@privacyscrubber/mcp-server 1.0.2 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.well-known/mcp/server-card.json +60 -0
- package/README.md +25 -130
- package/bundle.mcpb +0 -0
- package/index.js +2 -44
- package/manifest.json +54 -2
- package/package.json +11 -2
- package/scrubber-core.cjs +1 -1
- package/server.json +3 -3
- package/smithery.yaml +1 -1
- package/CONTRIBUTING.md +0 -52
- package/SECURITY.md +0 -30
- package/llms.txt +0 -37
- package/test-mcp-deep.js +0 -209
- package/test-mcp.js +0 -114
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
{
|
|
2
|
+
"serverInfo": {
|
|
3
|
+
"name": "privacyscrubber/pii-masking-mcp",
|
|
4
|
+
"version": "1.0.4"
|
|
5
|
+
},
|
|
6
|
+
"tools": [
|
|
7
|
+
{
|
|
8
|
+
"name": "sanitize_text",
|
|
9
|
+
"description": "Locally scrubs PII, secrets, and credentials (like API keys, passwords, emails, phones, names) from code, logs, or text. Replaces them with safe placeholders (e.g., [EMAIL_1], [API_KEY_1]). Keep your data secure before passing it to any LLM.",
|
|
10
|
+
"inputSchema": {
|
|
11
|
+
"type": "object",
|
|
12
|
+
"properties": {
|
|
13
|
+
"text": {
|
|
14
|
+
"type": "string",
|
|
15
|
+
"description": "The raw text, code, or logs to sanitize."
|
|
16
|
+
},
|
|
17
|
+
"profile": {
|
|
18
|
+
"type": "string",
|
|
19
|
+
"description": "The detection profile to use. Available: 'General' (Free), or PRO profiles. Defaults to 'General'."
|
|
20
|
+
}
|
|
21
|
+
},
|
|
22
|
+
"required": ["text"]
|
|
23
|
+
}
|
|
24
|
+
},
|
|
25
|
+
{
|
|
26
|
+
"name": "reveal_text",
|
|
27
|
+
"description": "Replaces masked tokens (e.g., [EMAIL_1], [API_KEY_1]) in the LLM's response back with the original private data from the local volatile RAM-only session map.",
|
|
28
|
+
"inputSchema": {
|
|
29
|
+
"type": "object",
|
|
30
|
+
"properties": {
|
|
31
|
+
"text": {
|
|
32
|
+
"type": "string",
|
|
33
|
+
"description": "The AI generated response containing placeholders to restore."
|
|
34
|
+
}
|
|
35
|
+
},
|
|
36
|
+
"required": ["text"]
|
|
37
|
+
}
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
"name": "sanitize_file",
|
|
41
|
+
"description": "Reads a local file, sanitizes its contents using the selected profile, and outputs the safe version for AI analysis. Securely keeps original identifiers in memory.",
|
|
42
|
+
"inputSchema": {
|
|
43
|
+
"type": "object",
|
|
44
|
+
"properties": {
|
|
45
|
+
"file_path": {
|
|
46
|
+
"type": "string",
|
|
47
|
+
"description": "Absolute path to the file to sanitize."
|
|
48
|
+
},
|
|
49
|
+
"profile": {
|
|
50
|
+
"type": "string",
|
|
51
|
+
"description": "The detection profile to use. Available: 'General' (Free), or PRO profiles. Defaults to 'General'."
|
|
52
|
+
}
|
|
53
|
+
},
|
|
54
|
+
"required": ["file_path"]
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
],
|
|
58
|
+
"resources": [],
|
|
59
|
+
"prompts": []
|
|
60
|
+
}
|
package/README.md
CHANGED
|
@@ -1,53 +1,28 @@
|
|
|
1
|
-
#
|
|
1
|
+
# PrivacyScrubber MCP Server v1.0.3
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
[](https://opensource.org/licenses/MIT)
|
|
5
|
-
[](https://smithery.ai/server/@privacyscrubber/mcp-server)
|
|
6
|
-
[](https://privacyscrubber.com)
|
|
7
|
-
[](https://privacyscrubber.com)
|
|
3
|
+
Zero-Trust Data Sanitization (ZTDS) Model Context Protocol (MCP) server for local PII and secrets masking.
|
|
8
4
|
|
|
9
|
-
|
|
10
|
-
|
|
5
|
+
## What's New in v1.0.3
|
|
6
|
+
- **Robust Configuration Parsing**: Protected Smithery integration hooks from undefined configuration objects, ensuring reliable initialization across all MCP clients (Claude Desktop, Cursor, Windsurf).
