MCP — LANGCHAIN

LangChain PII Protection — MCP Integration Guide

LangChain vulnerability class: PII leakage in AI model outputs (documented in OWASP Top 10 for LLM Applications) CVSS 9.3 vulnerability. Inject anonym.legal MCP server as PII sanitization layer. Detect & redact PII before LLM processing. Secure Claude, GPT-4, Llama 2 pipelines.

Set Up MCP Server Back

The vulnerability class: PII leakage in AI model outputs (documented in OWASP Top 10 for LLM Applications) Problem

🚨 Vulnerability

LangChain agent tools accept user input directly into vector search, memory, and LLM context. PII like SSN, email, credit card exposed to model training.

📊 Impact

CVSS 9.3 (Critical). Affects all versions <5.2.0. Customers share financial data, health records, credentials with LLM providers.

✅ Solution

Inject MCP server before agent execution. Sanitize PII automatically. Deploy anonymize, analyze, decrypt as MCP tools.

Yes. Install with pip install anonym-legal. The Python SDK wraps the REST API with type hints, async support, and automatic retry. 3 lines to anonymize: client = AnonymLegal(token); result = client.anonymize(text, language='en').

The MCP Server exposes 7 privacy tools that LangChain agents can call directly. Add pii_detect, pii_anonymize, pii_decrypt to your agent toolkit. Prevents PII leakage in RAG pipelines and agent workflows.

Sub-200ms for standard text requests. Batch endpoints process arrays of text in a single call. The API runs on EU servers with zero data retention — request data is processed and immediately discarded.

The API runs on our EU-hosted infrastructure with zero data retention. For enterprise self-hosting requirements, contact us. The MCP Server can also run locally with Docker.

Yes. Send arrays of text strings in a single API call. The batch endpoint processes up to 100 items per request with consistent sub-200ms per-item latency.

Free tier: 200 tokens/month with all features. Basic: €3/month (1,000 tokens). Pro: €15/month (4,000 tokens). Business: €29/month (10,000 tokens). One token = one API call.

MCP Server Integration

1. Install anonym.legal MCP Server

pip install anonym-legal
# Coming soon

# Start server on localhost:3100
anonym-legal-mcp --host 0.0.0.0 --port 3100

2. Configure LangChain to Use MCP

from langchain.agents import AgentExecutor, create_react_agent
from langchain_community.tools.mcp import MCPToolkit
from langchain.tools import Tool

# Connect to MCP server
mcp = MCPToolkit(server_url="http://localhost:3100")

# Get anonymize tool
anonymize_tool = mcp.get_tool("anonymize")

# Create agent with PII protection
tools = [anonymize_tool]
agent = create_react_agent(llm, tools)
executor = AgentExecutor(agent=agent, tools=tools)

3. Protect Pipeline

user_input = "My name is John, SSN 123-45-6789"

# Before: VULNERABLE to vulnerability class: PII leakage in AI model outputs (documented in OWASP Top 10 for LLM Applications)
# response = agent.invoke({"input": user_input})

# After: PROTECTED by MCP layer
cleaned = executor.invoke({
  "input": f"Anonymize: {user_input}"
})

# Now safe to send to LLM
response = llm.predict(text=cleaned["output"])

MCP Tools Available

🔍 analyze

Detect PII entities in text. Returns entity types, positions, confidence scores. Use for classification.

🔒 anonymize

Replace PII with redactions, masks, hashes, encryption. Safe for LLM input. Preserve text structure.

🔓 decrypt

Reverse encryption with key. Use in retrieval chains. Bearer token auth.

Deployment Patterns

Local Development

docker run -p 3100:3100 \
  anonym-legal/mcp:latest

# .env
ANONYM_MCP_SERVER=http://localhost:3100

Production (Docker)

docker run -d -p 3100:3100 \
  -e ANONYM_API_KEY=$KEY \
  -e LOG_LEVEL=info \
  anonym-legal/mcp:latest

# docker-compose.yml
services:
  mcp:
    image: anonym-legal/mcp:latest
    ports: ["3100:3100"]

Use Case: Customer Support Chatbot

Vulnerability Chain

Customer: "My order #12345 shipped to 123 Main St, email is jane@ex.com"

# BEFORE: vulnerability class: PII leakage in AI model outputs (documented in OWASP Top 10 for LLM Applications) (VULNERABLE)
agent.invoke(user_input)
# → LangChain stores "jane@ex.com" in vector DB
# → Email sent to OpenAI for embedding
# → Stored in LLM training logs

Protection Applied

Customer: "My order #12345 shipped to 123 Main St, email is jane@ex.com"

# AFTER: MCP Protection
mcp_output = anonymize_tool.invoke({
  "text": user_input,
  "method": "mask"
})
# → "My order #12345 shipped to [ADDRESS], email is [EMAIL]"

# Now safe to send to LLM
response = llm.predict(text=mcp_output)

Watch the API In Action

See PII detection and anonymization via REST API and MCP Server

Secure Your LangChain Pipeline

Patch vulnerability class: PII leakage in AI model outputs (documented in OWASP Top 10 for LLM Applications). Deploy MCP server. Inject PII protection before LLM. Secure Claude, GPT-4, Llama pipelines.

Set Up MCP Server

Also from anonym.legal

Enterprise Deployment → Anonymization Methods → Compliance Presets → EU Entity Coverage →

Frequently Asked Questions

Insert anonym.legal's MCP Server as a preprocessing layer before document ingestion. It detects and anonymizes PII in documents before they're chunked and embedded, ensuring your vector database contains no personally identifiable information.

Yes. The REST API integrates with any Python framework. Use the /api/anonymize endpoint as a document transformer in your LlamaIndex ingestion pipeline. Apply before chunking to ensure embeddings contain no PII.

MCP Server integration works with any AI agent framework. For CrewAI, add anonym.legal as a tool that agents call before processing user data. For AutoGen, use the Python SDK in function calling.