Skip to main content
MCPcat is built with privacy at every layer, from client-side redaction before data leaves your server, to automatic PII detection on ours. MCPcat is co-founded by Naseem Al-Naji, creator of Opal, bringing years of experience in building privacy-first developer tools that handle sensitive data with the utmost care.

Client-Side Redaction

Sanitize sensitive data before it leaves your environment with custom redaction functions.

Server-Side Redaction

Automatic PII detection and redaction powered by Microsoft Presidio.

Certifications

SOC 2 Type II compliance, encryption, and infrastructure security.

Disabling Telemetry

While MCPcat provides valuable analytics, we understand that some users may want to disable telemetry entirely. You can implement this in your MCP server by conditionally calling the track function.

Disabling Tracking Entirely

Add environment variable support to your MCP server so users can opt out: 
import * as mcpcat from "mcpcat";

// Check for telemetry opt-out
const telemetryEnabled = process.env.DISABLE_USER_ANALYTICS !== 'true';

// Only initialize tracking if telemetry is enabled
if (telemetryEnabled) {
  mcpcat.track(mcpServer, "proj_YOUR_PROJECT_ID");
}

Disabling Auto-Capture

By default, MCPcat automatically captures all MCP protocol events (tool calls, initialization, tool listings). If you only need custom events without automatic event capture, set enableTracing to false: 
import * as mcpcat from "mcpcat";

mcpcat.track(mcpServer, "proj_YOUR_PROJECT_ID", {
  enableTracing: false
});
When tracing is disabled:
  • Tool call events are not recorded
  • User identification still works normally
  • Custom events via publishCustomEvent are still sent
  • Exporters (OpenTelemetry, Datadog, Sentry) still receive custom and identify events

Anonymizing User Sessions

For users who want analytics without user identification, pass an identify function that returns null: 
import * as mcpcat from "mcpcat";

mcpcat.track(mcpServer, "proj_YOUR_PROJECT_ID", {
  identify: async () => null
});

Implementation Best Practices

  1. Document Environment Variables: Clearly document telemetry options in your MCP server’s README
  2. Default to Privacy: Consider making telemetry opt-in rather than opt-out
  3. Respect User Choice: Always check environment variables before initializing tracking
  4. Provide Granular Control: Allow users to disable specific types of tracking
Example implementation with multiple privacy options: 
import * as mcpcat from "mcpcat";

const config = {
  telemetry: process.env.DISABLE_USER_ANALYTICS !== 'true',
  anonymize: process.env.ANONYMIZE_SESSIONS === 'true'
};

// Initialize MCPcat based on user preferences
if (config.telemetry) {
  mcpcat.track(mcpServer, "proj_YOUR_PROJECT_ID", {
    identify: config.anonymize ? async () => null : undefined
  });
}