Privacy & Data Collection

MCPShield is a security tool. Transparency about what it reads from your machine is not optional — it's the whole point. This page is the authoritative answer to “what does the agent actually send?”

Source of truth: SECURITY.md in the open-source repository. Agent source is MIT-licensed and auditable.

What the agent reads & reports

The mcpshield-agent scans known MCP config file locations on your machine (Claude Desktop, Cursor, Windsurf, and others) and reports the following fields to your configured backend:

Field	Source	Sensitivity
Server name	Config file	LowUsually the npm package name
Command + args	Config file	MediumMay contain user directory paths
Scope / working directory	Config file	MediumMay contain user directory paths
Source application	Filename	Lowe.g. "Claude Desktop", "Cursor"
Environment variable names	Config file (keys only)	MediumNames only — e.g. OPENAI_API_KEY. Values are never read.
Tool list (name + description)	Live server query	LowOnly when the MCP server is already running
Hostname + OS username	socket, getpass	LowUsed to identify which agent sent the report
Agent version	Package metadata	LowUsed for compatibility checks

What the agent never reads

Environment variable values

Only the key names are captured (e.g. OPENAI_API_KEY). The values — your actual secrets — are never read, never stored, never transmitted.

File contents

The agent reads the path of a scoped directory, not any files inside it. Your code, documents, and data are untouched.

MCP request/response payloads

We see configuration, not runtime traffic. What your AI agent sends to or receives from an MCP server at runtime is invisible to us.

Browser history, clipboard, keystrokes

The agent is a Python process that opens JSON config files. It has no browser access, no clipboard hook, and no keyboard listener.

How data is stored

Self-hosted

Data lives only in your database. MCPShield has no telemetry endpoint, no call-home mechanism, and no usage reporting. You control the data entirely.

Hosted SaaS

Data is stored in our managed Postgres in the region you select. Retention defaults are documented on the pricing page. Data Processing Agreements are available for EU customers.

Cryptography

Passwordsbcrypt via passlib, cost factor 12

API keysSHA-256 hash at rest, prefix-indexed for fast lookup

JWTsHS256 signed with a per-deployment secret. Operators must generate a strong secret in production — weak defaults are rejected at startup.

TransportHTTPS only in production, enforced by the reverse proxy (Caddy).

Questions or concerns?

Email security@mcpshield.app for security disclosures, or support@mcpshield.app for privacy questions. We aim to respond within 3 business days.

Last updated: June 2026 · Agent source: github.com/RunTimeAdmin/MCPShield