AI Privacy Patterns
Protecting MCP Servers
Use FastPII inside MCP servers to sanitize tool inputs and outputs.
Protecting MCP Servers
Model Context Protocol servers often connect assistants to sensitive systems such as CRMs, document stores, and ticketing tools. FastPII helps you keep those tool boundaries clean.
Basic MCP server setup
from fastpii import PrivacyGuard
from fastpii.integrations.mcp import MCPServer
guard = PrivacyGuard(regions=["cz"])
server = MCPServer(regions=["cz"])Expose a sanitization tool
from fastpii import PrivacyGuard
from fastpii.integrations.mcp import MCPServer
guard = PrivacyGuard(regions=["cz"])
server = MCPServer(regions=["cz"])
def sanitize_text(text: str) -> str:
return guard.redact(text)
def detect_text(text: str):
result = guard.detect(text)
return result.findingsUse one tool for transformation and another for inspection so clients can choose whether they need findings, sanitized text, or both.
Tool boundary pattern
Apply FastPII in two places:
- Before the server forwards user content to a backend system.
- Before the server returns backend content to the MCP client.
from fastpii import PrivacyGuard
guard = PrivacyGuard(regions=["cz"])
def sanitize_request_payload(payload: str) -> str:
return guard.remove(payload)
def sanitize_response_payload(payload: str) -> str:
return guard.redact(payload)Claude Desktop integration pattern
When connecting the MCP server to Claude Desktop, register it as a privacy-focused utility server and route sensitive document handling through the FastPII-backed tools first.
Recommended flow:
- Claude Desktop sends a document snippet to your MCP server.
- The server runs
detect()orredact(). - Only sanitized text is forwarded to downstream tools or returned to the assistant.
Good defaults
- Use
redact()for server responses. - Use
remove()for backend actions that do not need PII. - Keep the raw source system separate from assistant-facing tool output.