Claude Desktop MCP Log Masking - Allow Server Developers to Declare Sensitive Tool Parameters

Resolved 💬 1 comment Opened Apr 24, 2026 by devsaikan Closed Apr 24, 2026

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

Claude Desktop currently logs all MCP JSON-RPC messages verbatim, including full tool call inputs and outputs. Server developers have no mechanism to declare which parameters are sensitive or to influence how the client handles them in logs.

When building MCP servers for regulated industries - financial services, healthcare, legal, tool parameters frequently contain sensitive runtime values:

MFA/TOTP codes
Wallet IDs and blockchain addresses
Transaction amounts and references
Authentication tokens
Patient or customer identifiers

All of these appear in plaintext in %APPDATA%\Claude\logs\. The server developer cannot prevent this. This is not a protocol-level issue, MCP JSON-RPC is behaving correctly. The gap is in the Claude Desktop logging layer, which provides no filtering, masking, or redaction capability.

Claude Desktop already supports sensitivity at the configuration level "sensitive": true in manifest.json causes configuration values to be encrypted using OS secure storage (Keychain/Credential Manager). The concept exists. It needs to extend to runtime tool parameters.

This is more obvious when using a hardware MFA POP (Proof of Possession) key.

Proposed Solution

Allow MCP server developers to annotate tool parameters as sensitive during tool registration. Claude Desktop should mask these values in logs.
Example registration annotation:

json{
  "name": "verify_mfa",
  "parameters": {
    "code": {
      "type": "string",
      "description": "6-digit TOTP code",
      "sensitive": true
    }
  }
}

When sensitive: true is present, Claude Desktop logs should replace the value with [REDACTED], the parameter name and structure remain visible for debugging, but the value is masked.

Why This Matters:
Every mature logging framework like Serilog, log4j, cloud logging pipelines supports field-level redaction. Enterprise MCP deployments cannot meet basic compliance requirements (PCI-DSS, HIPAA, SOC 2) if client logs capture MFA codes and financial transaction data verbatim with no developer control.

Scope:
This request applies to both stdio and HTTPS MCP transports. The logging layer sits above the transport in both cases and the same gap exists regardless of transport mechanism.

Alternative Solutions

_No response_

Priority

Critical - Blocking my work

Feature Category

MCP server integration

Use Case Example

_No response_

Additional Context

_No response_

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