anonym.legal

By · Last updated 2026-02-22

返回博客技术

在不泄露PII的情况下使用Claude和ChatGPT

开发者AI安全使用指南。了解如何为Claude Desktop、Cursor和VS Code配置MCP服务器集成,实现透明的PII保护。

February 22, 20267 分钟阅读
MCP ServerClaude DesktopCursor IDEsecure AIdeveloper tools

开发者的AI数据泄露问题

2026年更新

开发者每天都在向AI助手发送敏感数据。不是出于疏忽,而是在完成正常工作。

  • 调试时粘贴包含真实API密钥的代码
  • 发送含有生产连接字符串的数据库查询
  • 提交包含真实客户名称的错误日志
  • 共享含有内部端点的配置文件

LayerX 2025年研究显示,67%的开发者在代码中意外暴露过密钥。AI工具创造了第二个外泄渠道——一个没有任何过滤器的渠道。

模型上下文协议(MCP)

MCP是由Anthropic开发的开放协议,允许AI工具通过代理服务器与外部工具安全交互。

anonym.legal的MCP服务器在这个架构中作为透明代理运行:

您的IDE/编辑器 → MCP服务器(PII脱敏) → AI模型

在提示词到达Claude、ChatGPT或任何其他AI之前,MCP服务器会对其进行扫描和清理。

支持的工具

MCP服务器可与以下工具配合使用:

  • Claude Desktop — Anthropic的桌面AI客户端
  • Cursor — AI优先的代码编辑器
  • VS Code — 通过Copilot和其他扩展
  • 任何支持MCP的客户端

配置步骤

Claude Desktop安装

  1. 安装anonym.legal MCP服务器:
npm install -g @anonym-legal/mcp-server
  1. 将以下内容添加到Claude Desktop配置(~/Library/Application Support/Claude/claude_desktop_config.json):
{
  "mcpServers": {
    "anonym-legal": {
      "command": "anonym-legal-mcp",
      "env": {
        "ANONYM_API_KEY": "your-api-key"
      }
    }
  }
}
  1. 重启Claude Desktop

Cursor安装

在Cursor设置中,将MCP服务器添加为工具提供者。命令与上述相同。

工作原理

MCP服务器在每次提示词传递到AI之前对其进行处理:

检测阶段:服务器扫描提示词中的285种以上实体类型,包括姓名、电子邮件、电话号码、API密钥、连接字符串和国家ID号码。

替换阶段:检测到的实体被替换为结构化令牌:

  • John Smith[PERSON_1]
  • sk-abc123...[API_KEY_1]
  • postgresql://prod:pass@db.example.com[CONNECTION_STRING_1]

恢复阶段:AI的响应通过服务器返回,令牌被替换回原始值。

对开发者而言,工作流程保持不变。代码补全、调试建议和文档——一切均正常运作,只是AI看到的是令牌化版本。

覆盖的实体类型

适用于开发工作流的关键类别:

凭证和密钥

  • API密钥(OpenAI、AWS、Stripe、GitHub等格式)
  • OAuth令牌和JWT
  • 数据库连接字符串
  • 私钥和证书

基础设施引用

  • 内部域名和IP地址
  • 云资源标识符(ARN、资源组等)
  • 环境特定的端点

个人数据

  • 测试数据库中的客户姓名
  • 日志文件中的电子邮件地址
  • 错误消息中的电话号码

适用场景

三星事件场景:工程师调试专有代码。通过MCP服务器,代码在发送给AI之前已完成脱敏处理。AI提供调试帮助。实际的专有标识符从未到达供应商服务器。

医疗工作流场景:开发者处理临床笔记解析器。患者姓名和MRN在到达AI之前被替换为令牌。AI帮助改进解析逻辑,PHI始终保留在本地。

金融服务场景:分析师正在处理交易代码。账户号码和客户标识符在进入AI之前完成脱敏处理。AI代码审查不会泄露任何专有财务逻辑。

定价

MCP服务器作为anonym.legal专业版套餐的一部分提供:

  • 免费版:每月200个令牌(仅Chrome扩展程序)
  • 专业版:每月€15起,包含MCP服务器访问
  • 商业版:每月€29,包含团队管理和审计日志

请参阅定价页面了解完整详情,或访问令牌系统文档了解令牌化的工作原理。

参考资料

相关文章

技术

Cross-Platform PII: Mac, Linux, and Windows

Privacy officers on Mac, legal on Windows, data engineers on Linux — all processing the same data with different tools. Here's why OS-agnostic detection.

技术

Cross-Application PII: Word, Chrome, and AI

Customer data flows from browser research to Word drafts to Claude prompts. Each context switch is a potential leakage point.

技术

GDPR in App Logs: JSON PII Compliance

Application logs contain customer email addresses, IPs, and account numbers that GDPR Article 5(1)(e) requires be managed.

准备好保护您的数据了吗?

开始使用 285 种实体类型在 48 种语言中匿名化 PII。

开始免费试用查看功能

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.