Claude Desktop MCP Log Masking - Allow Server Developers to Declare Sensitive Tool Parameters
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
Claude Desktop currently logs all MCP JSON-RPC messages verbatim, including full tool call inputs and outputs. Server developers have no mechanism to declare which parameters are sensitive or to influence how the client handles them in logs.
When building MCP servers for regulated industries - financial services, healthcare, legal, tool parameters frequently contain sensitive runtime values:
MFA/TOTP codes
Wallet IDs and blockchain addresses
Transaction amounts and references
Authentication tokens
Patient or customer identifiers
All of these appear in plaintext in %APPDATA%\Claude\logs\. The server developer cannot prevent this. This is not a protocol-level issue, MCP JSON-RPC is behaving correctly. The gap is in the Claude Desktop logging layer, which provides no filtering, masking, or redaction capability.
Claude Desktop already supports sensitivity at the configuration level "sensitive": true in manifest.json causes configuration values to be encrypted using OS secure storage (Keychain/Credential Manager). The concept exists. It needs to extend to runtime tool parameters.
This is more obvious when using a hardware MFA POP (Proof of Possession) key.
Proposed Solution
Allow MCP server developers to annotate tool parameters as sensitive during tool registration. Claude Desktop should mask these values in logs.
Example registration annotation:
json{
"name": "verify_mfa",
"parameters": {
"code": {
"type": "string",
"description": "6-digit TOTP code",
"sensitive": true
}
}
}
When sensitive: true is present, Claude Desktop logs should replace the value with [REDACTED], the parameter name and structure remain visible for debugging, but the value is masked.
Why This Matters:
Every mature logging framework like Serilog, log4j, cloud logging pipelines supports field-level redaction. Enterprise MCP deployments cannot meet basic compliance requirements (PCI-DSS, HIPAA, SOC 2) if client logs capture MFA codes and financial transaction data verbatim with no developer control.
Scope:
This request applies to both stdio and HTTPS MCP transports. The logging layer sits above the transport in both cases and the same gap exists regardless of transport mechanism.
Alternative Solutions
_No response_
Priority
Critical - Blocking my work
Feature Category
MCP server integration
Use Case Example
_No response_
Additional Context
_No response_
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