Skyflow PII MCP
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Skyflow PII MCPde-identify this: my SSN is 123-45-6789"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Skyflow Runtime MCP
A remote MCP server for connecting to a Skyflow Vault for sensitive PII data detection, de-identification, and tokenization as well as selective policy-driven re-identification of sensitive data elements. Give your agent tools to find and remove PII to sanitize text and ensure data privacy and security.
This is an experimental project in development. This project is not supported and is offered under an MIT license.
Try it out online
This remote MCP server is hosted at https://pii-mcp.dev/mcp. Connect using your own Skyflow credentials — see Connecting in Authenticated Mode for the contract, or Anonymous Mode to try it without credentials.
For a concrete client example, see Integration with Claude Desktop.
Related MCP server: guardrails-mcp-server
Connecting in Authenticated Mode
Authenticated mode forwards your own Skyflow credentials to your vault. Any MCP client that supports Streamable HTTP can connect — the server has no client-specific logic.
Connection Contract
Endpoint
POST https://pii-mcp.dev/mcp?vaultId=<VAULT_ID>&vaultUrl=<VAULT_URL>Required query parameters
Param | Value | Notes |
| Your Skyflow vault ID | Found in Skyflow Studio → Vault details. |
| Your vault's base URL | e.g. |
Required credential — pick one:
Method | Where | Format |
Bearer token (preferred) |
| Skyflow JWT (3 dot-separated base64url segments). Auto-detected. |
API key (header) |
| Any non-JWT value in the |
API key (query) |
| Fallback for clients that can't set headers. Ignored if |
Credentials are forwarded to Skyflow as-is. The server does not store or log them; Skyflow's API validates them at call time.
Minimal Example (curl)
curl -X POST "https://pii-mcp.dev/mcp?vaultId=$VAULT_ID&vaultUrl=$VAULT_URL" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-H "Authorization: Bearer $SKYFLOW_TOKEN" \
-d '{"jsonrpc":"2.0","method":"tools/list","id":1}'Client Configuration Checklist
Any MCP client needs to:
Point at
/mcpwithvaultId+vaultUrlappended as query parameters.Send
Authorization: Bearer <credential>on every request (or append&apiKey=<key>if the client can't inject headers).Send
Content-Type: application/jsonandAccept: application/json, text/event-stream.
See Integration with Claude Desktop for one concrete client. The same pattern applies to any Streamable HTTP MCP client (Cursor, MCP Inspector, custom SDK clients).
Self-Hosted Fallbacks
When self-hosting, VAULT_ID and VAULT_URL can be set as environment variables in .env.local — query parameters override them per request. Useful for pinning a single vault without rewriting client URLs. See Environment Variables.
Installation
npm install
# or
pnpm installDevelopment
Quick Start
The easiest way to start developing is to use the dev script, which automatically starts both the MCP server and inspector with the correct configuration:
pnpm devThis will:
Start the MCP Inspector on port 6274 (UI) and 6277 (proxy)
Automatically open your browser with the inspector pre-configured to connect to
http://localhost:3000/mcpStart your MCP server on port 3000
Display interleaved logs from both processes in your terminal
Available Scripts
pnpm dev- Recommended for development. Starts both inspector and server with automatic browser configurationpnpm server- Starts only the MCP server on port 3000pnpm inspector- Starts only the MCP Inspector (useful if you want to run them in separate terminals)
Manual Setup (Alternative)
If you prefer to run the inspector and server in separate terminals:
Copy your Vault Details into
.env.localIn terminal 1, start the inspector:
pnpm inspectorIn terminal 2, start the server:
pnpm serverOpen your browser to
http://localhost:6274/Choose 'Streamable HTTP' and set the address to
http://localhost:3000/mcpClick 'Connect'
Understanding the Ports
Port 3000: Your MCP server (configurable via
PORTenv var)Port 6274: MCP Inspector UI (where you interact with the inspector)
Port 6277: MCP Inspector Proxy (internal proxy used by the inspector)
Environment Variables
For authentication methods, see Connecting in Authenticated Mode.
Create a .env.local file with optional fallback values:
VAULT_ID: Your Skyflow vault ID (optional - can be provided via query parameter)VAULT_URL: Your Skyflow vault URL (optional - can be provided via query parameter, e.g.,https://ebfc9bee4242.vault.skyflowapis.com)PORT: Server port (default: 3000)
Note: SKYFLOW_API_KEY, REQUIRED_BEARER_TOKEN, ACCOUNT_ID, and WORKSPACE_ID are no longer used. The bearer token is passed through from the client to Skyflow; account/workspace IDs were never consumed by the SDK.
Anonymous Mode (Try Before You Buy)
You can try the de-identify tool without configuring Skyflow credentials. When no credentials are provided and anonymous mode is enabled on the server, limited functionality is available.