|
|
7
|
+
- **Microsoft Word (.docx) Support**: Enhanced the `sanitize_file` tool to parse and redact sensitive information from Word documents locally.
|
|
8
|
+
- **Unified Branding & Metadata**: Corrected repository fields and aligned server identity across NPM, Smithery, and Glama registries.
|
|
9
|
+
- **Enhanced Scanner Discovery**: Implemented static `server-card.json` configurations to support automated registry scanning.
|
|
11
10
|
|
|
12
|
-
|
|
11
|
+
## Key Features & Security Guarantees
|
|
12
|
+
- **100% Local Processing**: All regex scanning, PII tokenization, and reverse-scrubbing occur directly in your machine's RAM.
|
|
13
|
+
- **Airplane Mode Verified**: Fully operational without an internet connection after the initial download.
|
|
14
|
+
- **Zero Server Logs**: No data, credentials, or prompts are sent to external APIs or remote databases.
|
|
13
15
|
|
|
14
|
-
##
|
|
15
|
-
|
|
16
|
-
All sensitive parameters, identifiers, and variables are intercepted locally inside your machine's RAM. They are replaced by tokens (e.g. `[EMAIL_1]`) before being sent to the AI. Once the AI responds, the tokens are safely swapped back to original values in your local context.
|
|
17
|
-
|
|
18
|
-
```text
|
|
19
|
-
[Raw Input / Files] ──> [MCP sanitize_text] ──> [Masked Tokens] ──> [LLM API]
|
|
20
|
-
│ │
|
|
21
|
-
(In-Memory Map) (Result)
|
|
22
|
-
│ │
|
|
23
|
-
[Original Output] <─── [MCP reveal_text] <─────────────────────────────┘
|
|
24
|
-
```
|
|
25
|
-
|
|
26
|
-
---
|
|
27
|
-
|
|
28
|
-
## 🚀 Installation
|
|
29
|
-
|
|
30
|
-
### 1. Install via Smithery
|
|
31
|
-
To automatically configure and run with your preferred client, install using Smithery:
|
|
32
|
-
```bash
|
|
33
|
-
npx -y @smithery/cli install @privacyscrubber/mcp-server --write-to-clients
|
|
34
|
-
```
|
|
35
|
-
|
|
36
|
-
### 2. Instant Run with NPX
|
|
37
|
-
Run the server directly without local installation:
|
|
16
|
+
## Quick Start
|
|
17
|
+
Run the server instantly without local installation:
|
|
38
18
|
```bash
|
|
39
19
|
npx -y @privacyscrubber/mcp-server
|
|
40
20
|
```
|
|
41
21
|
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
## ⚙️ Client Integrations
|
|
22
|
+
## Client Integration Examples
|
|
45
23
|
|
|
46
24
|
### Claude Desktop
|
|
47
|
-
Add
|
|
48
|
-
* **macOS:** `~/Library/Application Support/Claude/claude_desktop_config.json`
|
|
49
|
-
* **Windows:** `%APPDATA%\Claude\claude_desktop_config.json`
|
|
50
|
-
|
|
25
|
+
Add to your `claude_desktop_config.json`:
|
|
51
26
|
```json
|
|
52
27
|
{
|
|
53
28
|
"mcpServers": {
|
|
@@ -63,93 +38,13 @@ Add this to your Claude Desktop config file:
|
|
|
63
38
|
```
|
|
64
39
|
|
|
65
40
|
### Cursor / Windsurf
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
### 1. `sanitize_text`
|
|
78
|
-
Redacts PII, secrets, API keys, and credentials from a text block and populates the volatile local replacement mapping.
|
|
79
|
-
|
|
80
|
-
* **Arguments:**
|
|
81
|
-
* `text` (string, required): The raw content or logs to sanitize.
|
|
82
|
-
* `profile` (string, optional): Gated industry detection profile (e.g., 'General', 'Dev', 'Medical', 'Legal', 'Compliance'). Defaults to 'General'.
