diff --git a/docs/src/content/docs/tools/cli.md b/docs/src/content/docs/tools/cli.md
index a2f3256ba5..bef9130b14 100644
--- a/docs/src/content/docs/tools/cli.md
+++ b/docs/src/content/docs/tools/cli.md
@@ -170,8 +170,17 @@ gh aw logs --engine claude --branch main
 gh aw logs --after-run-id 1000 --before-run-id 2000
 gh aw logs --no-staged --tool-graph       # Exclude staged runs, generate Mermaid graph
 gh aw logs --parse --verbose --json       # Parse logs to markdown, output JSON
+gh aw logs --timeout 60                   # Limit execution to 60 seconds
 ```
 
+**Timeout Option:**
+
+The `--timeout` flag limits log download execution time (in seconds). When the timeout is reached, the command processes already-downloaded runs and returns partial results. Set to `0` for no timeout (default). The MCP server uses a 50-second default timeout automatically.
+
+**Caching and Performance:**
+
+Downloaded runs are cached with a `run_summary.json` file in each run folder. Subsequent `logs` commands reuse cached data for faster reprocessing (~10-100x faster), unless the CLI version changes.
+
 Metrics include execution duration, token consumption, costs, success/failure rates, and resource usage trends.
 
 **Log Parsing and JSON Output:**
@@ -185,10 +194,24 @@ Generate concise markdown reports for individual workflow runs with smart permis
 
 ```bash
 gh aw audit 12345678                                            # By run ID
-gh aw audit https://github.com/owner/repo/actions/runs/123      # By URL
+gh aw audit https://github.com/owner/repo/actions/runs/123      # By URL from any repo
+gh aw audit https://github.example.com/org/repo/runs/456        # GitHub Enterprise URL
 gh aw audit 12345678 -o ./audit-reports -v
+gh aw audit 12345678 --parse                                    # Parse logs to markdown
 ```
 
+**URL Support:**
+
+The audit command accepts workflow run URLs from any repository and GitHub instance:
+- Standard URLs: `https://github.com/owner/repo/actions/runs/12345`
+- Workflow run URLs: `https://github.com/owner/repo/runs/12345`
+- Job URLs: `https://github.com/owner/repo/actions/runs/12345/job/98765`
+- GitHub Enterprise: `https://github.example.com/org/repo/actions/runs/99999`
+
+**Options:**
+
+- `--parse`: Generates detailed `log.md` files with tool calls and reasoning extracted by engine-specific parsers
+
 The audit command checks local cache first (`logs/run-{id}`), then attempts download. On permission errors, it provides MCP server instructions for artifact downloads. Reports include overview, metrics, tool usage, MCP failures, and available artifacts.
 
 ### MCP Server Management
diff --git a/docs/src/content/docs/tools/mcp-server.md b/docs/src/content/docs/tools/mcp-server.md
index c64928b6ea..2c8d08f97f 100644
--- a/docs/src/content/docs/tools/mcp-server.md
+++ b/docs/src/content/docs/tools/mcp-server.md
@@ -69,10 +69,48 @@ The MCP server provides these tools:
 
 - **status** - List workflows with optional pattern filter
 - **compile** - Compile workflows to GitHub Actions YAML
-- **logs** - Download workflow logs (saved to `/tmp/gh-aw/aw-mcp/logs`)
+- **logs** - Download workflow logs with automatic timeout handling and continuation support
 - **audit** - Generate detailed workflow run report (saved to `/tmp/gh-aw/aw-mcp/logs`)
 - **mcp-inspect** - Inspect MCP servers in workflows and validate secrets
 
+### Logs Tool Features
+
+**Timeout and Continuation:**
+
+The logs tool uses a 50-second default timeout to prevent MCP server timeouts when downloading large workflow runs. When a timeout occurs, the tool returns partial results with a `continuation` field containing parameters to resume fetching:
+
+```json
+{
+  "summary": { "total_runs": 5 },
+  "runs": [ ... ],
+  "continuation": {
+    "message": "Timeout reached. Use these parameters to continue fetching more logs.",
+    "workflow_name": "weekly-research",
+    "count": 100,
+    "before_run_id": 12341,
+    "timeout": 50
+  }
+}
+```
+
+Agents can detect incomplete data by checking for the `continuation` field and make follow-up calls with the provided `before_run_id` to fetch remaining logs.
+
+**Large Output Handling:**
+
+When tool outputs exceed 16,000 tokens (~64KB), the MCP server automatically writes content to `/tmp/gh-aw/safe-outputs/` and returns a JSON response with file location and schema description:
+
+```json
+{
+  "filename": "bb28168fe5604623b804546db0e8c90eaf9e8dcd0f418761787d5159198b4fd8.json",
+  "description": "[{id, name, data}] (2000 items)"
+}
+```
+
+Schema descriptions help agents understand data structure:
+- JSON arrays: `[{key1, key2}] (N items)`
+- JSON objects: `{key1, key2, ...} (N keys)`
+- Text content: `text content`
+
 ## Example Prompt
 
 ```markdown