By George Curta · Last updated 2026-05-19
Privaatheidsbeskerming vir AI — Werk met Claude Desktop, Cursor en enige MCP-gereedskap
Koppel jou AI-gereedskap direk aan anonym.legal via HTTP-vervoer — voeg net 'n URL en API-sleutel by. 48 tale, 6 anonimiseringsoperateurs, entiteitgroepe, voorafgestelde en persoonlike enkripsieSleutels.
Die Verborgen Risiko in KI-geassisteerde Werk
Elke keer wanneer jy ChatGPT, Claude, of Cursor gebruik, mag jy sensitiewe inligting deel. Meeste gebruikers besef nie dat hul data na derdeparty KI-verskaffers gestuur word nie.
Kliëntname en e-posadresse
Finansiële rekeningnommers
Mediese rekords en pasiënt-ID's
Handelsgeheime en eie data
Why Secure MCP Servers Matter — 2026 Research
8,000+
MCP servers publicly exposed
492
servers with zero authentication
36.7%
vulnerable to SSRF attacks
CVSS 8.8
CVE-2026-25253 severity
MCP servers that handle raw user prompts without PII filtering expose sensitive data to AI models and downstream tool calls. anonym.legal acts as a secure MCP gateway — anonymizing PII before it reaches any other MCP server, AI model, or external API.
Hoe Dit Werk: Outomatiese Beskerming
Jy Skryf Normaal
Met sensitiewe data
KI-gereedskap
Cursor, Claude, ens.
anonym.legal MCP Server
1. Ontdek
Vind sensitiewe inligting
2. Vervang
Gebruik plekhouers
3. Stoor
Enkripteer, tydelik
KI Verwerk
Slegs veilige plekhouers
Herstel Waardes
Oorspronklike data terug
Die MCP Server dien as 'n privaatheidskild tussen jou KI-gereedskap en sensitiewe data. KI sien nooit jou werklike inligting nie.
Wat Word Beskerm?
Die stelsel ontdek en beskerm outomaties 285+ tipes sensitiewe inligting
Mense
John Doe, Jane Smith, Dr. Williams
E-posse
john@example.com, info@company.org
Telefones
+1-555-1234, (555) 123-4567
Kredietkaarte
4532-1234-5678-9010
Adres
123 Hoofstraat, New York, NY
Datums
15 Januarie, 2026, 01/15/2026
Mediese Inligting
Pasiënt-ID, voorskrifnommers
Finansiële ID's
IBAN's, Belasting ID's, BTW-nommers
Digitale Identifiseerders
IP adresse, MAC adresse, URL's
En 40+ Meer Tipes
Lisensienommers, paspoortnommers, ens.
Belangrike Voordele
Werk met Claude Desktop, Cursor & Alle MCP-gereedskap
HTTP-vervoer — voeg net 'n URL en API-sleutel by jou konfigurasie. Werk met Claude Desktop, Cursor, VS Code en enige MCP-gereedskap. Geen Node.js nodig nie.
6 Anonimisering Operateurs
Kies die regte metode: Vervang, Redigeer, Hash (SHA-256/512), Enkripteer (AES-256), Masker, of Hou. Pas verskillende operateurs per entiteit tipe toe.
Entiteit Groepe & Voorinstellings
Gebruik vooraf gedefinieerde groepe (UNIVERSAL, FINANCIAL, DACH, FRANKRYK, NOORD_AMERIKA) of skep persoonlike voorinstellings vir konsekwente anonimisering oor sessies.
48 Tale Ondersteun
Ontdek PII in Engels, Duits, Frans, Spaans, Chinees, Japanees, Arabies, en 41 ander tale. RTL ondersteuning ingesluit.
Persoonlike Enkripsiesleutels
Laai jou eie AES-128/192/256 sleutels vir enkripsie operateur. Dekripsie enige tyd met jou sleutel. Sleutels word veilig in jou rekening gestoor.
