Critical Defect: Conf Update API + Rovo MCP Connector Silently Destroys Page Content on Title-Only Updates
To the Atlassian Rovo and Confluence API Teams,
I am reporting a critical data loss defect in the Confluence update API as exposed through the Atlassian Rovo MCP connector for Claude. This has already caused destructive content loss in a production workspace.
WHAT HAPPENED
I used Claude via the Atlassian Rovo MCP connector to rename and reorganize pages in my Confluence workspace. Claude sent update calls that changed the title but did not include the body field. The Confluence API interpreted the missing body as an instruction to clear the page content. Every page that was renamed had its entire body silently deleted. Multiple pages were destroyed in sequence. Content was only recoverable through Confluence page history.
THE API DESIGN PROBLEM
The Confluence update endpoint treats an omitted body field as "set body to empty" rather than "leave body unchanged." This is destructive-by-default behavior. Standard PATCH semantics across the industry treat omitted fields as "no change." The current design means that any API consumer — human developer or AI agent — that sends a title-only update will silently destroy the page content. This is especially dangerous now that AI agents are primary consumers of this API through MCP.
THE MCP CONNECTOR PROBLEM
The Rovo MCP connector passes update calls through to the API with no safety validation. There is no check that compares the outgoing payload against the existing page state. A call that would reduce a page from 15,000 characters to 0 executes without any warning, confirmation prompt, or block.
WHAT NEEDS TO CHANGE (Atlassian side)
- API behavior: The update endpoint should treat an omitted body field as "no change," not "clear the body." Clearing content should require an explicit flag or a deliberately empty body with a confirmation parameter. This is the single most important fix.
- MCP connector guardrails: The connector should include pre-flight validation that blocks updates where the body would be reduced by more than a configurable threshold (e.g., 50%) without explicit override. It should also take an automatic version snapshot before any write operation.
- Connector-level safety policies: The MCP connector should ship with built-in rules that prevent known destructive patterns, rather than relying on AI model instructions to avoid them.
I have also filed a parallel report with Anthropic regarding Claude's handling of the update calls and the lack of tool-level safety policy infrastructure.
Thank you for your urgent attention.
Ryan
