@parrotit/mcp-responder
v0.4.0
Published
Local MCP server that lets a responder's AI client (Claude, openclaw.ai, Cursor) read from and save to their ParrotIt vault on demand. ParrotIt the company never sees plaintext.
Maintainers
Readme
@parrotit/mcp-responder
A local MCP server that lets your AI client (Claude Desktop, Claude Code, Cursor, openclaw.ai, …) read from and save to your ParrotIt vault on demand — so you never paste the same details into another form again.
It runs entirely on your machine, talks to the AI client over stdio, and decrypts your vault values locally with a key held in your OS keychain. ParrotIt's servers only ever hold ciphertext + the names of your attributes — never your values.
Read this first — the trust boundary
- Your AI client (and its provider) sees whatever it reads. When the AI pulls your email or address to fill a form, that value goes to your AI provider (Anthropic, OpenAI, …). That is your informed choice when you connect an AI.
- ParrotIt never sees your values. Only this connector, on your device, can decrypt them.
- Every read and save is logged. Open the ParrotIt app → AI activity to see a sentence per action and disconnect any AI at any time.
- That log is only as honest as this connector. It is recorded by the official
@parrotit/mcp-responderbinary; a different program could read a plain export of your data without appearing in it. Install this from npm, not a fork you don't trust. - Some data is never released to a headless AI: special-category data (e.g. health) and government identifiers (NI / NHS / passport / driving licence / UTR / right-to-work) are refused for reads, and refused for saves.
- Disconnecting stops future access, not past reads. Anything already read is in your AI client's context and cannot be un-sent.
Install & connect
npm install -g @parrotit/mcp-responder
parrotit-mcp-responder pairpair enrols this connector as a linked ParrotIt device: it generates its own keys, opens a pairing session, and prints a 6-digit safety code. In the ParrotIt app, go to My Devices → add a device and enter the code to approve it. The connector then unwraps your vault key, stores its credentials in your OS keychain, and prints the config snippet below.
Add it to your AI client config (e.g. Claude Desktop's claude_desktop_config.json):
{
"mcpServers": {
"parrotit": {
"command": "npx",
"args": ["-y", "@parrotit/mcp-responder"],
"env": { "PARROTIT_CLIENT_FAMILY": "claude-desktop" }
}
}
}Restart the client. The tools appear under the parrotit server.
Connectors are read-only by default. To let an AI save details, turn on "Allow saving" for it under AI activity in the ParrotIt app.
Tools
| Tool | Purpose |
|-------------|-------------------------------------------------------------------------------------------|
| get | Fetch one canonical-key value (e.g. contact.applicant.email). Requires a purpose. |
| get_many | Fetch several values in one call; partial success allowed. Requires a purpose. |
| list_keys | Return canonical keys + labels + sensitivity tiers — never values. |
| search | Match a free-text description (e.g. "home address") to ranked canonical-key candidates. |
| save | Save a NEW detail the user stated about themselves. Result is metadata only; most saves land pending until the user confirms them in the app. |
Reads and saves each write exactly one entry to your AI activity log. The save result never echoes the value back.
Sensitivity tiers
Mirrors the ParrotIt catalogue.
| Tier | Class | Examples | Read | Save | |------|------------------|-------------------------------------------|------------------------------|-------------------------------| | 1 | Public | Name, email, phone | Served | A tiny allowlist auto-saves; rest pending | | 2 | Private | Date of birth, address | Served | Pending-confirm-in-app | | 3 | Regulated | Income, bank details | Served, flagged | Pending; gov IDs refused | | 4 | Special category | Health conditions, medications | Refused (headless) | Refused |
Configuration (env)
| Variable | Default | Purpose |
|--------------------------------|-----------------------------------------------------------|--------------------------------------|
| PARROTIT_CLIENT_FAMILY | unknown | Which AI client — shown in your log. |
| PARROTIT_API_BASE_URL | https://europe-west2-tut-blog.cloudfunctions.net/api | ParrotIt API base. |
| PARROTIT_KEYCHAIN_SERVICE | parrotit-mcp-responder | OS keychain service name. |
Privacy invariants
- ParrotIt operators cannot read your vault — values are decrypted only here, on your device.
- You can see every read and save — the AI activity log in the app.
- You can revoke — disconnect a connector in the app; it loses access on its next token mint and within the token TTL at the latest. Past reads cannot be retracted.
- No login — your identity is anchored in your enrolled devices; this connector is one of them.
