A privacy MCP server that automatically detects and redacts sensitive data (names, emails, dates, entities) from PDF documents before sending them to LLM models like Claude.

Installation

Automatic Installation

curl -O https://raw.githubusercontent.com/postralai/masquerade/main/setup.sh && bash setup.sh

Manual Installation

python3.12 -m venv pdfmcp
source pdfmcp/bin/activate
pip install git+https://github.com/postralai/masquerade@main
python -m masquerade.configure_claude

Configuration

Claude Desktop

{
  "mcpServers": {
    "pdf-redaction": {
      "command": "/path/to/python",
      "args": ["/path/to/mcp_pdf_redaction.py"],
      "env": {
        "TINFOIL_API_KEY": "your_api_key"
      }
    }
  }
}

Features

• Automatic detection of sensitive data (names, emails, dates, entities)
• Redaction of sensitive data from PDF documents
• Preview of redacted data before sending to LLM
• Generation of redacted PDF files with sensitive areas highlighted
• Provision of a summary with masked sensitive data and redaction count per page
• Uses an isolated AI platform (Tinfoil with Llama 3.3 70B) for sensitive data detection

Environment Variables

Required

• TINFOIL_API_KEY - API key for the Tinfoil platform used for sensitive data detection

Usage Examples

Redact sensitive information from this PDF: /path/to/filename.pdf

Notes

Requires Python >=3.10, <=3.12. Users need to create a Tinfoil account and API key. Do not upload the original PDF to Claude; provide only the file path for redaction.