mcpindex.ai
Privacy

Privacy.

Last updated: 2026-06-09

The site does not run third-party advertising trackers. Standard server logs (IP, user agent, request path, timestamp) are retained for 30 days for operational and security purposes only. Logs are not sold or shared.

The waitlist form stores your email and submission timestamp. We use it to notify you when v1 ships and nothing else. Unsubscribe at any time by emailing hello@mcpindex.ai.

API requests to /api/v1/* are not logged beyond aggregate rate-limit counters. We do not log query strings. We do not persist task descriptions sent to the recommend endpoint.

One scoped exception: the tool screener (/api/v1/screen). The description you paste is screened in-flight and is not storedunless you explicitly check “Contribute this example to improve detection.” If you check it, we store only that description and its verdict - no IP address, no other identifiers - to improve detection. Leave it unchecked and nothing is retained.

Drift telemetry (the @mcp-index/sdk / mcpindex-preflight clients): off by default. The SDK sends nothing unless you set MCPINDEX_DRIFT_TELEMETRY=detection. When enabled, a tool-pin or a contract drift sends one one-way signal to /api/v1/drift: salted (HMAC) fingerprints of the server/tool id, the contract hashes, the change type, a safety flag, an hour-rounded time, and the client SDK tag (py or ts) - plus a random install id that links one machine’s signals so we can count distinct installs (it is a random token, not derived from you, and is never joined to your IP). Under the same flag, the gate also makes a read-only query to /api/v1/drift/anyto ask whether a tool’s contract already drifted, so it can warn you on the first call; that query sends only a salted fingerprint. It never sends tool schemas, arguments, descriptions, URLs, or server/tool names. (detection enables the signal above; contribute is reserved for a future richer tier and behaves identically today.) Unset the variable to stop.

Cookies: none are set by the site itself. Vercel may set a single platform cookie for routing.

GDPR / CCPA: email hello@mcpindex.ai to request deletion of any personal data tied to you.