Sessiebestuur
Tokenisering modus met sessie-ID's vir omkeerbare anonimisering. Lys, bestuur, en verwyder sessies. 24u of 30-dag volharding opsies.
Werk Saam Met Jou Gunsteling KI-gereedskap
HTTP-vervoer — Claude Desktop, Cursor, enige MCP-gereedskap
Cursor IDE
AvailableBeskerm kode geheime en sensitiewe data terwyl jy kodeer met KI-hulp via HTTP
Claude Desktop
AvailableHTTP-vervoer — voeg URL en API-sleutel by. Geen plaaslike inrigting nodig. Voeg net by claude_desktop_config.json
Gaan Voort (VS Code)
AvailableVeilige KI kodeer assistent integrasie direk in Visual Studio Code via HTTP
Cline (VS Code)
AvailableKI-gedrewe kodeer met outomatiese privaatheidsbeskerming via MCP HTTP
Enige MCP Gereedskap
AvailableStroombare HTTP vervoer werk met enige MCP-compatibele toepassing
Instelling in 2 Minute
HTTP-vervoer werk vir alle kliënte — Claude Desktop, Cursor en enige MCP-gereedskap
Claude Desktop, Cursor en enige MCP-gereedskap:
- 1Kry jou API-sleutel van Instellings → API-toegang
- 2Open jou MCP-kliëntkonfigurasielêer
- 3Voeg URL https://anonym.legal/mcp by met Magtiging: Bearer YOUR_KEY
- 4Herstart jou AI-gereedskap — 7 privaatheidsgereedskap beskikbaar!
{
"mcpServers": {
"anonym-legal": {
"type": "http",
"url": "https://anonym.legal/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_KEY"
}
}
}
}HTTP (Cursor, VS Code, ens.):
- 1Kry jou API-sleutel van Instellings → API Toegang
- 2Voeg MCP server URL by: https://anonym.legal/mcp
- 3Konfigureer Outhorization kop met Bearer token
- 4Werk onmiddellik — geen Node.js, geen plaaslike bediener
{
"mcpServers": {
"anonym-legal": {
"type": "http",
"url": "https://anonym.legal/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_KEY"
}
}
}
}Gebruik Gevalle
Sagteware Ontwikkeling
Hersien kode wat API sleutels, databasis akrediteer, en kliëntdata bevat sonder om geheime aan KI-verskaffers bloot te stel.
Regsfirma's
Anonimiseer kliëntname, saaknommers, en sensitiewe besonderhede wanneer jy KI gebruik om dokumente op te stel, terwyl jy prokureur-kliënt voorreg verseker.
Gesondheidsorg
Analiseer pasiënte notas en verslae met KI-hulp terwyl jy pasiënte identiteite en mediese rekords heeltemal privaat hou.
Kliëntondersteuning
Verwerk kliëntnavrae met KI-hulp terwyl jy outomaties e-posadresse, telefoonnommers, en rekeningbesonderhede beskerm.
Finansies
Gebruik KI vir verslag analise terwyl jy rekeningnommers, transaksie besonderhede, en kliënt identiteite beskerm.
MCP Server vs Handmatige Redaksie
| Aspek | Handmatige Redaksie | anonym.legal MCP |
|---|---|---|
| Spoed | Minute per dokument | < 1 sekonde |
| Nauwkeurigheid | Menslike foute | 95%+ KI-nauwkeurigheid |
| Omkeerbaar | Nee - permanent | Ja - heeltemal omkeerbaar |
| Onderhoud | Konstante waaksaamheid | Outomaties |
| Tale | Een op 'n slag | 48 gelyktydig |
| Integrasie | Kopie/plak werksvloei | Naadloos in jou gereedskap |
| Koste | Personeeltijd | Vanaf €0/maand |
anonym.legal MCP vs. Unprotected MCP
Without a secure MCP server layer, raw PII flows into AI models and all downstream tool calls — including other MCP servers, APIs, and logs. anonym.legal anonymizes data before it leaves your environment.
