@lucairn/mcp-server
The @lucairn/mcp-server acts as a privacy-preserving AI gateway, routing chat requests through Lucairn's EU privacy layer via a single chat_via_lucairn tool. It automatically detects and redacts PII before prompts reach any upstream LLM, then returns a signed compliance certificate with every response.
Core capabilities:
Automatic PII redaction: Detects and replaces personal data (names, emails, IBANs, phone numbers, addresses, etc.) with placeholders like
[PERSON_1],[EMAIL_2]before the request reaches the LLM. Multi-layered detection includes known-entity matching, Presidio NER, and an optional GPU-hosted custom-trained PII shield (Enterprise).Multi-provider routing: Supports Anthropic (
claude-*) and OpenAI (gpt-*,o1-*,o3-*,o4-*) models, with the provider selected automatically based on themodelparameter.Bring Your Own Key (BYOK): Set
ANTHROPIC_API_KEYand/orOPENAI_API_KEYin the MCP environment to use your own provider accounts billed directly.Flexible messaging: Supports multi-turn conversations with
user/assistantrole messages, optional system prompts (string or content blocks),max_tokens, andtemperature.Signed compliance certificates: Every response includes an Ed25519 + RFC 3161 + Sigstore Rekor-signed certificate as verifiable proof of redaction, available as an HTML summary or full JSON.
Tiered placeholder handling: Developer (free) tier returns raw placeholders for inspection; Pro/Enterprise tiers automatically re-link placeholders back to original PII values before the response reaches your app.
Enterprise self-hosting: The entire stack can be self-hosted within your environment so no raw identity data leaves your perimeter.
Easy MCP integration: Works with Claude Desktop, Cursor, Cline, Continue, and other MCP-compatible clients with a simple JSON config and no build step.
Routes chat requests to OpenAI's API via the Lucairn privacy gateway, with PII redaction and compliance certificate generation. Supports gpt-, openai-, o1-, o3-, and o4-* model prefixes.
Lucairn SDKs
Official client libraries for Lucairn — an EU-based privacy-preserving AI gateway. Lucairn sits between your application (or AI agent) and the upstream LLM provider you choose, removes personal data from prompts before the model ever sees them, and returns a signed Lucairn Certificate proving what was redacted, when, and by which sanitizer layer.
This monorepo hosts four packages at parity:
@lucairn/mcp-server— Model Context Protocol server (one-linenpxinstall for Claude Desktop, Cursor, Cline, Continue, …)@lucairn/sdk— TypeScript / Node SDKlucairn— Python SDKgithub.com/declade/lucairn-sdks/go— Go SDK
Quick start (MCP)
For most agent use cases, the fastest path is the MCP server. No build step, no install — npx runs it on demand:
npx -y @lucairn/mcp-serverAdd it to your MCP client config (Claude Desktop's claude_desktop_config.json, Cursor's mcp.json, Cline's cline_mcp_settings.json, Continue, etc.):
{
"mcpServers": {
"lucairn": {
"command": "npx",
"args": ["-y", "@lucairn/mcp-server"],
"env": {
"LUCAIRN_API_KEY": "<your_lucairn_api_key>",
"ANTHROPIC_API_KEY": "<optional_byok_anthropic_key>",
"OPENAI_API_KEY": "<optional_byok_openai_key>"
}
}
}
}Restart your client. The chat_via_lucairn tool becomes available immediately. See mcp-server/README.md for full details.
What it does
Each request through any Lucairn SDK follows the same pipeline:
PII detection runs on every user message in three layers:
Layer 1 — Known-entity matching (your tenant's named entities)
Layer 2 — Presidio NER (names, emails, IBANs, addresses, phone numbers, customer IDs, …)
Layer 3 — GPU-hosted custom-trained PII shield (Enterprise tier only, optionally trained on your domain corpus)
Detected PII is replaced with placeholders (
[PERSON_1],[EMAIL_2],[IBAN_3], …) before the request reaches the upstream LLM.The selected upstream model sees only the sanitized text. It never receives raw personal data.
The response is returned with a signed compliance certificate (Ed25519 witness signature + RFC 3161 timestamp + Sigstore Rekor inclusion proof).
Response handling depends on tier:
Developer (free) — placeholders are returned verbatim. Useful for testing the redaction surface.
Pro / Enterprise — placeholders are re-linked back to the originals on the gateway before the response reaches your application.
For Lucairn-hosted Developer-tier callers, on-gateway pseudonymization happens before your LLM sees the request. Enterprise self-host deployments can run the entire stack inside the customer environment, in which case no raw identity data leaves that environment at all.
Provider routing
The gateway picks the upstream provider from the model parameter you send:
Model prefix | Upstream provider | BYOK env var |
| Anthropic |
|
| OpenAI |
|
Cross-provider BYOK shipped in @lucairn/mcp-server@1.1.0 — set one or both keys in the same MCP config and the server forwards the matching one as X-Upstream-Key per request, so your provider account is billed directly.
Per-language SDKs
Language | Package | Version | README |
MCP server |
| 1.2.4 | |
TypeScript |
| 1.1.1 | |
Python |
| 1.1.1 | |
Go |
| v1.1.1 |
All SDKs are at parity at the observable level. Cross-language byte-equivalence is locked via shared Go-assembler-generated fixtures, so a certificate signed via one SDK verifies identically via the other two.
Get an API key
Sign up at https://lucairn.eu/account/signup. Free Developer tier: 500 requests/month, no credit card required.
Pro adds response re-linking, programmatic certificate JSON access, audit-event export, and higher quota. Enterprise adds self-host, BYOK with provider-side billing isolation, and the optional custom-trained PII shield (priced per scope).
See https://lucairn.eu/pricing for the full tier comparison.
Verify a response
Every response through any SDK gets a signed Lucairn certificate. Two surfaces:
HTML summary — DPO-friendly, available on every tier including Developer (free). Use
getCertificateSummary(TS) /get_certificate_summary(Python) /GetCertificateSummary(Go), or paste the certificate URL into https://lucairn.eu/verify.JSON certificate + local Ed25519 verify — Pro tier and above. Use
getCertificate+verifyCertificate(and language equivalents). The verifier is in-tree — seets/src/verify-certificate/,python/src/lucairn/verify_certificate/, and theinternal/verifypackage undergo/.
External RFC 3161 + Sigstore Rekor anchor verification is currently surfaced as pass-through metadata; full external anchor verification lands in a follow-up release.
Status
Production packages are versioned independently and tagged per the table above. Cross-language byte-equivalence is locked via shared fixtures. Follow CHANGELOG.md for release notes.
Links
Main site: https://lucairn.eu
Sign up (free Developer tier): https://lucairn.eu/account/signup
Pricing: https://lucairn.eu/pricing
MCP setup guide: https://lucairn.eu/developer/mcp
OpenAI SDK setup guide: https://lucairn.eu/developer/openai
Verify a certificate: https://lucairn.eu/verify
Glama listing: https://glama.ai/mcp/servers/Declade/lucairn-sdks
mcp.so listing: https://mcp.so/server/lucairn-privacy-gateway/Declade
npm —
@lucairn/mcp-server: https://www.npmjs.com/package/@lucairn/mcp-servernpm —
@lucairn/sdk: https://www.npmjs.com/package/@lucairn/sdkPyPI —
lucairn: https://pypi.org/project/lucairn/
Contributing
See CONTRIBUTING.md. Security reports: SECURITY.md.
License
MIT — see LICENSE.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Declade/lucairn-sdks'
If you have feedback or need assistance with the MCP directory API, please join our Discord server