Typed MCP tools from a Go struct

forge-mcp generates a complete set of typed MCP tools from every content type you register. This is the operations layer -- the complement to the AI reading formats described in D1.

Release Date 30 April 2026
MCPCORE

D1 described the reading layer: the formats that let an AI agent index, fetch, and read your content. This is the operations layer: the tools that let an agent create, update, publish, and archive it.

The two layers are complementary. An agent can read your content index via /llms.txt, identify what needs updating, fetch the item via /{slug}.aidoc, and submit the change via MCP -- all within a single session, all within the access boundaries you set.

From struct to tools

Registering a content type with forge-mcp generates a complete tool set automatically. For a Post struct:

type Post struct {
    forge.Node
    Title   string `forge:"required,min=3"  forge_description:"The headline of the post"`
    Excerpt string `forge:"required"         forge_description:"1-2 sentences for the devlog list and meta description"`
    Body    string `forge:"required"         forge_format:"markdown"`
    Tags    []string
}

The generated tools:

create_post    update_post    publish_post
archive_post   list_posts     get_post

Tool names are derived from the struct name (lowercase). Every registered content type gets the same complete set. You do not write tool definitions.

The MCP handshake

When the client sends initialize, Forge responds with capabilities and the full tool list derived from all registered content types. The tool schemas include field types, validation constraints, and the forge_description and forge_format annotations from the struct tags -- no separate schema definition required.

The agent sees a complete, self-describing tool surface. What a field is for and what format it expects is in the schema, not in a system prompt.

Authentication and role enforcement

Every MCP call carries a bearer token in the Authorization header. The role encoded in the token determines which tools are available:

RoleAvailable tools
Authorcreate, update, list, get
Editor+ publish, archive
Admin+ token management

There is no MCP-specific access path. The role enforcement is the same code that handles HTTP API calls and browser form submissions. An agent operating with an Author token cannot publish, regardless of what it is instructed to do.

This is the same point made for the reading layer: the agent operates within boundaries enforced by the framework, not by convention or prompt instruction.

Navigation tools

forge-mcp also generates tools for NavTree management when nav_mode: db is set:

create_nav_item    update_nav_item
delete_nav_item    list_nav_items

These require Editor role or above. An agent that manages content can also manage the navigation structure that surfaces it -- through the same access model.

The operations layer

The reading layer (D1) and the operations layer (D7) together cover what AI-native means for content management: agents that can understand your content, navigate it, and act on it -- all within the same rules that govern your human operators.