Quick Start (Anonymous)
# No credentials needed!
curl -X POST "https://pii-mcp.dev/mcp" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-d '{"jsonrpc":"2.0","method":"tools/call","params":{"name":"de-identify","arguments":{"inputString":"My email is john@example.com and my SSN is 123-45-6789"}},"id":1}'Limitations in Anonymous Mode
Only
de-identifytool available -re-identifyreturns a helpful errorTokens use entity counters - e.g.,
[EMAIL_ADDRESS_1],[SSN_2]instead of vault tokensData is NOT persisted - tokens cannot be re-identified later
Rate limited - 10 requests per minute per IP (configurable by server operator)
Claude Desktop (Anonymous)
To use anonymous mode with Claude Desktop:
{
"mcpServers": {
"skyflow-pii-demo": {
"command": "npx",
"args": ["mcp-remote", "https://pii-mcp.dev/mcp"]
}
}
}To unlock full functionality (re-identify, file processing, persistent vault tokens), configure your Skyflow credentials as shown in the sections above.
Server Configuration for Anonymous Mode
Server operators can enable anonymous mode by setting these environment variables:
ANON_MODE_API_KEY: Skyflow API key for demo vaultANON_MODE_VAULT_ID: Demo vault identifierANON_MODE_VAULT_URL: Demo vault URLANON_MODE_RATE_LIMIT_REQUESTS: Max requests per window (default: 10)ANON_MODE_RATE_LIMIT_WINDOW_MS: Window duration in ms (default: 60000)
Testing
The examples below use curl. See Connecting in Authenticated Mode for the full contract. Placeholders used:
{your_bearer_token}: Your Skyflow JWT bearer token OR API key (auto-detected based on format){vault_id}: Your Skyflow vault ID{vault_url}: Your Skyflow vault URL (e.g.,https://ebfc9bee4242.vault.skyflowapis.com)
List Available Tools
Test the MCP server by listing available tools:
curl -X POST "http://localhost:3000/mcp?vaultId={vault_id}&vaultUrl={vault_url}" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-H "Authorization: Bearer {your_bearer_token}" \
-d '{"jsonrpc":"2.0","method":"tools/list","id":1}'Call the De-identify Tool
Test calling the de-identify tool to redact sensitive information:
curl -X POST "http://localhost:3000/mcp?vaultId={vault_id}&vaultUrl={vault_url}" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-H "Authorization: Bearer {your_bearer_token}" \
-d '{"jsonrpc":"2.0","method":"tools/call","params":{"name":"de-identify","arguments":{"inputString":"My email is john.doe@example.com and my SSN is 123-45-6789"}},"id":2}'This will return the de-identified text with sensitive data redacted, along with word and character counts.
Call the Re-identify Tool
Test calling the re-identify tool to restore original sensitive data:
curl -X POST "http://localhost:3000/mcp?vaultId={vault_id}&vaultUrl={vault_url}" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-H "Authorization: Bearer {your_bearer_token}" \
-d '{"jsonrpc":"2.0","method":"tools/call","params":{"name":"re-identify","arguments":{"inputString":"[REDACTED_TEXT_WITH_TOKENS]"}},"id":3}'Integration with Claude Desktop
Claude Desktop is one concrete client for the Connection Contract. It uses mcp-remote as a bridge to the Streamable HTTP endpoint. Add the following to your claude_desktop_config.json:
Local Development
For local testing with environment variable fallbacks:
{
"mcpServers": {
"skyflow-pii": {
"command": "npx",
"args": ["mcp-remote", "http://localhost:3000/mcp"],
"headers": {
"Authorization": "Bearer {your_skyflow_bearer_token}"
}
}
}
}Remote Connection (Recommended)
For connecting to the hosted server or any remote instance with dynamic configuration:
{
"mcpServers": {
"skyflow-pii": {
"command": "npx",
"args": ["mcp-remote", "https://pii-mcp.dev/mcp?vaultId={vault_id}&vaultUrl={vault_url}"],
"headers": {
"Authorization": "Bearer {your_skyflow_bearer_token}"
}
}
}
}Important Notes:
Replace
{your_skyflow_bearer_token}with your actual Skyflow bearer tokenReplace
{vault_id}and{vault_url}with your Skyflow configuration valuesThe
vaultUrlshould be URL-encoded (e.g.,https%3A%2F%2Febfc9bee4242.vault.skyflowapis.com)Make sure the server is running before starting Claude Desktop (for local development)
Configuration File Locations
macOS:
~/Library/Application Support/Claude/claude_desktop_config.jsonWindows:
%APPDATA%\Claude\claude_desktop_config.jsonLinux:
~/.config/Claude/claude_desktop_config.json
After updating the config:
Save the file
Restart Claude Desktop completely (quit and reopen)
The
de-identifyandre-identifytools should now be available in Claude Desktop
Architecture
Express Server: Handles HTTP requests on the
/mcpendpoint with query parameter supportBearer Token Pass-Through: Client's Skyflow bearer token is forwarded directly to Skyflow API
Per-Request Skyflow Instances: Each request creates its own Skyflow client with unique credentials
AsyncLocalStorage Context: Tools access the current request's Skyflow instance via context
Streamable HTTP Transport: Creates a new transport per request to prevent ID collisions
Multi-Tenant Support: Different users can use different vaults/workspaces via query parameters
Dependencies
@modelcontextprotocol/sdk: Official MCP TypeScript SDKexpress: Web server frameworkzod: Schema validation for tool inputs/outputsskyflow-node: Skyflow SDK for data privacy and deidentificationdotenv: Environment variable management
Learn More
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/SkyflowFoundry/skyflow-runtime-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server