When to Use - Creating, altering, suspending, or dropping users - Creating roles, granting/revoking role membership - Granting/denying/revoking graph, database, or DBMS privileges - Inspecting current privileges ( ) - Implementing property-level access control (read/write per property) - Setting up ABAC rules against OIDC claims - Referencing LDAP/SSO auth provider configuration When NOT to Use - Writing Cypher queries against application data → - Cluster ops, backups, server config → - Driver connection setup → --- MCP Write Gate — MANDATORY Before executing ANY of the following, show the pl…