integration.png and /dev/null differ