Keep operational actions, support tools, and higher-privilege capabilities inside this surface so auth rules, navigation, and logging remain separate from customer-facing dashboard work.