|
|
83
|
-
* **JSON-RPC Call Example:**
|
|
84
|
-
```json
|
|
85
|
-
{
|
|
86
|
-
"method": "tools/call",
|
|
87
|
-
"params": {
|
|
88
|
-
"name": "sanitize_text",
|
|
89
|
-
"arguments": {
|
|
90
|
-
"text": "Contact me at dev-key-1234 or jane.doe@company.com",
|
|
91
|
-
"profile": "General"
|
|
92
|
-
}
|
|
93
|
-
}
|
|
94
|
-
}
|
|
95
|
-
```
|
|
96
|
-
* **Response Example:**
|
|
97
|
-
```json
|
|
98
|
-
{
|
|
99
|
-
"content": [
|
|
100
|
-
{
|
|
101
|
-
"type": "text",
|
|
102
|
-
"text": "Contact me at [SECRET_1] or [EMAIL_1]"
|
|
103
|
-
}
|
|
104
|
-
]
|
|
105
|
-
}
|
|
106
|
-
```
|
|
107
|
-
|
|
108
|
-
### 2. `reveal_text`
|
|
109
|
-
Detokenizes the AI response back to the original values locally.
|
|
110
|
-
|
|
111
|
-
* **Arguments:**
|
|
112
|
-
* `text` (string, required): The response from the LLM containing tokenized placeholders.
|
|
113
|
-
* **JSON-RPC Call Example:**
|
|
114
|
-
```json
|
|
115
|
-
{
|
|
116
|
-
"method": "tools/call",
|
|
117
|
-
"params": {
|
|
118
|
-
"name": "reveal_text",
|
|
119
|
-
"arguments": {
|
|
120
|
-
"text": "Please reach out to [EMAIL_1] regarding the update."
|
|
121
|
-
}
|
|
122
|
-
}
|
|
123
|
-
}
|
|
124
|
-
```
|
|
125
|
-
* **Response Example:**
|
|
126
|
-
```json
|
|
127
|
-
{
|
|
128
|
-
"content": [
|
|
129
|
-
{
|
|
130
|
-
"type": "text",
|
|
131
|
-
"text": "Please reach out to jane.doe@company.com regarding the update."
|
|
132
|
-
}
|
|
133
|
-
]
|
|
134
|
-
}
|
|
135
|
-
```
|
|
136
|
-
|
|
137
|
-
### 3. `sanitize_file`
|
|
138
|
-
Reads a local file, extracts text, sanitizes it, and returns the redacted template for LLM analysis.
|
|
139
|
-
* **Supported Formats:** Plain text (source code, logs, CSV, JSON, markdown) and Microsoft Word (`.docx`) documents.
|
|
140
|
-
* **Arguments:**
|
|
141
|
-
* `filePath` (string, required): Absolute file path to read and sanitize.
|
|
142
|
-
* `profile` (string, optional): The industry detection profile.
|
|
143
|
-
|
|
144
|
-
---
|
|
145
|
-
|
|
146
|
-
## 🌐 Browser Extension & Web Client
|
|
147
|
-
|
|
148
|
-
Looking for real-time protection directly inside your web browser?
|
|
149
|
-
* **Chrome Extension:** Get the [PrivacyScrubber Chrome Extension](https://chromewebstore.google.com/detail/privacyscrubber-%E2%80%94-pii-red/pimoejgefeilajmmbpghifdmhdlkgjol) to sanitize prompts directly inside ChatGPT, Claude, and Gemini in real-time.
|
|
150
|
-
* **Web Sandbox:** Use the zero-server browser sanitization tools at [PrivacyScrubber Homepage](https://privacyscrubber.com/).
|
|
151
|
-
|
|
152
|
-
---
|
|
153
|
-
|
|
154
|
-
## 📄 License & Commercial Upgrade
|
|
155
|
-
Standard use is free under the **Free Tier** (limits to the `General` PII profile). To unlock 22+ specialized industry profiles (DevOps, Medical, Legal, Finance) and custom regex rules, acquire a commercial license at [privacyscrubber.com/pricing](https://privacyscrubber.com/pricing).
|
|
41
|
+
Add a new command-type MCP server:
|
|
42
|
+
- **Name**: `privacyscrubber`
|
|
43
|
+
- **Command**: `npx -y @privacyscrubber/mcp-server`
|
|
44
|
+
|
|
45
|
+
## Useful Links
|
|
46
|
+
- **Official Website**: https://privacyscrubber.com
|
|
47
|
+
- **Chrome Web Store Extension**: https://chromewebstore.google.com/detail/privacyscrubber-%E2%80%94-pii-red/pimoejgefeilajmmbpghifdmhdlkgjol
|
|
48
|
+
- **MCP Documentation**: https://privacyscrubber.com/pii-mcp/
|
|
49
|
+
- **Pricing & Licensing**: https://privacyscrubber.com/pricing/
|
|
50
|
+
- **GitHub Repository**: https://github.com/moxno/privacyscrubber-mcp
|
package/bundle.mcpb
ADDED
|
Binary file
|
package/index.js
CHANGED
|
@@ -83,8 +83,8 @@ function checkLicenseStatus() {
|
|
|
83
83
|
// Create the MCP server
|
|
84
84
|
const server = new Server(
|
|
85
85
|
{
|
|
86
|
-
name: "privacyscrubber-mcp",
|
|
87
|
-
version: "1.0.
