Toolhub's design document envisions combining "owner" created data in the form of toolinfo.json data files (or local in-app equivlalent) with "annotations" that users of the website add to augment the owner provided data. There are also many ideas in the roadmap for creating "collections" of tools.
Where there is free form text content, there will be vandalism. This is an Internet truism that Wikimedians are well aware of. MediaWiki includes many components to help support patrolling content submissions. Toolhub will need systems for this as well, but what systems? How can we make the process of patrolling Toolhub feel friendly to folks who are used to doing content patrolling with MediaWiki?
* All edits will be made by authenticated users. No anon edits will be allowed.
* Authentication will be tied to Wikimedia OAuth and by extension SUL accounts.
* Content that can be edited will have various levels of "protection" ranging from any authenticated user can edit to only the original content creator (or an admin) can edit.
** View edit history for a toolinfo record (like action=history in MediaWiki)
** View edit history for an individual editor (like Special:Contributions in MediaWiki)
** View edit history for all toolinfo records (like Special:RecentChanges in MediaWiki)
** View audit log for administrative actions, possibly partially redacted depending on action (like Special:Log in MediaWiki)
* **Authenticated users**
** Undo an edit (like action=edit&undo=<revid> in MediaWiki)
** Revert content to a prior good edit (not sure that there is a MediaWiki exact match for this)
** Mark an edit as reviewed/patrolled (like action=markpatrolled in MediaWiki)
** Work queue/edit history filter showing edits that have not been reviewed (like the **!** marker in Special:RecentChanges)
** Suppress an edit (like Special:RevisionDelete in MediaWiki)
* **Global CheckUsers**
** Request that backend administrators with access to non-public activity log information gather information on IP addresses involved in an edit, or edits made from a range of IP addresses