| Capability | Unprotected MCP Server | anonym.legal MCP |
|---|---|---|
| PII in AI prompts | Raw names, emails, SSNs sent to LLM | Anonymized tokens sent — originals never leave |
| Authentication | Often none (492 servers exposed, no auth) | Bearer token + rate limiting on every request |
| SSRF protection | 36.7% vulnerable to SSRF (CVE-2026-25253) | SSRF allowlist enforced — no private IP access |
| Data to downstream MCPs | Raw PII forwarded to all connected tools | Anonymized before forwarding — zero PII leakage |
| GDPR / HIPAA compliance | Non-compliant — PII in AI training data risk | Compliant — PII stays encrypted, reversible only by you |
| Audit trail | No log of what PII was exposed | Session-based tokens with full detokenization audit |
| Multilingual PII detection | English-only or no detection | 285+ entity types across 48 languages |
Anonimiseer elke opdrag outomaties — geen handmatige stappe
Die Claude Code-haak onderskep elke opdrag voordat dit Claude bereik, verwyder PII met die MCP-bediener en herstel oorspronklike waardes in die reaksie. Eenmalige opstelling, dan hardloop dit stilweg op elke boodskap.
Skep die anonimiseer-haak
Stoor as ~/.claude/hooks/anonymize-prompt.py — onderskep elke UserPromptSubmit-gebeure en roep die MCP-bediener.
# ~/.claude/hooks/anonymize-prompt.py
import sys, json, requests, os
data = json.load(sys.stdin)
prompt = data.get("prompt", "")
key = os.environ.get("ANONYM_API_KEY", "")
resp = requests.post("https://anonym.legal/api/mcp/anonymize",
headers={"Authorization": f"Bearer {key}"},
json={"text": prompt, "language": "en", "mode": "tokenize"})
if resp.ok:
result = resp.json()
data["prompt"] = result["anonymized_text"]
data["session_id"] = result["session_id"]
print(json.dumps(data))Skep die herstel-haak
Stoor as ~/.claude/hooks/deanonymize-response.py — anonimiseer Claude se reaksie outomaties met behulp van die sessie-ID.
# ~/.claude/hooks/deanonymize-response.py
import sys, json, requests, os
data = json.load(sys.stdin)
response = data.get("response", "")
session_id = data.get("session_id", "")
key = os.environ.get("ANONYM_API_KEY", "")
if session_id:
resp = requests.post("https://anonym.legal/api/mcp/detokenize",
headers={"Authorization": f"Bearer {key}"},
json={"text": response, "session_id": session_id})
if resp.ok:
data["response"] = resp.json().get("detokenized_text", response)
print(json.dumps(data))Registreer hake in Claude Code-instellings
Voeg beide hake by ~/.claude/settings.json onder die hooks-sleutel.
// ~/.claude/settings.json
{
"hooks": {
"UserPromptSubmit": [
{
"hooks": [{"type": "command",
"command": "python3 ~/.claude/hooks/anonymize-prompt.py"}]
}
],
"Stop": [
{
"hooks": [{"type": "command",
"command": "python3 ~/.claude/hooks/deanonymize-response.py"}]
}
]
}
}Gereelde Vrae
Hoe verbind ek Claude Desktop of Cursor?
Alle kliënte gebruik HTTP-vervoer — voeg net die URL https://anonym.legal/mcp en jou API-sleutel by jou MCP-konfigurasielêer. Geen Node.js of plaaslike installasie nodig. Vir Claude Code-gebruikers stel die haakstelsel volledige outomatiese anonimisering op elke snelkoppeling in staat.
Watter logiese operatore is beskikbaar vir filterreëls?
6 operateurs: Vervang (valse data), Redigeer (verwyder), Hash (SHA-256/512), Enkripteer (AES-256 met jou sleutel), Masker (gedeeltelike verborge), en Hou (uitsluit van anonimisering).
Kan ek my eie enkripsiesleutels gebruik?