|
|
86
|
+
name: "privacyscrubber/pii-masking-mcp",
|
|
87
|
+
version: "1.0.4",
|
|
88
88
|
},
|
|
89
89
|
{
|
|
90
90
|
capabilities: {
|
|
@@ -113,20 +113,6 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
|
|
|
113
113
|
}
|
|
114
114
|
},
|
|
115
115
|
required: ["text"]
|
|
116
|
-
},
|
|
117
|
-
outputSchema: {
|
|
118
|
-
type: "object",
|
|
119
|
-
properties: {
|
|
120
|
-
text: {
|
|
121
|
-
type: "string",
|
|
122
|
-
description: "The sanitized text output."
|
|
123
|
-
}
|
|
124
|
-
},
|
|
125
|
-
required: ["text"]
|
|
126
|
-
},
|
|
127
|
-
annotations: {
|
|
128
|
-
priority: 1.0,
|
|
129
|
-
audience: ["developer", "user"]
|
|
130
116
|
}
|
|
131
117
|
},
|
|
132
118
|
{
|
|
@@ -141,20 +127,6 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
|
|
|
141
127
|
}
|
|
142
128
|
},
|
|
143
129
|
required: ["text"]
|
|
144
|
-
},
|
|
145
|
-
outputSchema: {
|
|
146
|
-
type: "object",
|
|
147
|
-
properties: {
|
|
148
|
-
text: {
|
|
149
|
-
type: "string",
|
|
150
|
-
description: "The detokenized text with original values restored."
|
|
151
|
-
}
|
|
152
|
-
},
|
|
153
|
-
required: ["text"]
|
|
154
|
-
},
|
|
155
|
-
annotations: {
|
|
156
|
-
priority: 1.0,
|
|
157
|
-
audience: ["developer", "user"]
|
|
158
130
|
}
|
|
159
131
|
},
|
|
160
132
|
{
|
|
@@ -173,20 +145,6 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
|
|
|
173
145
|
}
|
|
174
146
|
},
|
|
175
147
|
required: ["file_path"]
|
|
176
|
-
},
|
|
177
|
-
outputSchema: {
|
|
178
|
-
type: "object",
|
|
179
|
-
properties: {
|
|
180
|
-
text: {
|
|
181
|
-
type: "string",
|
|
182
|
-
description: "The sanitized content of the file."
|
|
183
|
-
}
|
|
184
|
-
},
|
|
185
|
-
required: ["text"]
|
|
186
|
-
},
|
|
187
|
-
annotations: {
|
|
188
|
-
priority: 1.0,
|
|
189
|
-
audience: ["developer", "user"]
|
|
190
148
|
}
|
|
191
149
|
}
|
|
192
150
|
]
|
package/manifest.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"manifest_version": "0.3",
|
|
3
|
-
"name": "privacyscrubber-mcp",
|
|
4
|
-
"version": "1.0.
|
|
3
|
+
"name": "privacyscrubber/pii-masking-mcp",
|
|
4
|
+
"version": "1.0.4",
|
|
5
5
|
"description": "Zero-Trust Data Sanitization (ZTDS) MCP Server for AI IDEs and Claude Desktop. Locally scrubs PII, secrets, and credentials before sending context to LLMs.",
|
|
6
6
|
"author": {
|
|
7
7
|
"name": "PrivacyScrubber",
|
|
@@ -18,6 +18,58 @@
|
|
|
18
18
|
}
|
|
19
19
|
}
|
|
20
20
|
},
|
|
21
|
+
"tools": [
|
|
22
|
+
{
|
|
23
|
+
"name": "sanitize_text",
|
|
24
|
+
"description": "Locally scrubs PII, secrets, and credentials (like API keys, passwords, emails, phones, names) from code, logs, or text. Replaces them with safe placeholders (e.g., [EMAIL_1], [API_KEY_1]). Keep your data secure before passing it to any LLM.",
|
|
25
|
+
"inputSchema": {
|
|
26
|
+
"type": "object",
|
|
27
|
+
"properties": {
|
|
28
|
+
"text": {
|
|
29
|
+
"type": "string",
|
|
30
|
+
"description": "The raw text, code, or logs to sanitize."
