Policy

Privacy

The short version: your introspection snapshot is analyzed in memory and never persisted. Data minimization isn't a footnote here — it's the design.

Last updated 2026-07-07.

The introspection snapshot

When you run introspect_mcp_context, your agent sends a snapshot of what it can see so the server can render your context. That snapshot is processed in memory only. It is not written to a database, not written to logs, and not retained after the response is returned. There is no snapshot logging anywhere in the server.

What is stored — only when you ask

  • Feedback. If you call submit_feedback, the message you send is stored durably so we can act on it. When your client supports it, this is confirmed via elicitation before anything is written; otherwise it is recorded and labeled "unconfirmed."
  • Share cards. If you choose to publish an anonymized Agent Facts card, only the aggregate numbers you approve are persisted — counts and coverage figures. Tool names and descriptions are never stored unless you explicitly opt in.

Both are explicit, opt-in writes. Nothing is persisted as a side effect of introspecting.

The website itself

This site (www.mcpglimpse.com) is a static site. It sets no advertising cookies and does not sell data. Standard server and edge request logs may record coarse metadata (IP, user agent, requested path) for security and aggregate traffic understanding, consistent with the host's own retention. AI crawlers are explicitly welcomed in robots.txt — answer engines are the distribution channel, not the adversary.

What a server can see about you anyway

Independent of this policy, it's worth knowing the protocol-level limits of what any MCP server can observe. We wrote it up: What can an MCP server see about you?

Contact

Questions about privacy or a data request: codingoutloud@gmail.com. Security reports: see security.txt.