Ja! Laai persoonlike AES sleutels (16/24/32 karakters) van jou rekening of voer dit handmatig in. Enkripteer met jou sleutel, dekripteer later met dieselfde sleutel. Sleutels verlaat nooit jou beheer nie.
Wat is entiteitsgroepe en hoe word hulle gebruik?
Vooraf gedefinieerde versamelings: UNIVERSAL (algemene PII), FINANCIAL (bankwese), DACH (Duitssprekende), FRANKRYK, NOORD_AMERIKA, ens. Bespaar tyd om te konfigureer watter entiteite om te ontdek.
Wat is die verskil tussen redigeer en tokeniseer modi?
Redigeer modus verwyder permanent PII. Tokeniseer modus vervang met omkeerbare tokens en gee 'n session_id terug. Gebruik detokenize_text met die session_id om oorspronklike waardes te herstel.
Hoe werk MCP-bedienersessies vir tokenhergebruik?
Tokenisering skep sessies (24u of 30-dag volharding). Gebruik list_sessions om aktiewe sessies te sien, delete_session om hulle te verwyder. Sessies stoor die kaart tussen tokens en oorspronklike waardes.
API Verwysing
7 gereedskap beskikbaar via MCP-protokol. Gratis operasies gemerk met *.
| Gereedskap | Beskrywing | Koste |
|---|---|---|
| anonym_legal_analyze_text | Detecteer PII entiteite sonder om teks te verander | 2-10+ tokens |
| anonym_legal_anonymize_text | Anonimiseer teks met konfigureerbare operateurs | 3-20+ tokens |
| anonym_legal_detokenize_text | Herstel oorspronklike PII uit getokeniseerde teks | 1-5+ tokens |
| anonym_legal_get_balance | Kontroleer token balans en faktureringsiklus | Gratis * |
| anonym_legal_estimate_cost | Skat token koste voor verwerking | Gratis * |
| anonym_legal_list_sessions | Lys aktiewe tokenisering sessies | Gratis * |
| anonym_legal_delete_session | Verwyder 'n sessie en sy token toewysings | Gratis * |
Operateur Verwysing
Konfigureer per-entiteit anonimisering met die operateurs parameter.
| Operateur | Beskrywing | Parameters | Voorbeeld Uitset |
|---|---|---|---|
| replace | Vervang met 'n aangepaste waarde | new_value (string, max 100 karakters) | <PERSON_1> |
| redact | Verwyder permanent | Geen | [REDACTED] |
| hash | Eenvoudige hash | hash_type: SHA256 | SHA512 | a3f2b8c1... |
| encrypt | AES-256-GCM versleuteling | sleutel (16-32 karakters) | ENC:base64... |
| mask | Deeltjie karaktermaskering | chars_to_mask, masking_char, from_end | John **** |
| keep | Hou oorspronklike waarde | Geen | John Smith |
Versoek Voorbeelde
Analiseer Teks
{
"text": "John Smith lives at 123 Main St, New York. SSN: 123-45-6789",
"language": "en",
"score_threshold": 0.5,
"entities": ["PERSON", "LOCATION", "US_SSN"]
}Anonimiseer met Per-Entiteit Operateurs
{
"text": "John Smith, SSN 123-45-6789, email john@example.com",
"language": "en",
"mode": "tokenize",
"operators": {
"PERSON": { "type": "replace" },
"US_SSN": { "type": "mask", "chars_to_mask": 5, "from_end": false },
"EMAIL_ADDRESS": { "type": "hash", "hash_type": "SHA256" }
}
}Antwoord (Anonimiseer)
{
"anonymized_text": "<PERSON_1>, SSN ***-**-6789, email a3f2b8c1d4e5...",
"entities_found": 3,
"tokens_charged": 5,
"session_id": "sess_abc123",
"entity_types": { "PERSON": 1, "US_SSN": 1, "EMAIL_ADDRESS": 1 }
}Fout Kodes
| Kode | Beskrywing | Oplossing |
|---|---|---|
| 400 | Ongeldige versoekparameters | Kontroleer tekslengte (max 100KB), operateur konfigurasie |
| 401 | Ongeldige of ontbrekende API-sleutel | Verifieer API-sleutel in Instellings → API Toegang |
| 429 | Token balans uitgeput | Kontroleer balans, opgradeer plan, of wag vir siklusherstel |
| 500 | Bediener fout | Probeer weer na 'n paar sekondes, kontak ondersteuning as dit aanhou |
From the Blog
View all articlesCross-Application PII: Word, Chrome, and AI
Customer data flows from browser research to Word drafts to Claude prompts. Each context switch is a potential leakage point.