|
|
31
|
+
},
|
|
32
|
+
"profile": {
|
|
33
|
+
"type": "string",
|
|
34
|
+
"description": "The detection profile to use. Available: 'General' (Free), or PRO profiles: 'Dev' (Engineering/Code), 'Medical', 'Pharma', 'Legal', 'Compliance', 'CCPA', 'Finance', 'Bizops', 'Sales', 'WealthMgmt', 'Insurance', 'Accounting', 'HR', 'Security', 'Marketing', 'Support', 'RealEstate', 'Agents', 'Academic', 'Creative', 'Tech', 'Personal'. Defaults to 'General'."
|
|
35
|
+
}
|
|
36
|
+
},
|
|
37
|
+
"required": ["text"]
|
|
38
|
+
}
|
|
39
|
+
},
|
|
40
|
+
{
|
|
41
|
+
"name": "reveal_text",
|
|
42
|
+
"description": "Replaces masked tokens (e.g., [EMAIL_1], [API_KEY_1]) in the LLM's response back with the original private data from the local volatile RAM-only session map.",
|
|
43
|
+
"inputSchema": {
|
|
44
|
+
"type": "object",
|
|
45
|
+
"properties": {
|
|
46
|
+
"text": {
|
|
47
|
+
"type": "string",
|
|
48
|
+
"description": "The AI generated response containing placeholders to restore."
|
|
49
|
+
}
|
|
50
|
+
},
|
|
51
|
+
"required": ["text"]
|
|
52
|
+
}
|
|
53
|
+
},
|
|
54
|
+
{
|
|
55
|
+
"name": "sanitize_file",
|
|
56
|
+
"description": "Reads a local file, sanitizes its contents using the selected profile, and outputs the safe version for AI analysis. Securely keeps original identifiers in memory.",
|
|
57
|
+
"inputSchema": {
|
|
58
|
+
"type": "object",
|
|
59
|
+
"properties": {
|
|
60
|
+
"file_path": {
|
|
61
|
+
"type": "string",
|
|
62
|
+
"description": "Absolute path to the file to sanitize."
|
|
63
|
+
},
|
|
64
|
+
"profile": {
|
|
65
|
+
"type": "string",
|
|
66
|
+
"description": "The detection profile to use. Available: 'General' (Free), or PRO profiles: 'Dev' (Engineering/Code), 'Medical', 'Pharma', 'Legal', 'Compliance', 'CCPA', 'Finance', 'Bizops', 'Sales', 'WealthMgmt', 'Insurance', 'Accounting', 'HR', 'Security', 'Marketing', 'Support', 'RealEstate', 'Agents', 'Academic', 'Creative', 'Tech', 'Personal'. Defaults to 'General'."
|
|
67
|
+
}
|
|
68
|
+
},
|
|
69
|
+
"required": ["file_path"]
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
],
|
|
21
73
|
"user_config": {
|
|
22
74
|
"PRIVACYSCRUBBER_KEY": {
|
|
23
75
|
"type": "string",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@privacyscrubber/mcp-server",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.4",
|
|
4
4
|
"mcpName": "io.github.moxno/privacyscrubber-mcp",
|
|
5
5
|
"description": "Zero-Trust Data Sanitization (ZTDS) MCP Server for AI IDEs and Claude Desktop. Locally scrubs PII, secrets, and credentials before sending context to LLMs.",
|
|
6
6
|
"main": "index.js",
|
|
@@ -8,6 +8,15 @@
|
|
|
8
8
|
"publishConfig": {
|
|
9
9
|
"access": "public"
|
|
10
10
|
},
|
|
11
|
+
"files": [
|
|
12
|
+
"index.js",
|
|
13
|
+
"scrubber-core.cjs",
|
|
14
|
+
"smithery.yaml",
|
|
15
|
+
"server.json",
|
|
16
|
+
"manifest.json",
|
|
17
|
+
"bundle.mcpb",
|
|
18
|
+
".well-known"
|
|
19
|
+
],
|
|
11
20
|
"bin": {
|
|
12
21
|
"mcp-server": "index.js",
|
|
13
22
|
"privacyscrubber-mcp": "index.js"
|
|
@@ -16,7 +25,7 @@
|
|
|
16
25
|
"start": "node index.js"
|
|
17
26
|
},
|
|
18
27
|
"dependencies": {
|
|
19
|
-
"@modelcontextprotocol/sdk": "^
|
|
28
|
+
"@modelcontextprotocol/sdk": "^1.29.0",
|
|
20
29
|
"mammoth": "^1.8.0"
|
|
21
30
|
},
|
|
22
31
|
"keywords": [
|