AI Coding Assistants Leak Production PII
Unit test fixtures with real customer records. Log files with production data for debugging. GitHub found 39 million secrets leaked in 2024.
Screenshot PII: Leaks in Internal Tools
Slack, Teams, Jira, and email regularly receive screenshots containing customer PII. This access-control violation bypasses every DLP tool.
Developer portal for MCP Server integration
anonymize.dev is the dedicated developer portal for anonym.legal — featuring MCP Server guides, code examples, case studies, blog articles on AI data security, and a full glossary of privacy & AI terms.
Probeer anonym.legal MCP Gratis
Geen kredietkaart benodig nie. 200 tokens/cyclus. Instelling neem 2 minute.
About this page
We update this page when our platform or the law changes.
Read our founder note for how we work.
Each change shows up in the timestamp at the top.
Related reading
- Common questions
- Glossary
- How tokens work
- Security posture
- Where we comply
- What we detect
- Case studies
- Release notes
We follow these rules
- GDPR (EU 2016/679).
- ISO/IEC 27001:2022.
- NIS2 (EU 2022/2555).
- HIPAA safe harbor under 45 CFR § 164.514(b)(2).
Our promise
We do not sell your data.
We do not train models on your text.
We store your files in Germany.
You can delete your account at any time.
You own your work.
Where we run
Our servers live in Falkenstein, Germany.
We use Hetzner. They hold ISO 27001 certification.
All data stays in the EU.
Backups run every day.
Need help?
Email support@anonym.legal.
We reply within one business day.
How we test
We run a full check suite on every release.
Each surface gets its own sweep script and report.
Human reviewers spot-check the output each week.
We track recall and precision on a labelled set.
Bad runs block the deploy.
What we never do
- We never sell your information to third parties.
- We never train models on what you upload.
- We never keep your work after you delete it.
- We never share keys with any outside firm.
- We never run ads inside the product.
Plans in plain words
We sell credits, not seats.
One credit covers one short job.
Long jobs use a few credits each.
You can top up at any time.
Unused credits roll over each month.
Read the plans page for current rates.
Who built this
A small team of engineers and lawyers built this.
We ship from Europe and work in the open.
Our founder note spells out why we started.
Where to start
- Open the web app and try a sample file.
- Learn how credits get counted.
- See current plans and limits.
- Meet the team behind the product.
How the parts fit
A browser add-on cleans text inside Chrome.
A Word plug-in handles drafts in Office.
A small desktop tool works on whole folders.
An agent protocol link feeds large models safely.
All four share one core engine and one rule set.
Words from our team
We started this work after a lunch about cookies.
One friend kept getting odd ads on her phone.
We asked why a court file leaked through a draft.
We sketched the first build on a napkin that week.
By month three we had a tiny demo for a friend.
She used it on her first case the next day.
Common questions we hear
Can the tool read scanned PDFs? Yes, with OCR.
Does it work on long files? Yes, in small chunks.
Can I roll my own rule set? Yes, save it as a preset.
Does it run offline? The desktop build runs offline.
Do you keep my files? No, the cloud build wipes after each run.
Will it learn from my work? No, we never train on inputs.
A short tour of the workflow
Upload a file or paste a snippet of prose.
Pick the entities you want gone from the draft.
Choose a method: replace, mask, hash, encrypt, or redact.
Press run and watch the side panel show each hit.
Skim the result and tweak any rule that misfired.
Save the cleaned file or send it to a teammate.