@tenetlabs/mcp

MCP server for Tenet PII detection and redaction. Connects Claude Desktop, Claude Code, Cursor, Windsurf, or any MCP client to the local Tenet engine for real-time scanning, redaction, and compliance enforcement.

Features

• PII detection and redaction -- Scan text and files for 15+ entity types (names, emails, SSNs, phone numbers, addresses, dates of birth, medical record numbers, and more) using a local ML model + regex patterns
• Safe file operations -- Read files, execute commands, and write output with PII automatically redacted before content enters the AI's context
• PDF support -- Read PDFs with text, table, and form field extraction. Generate PDFs and fill PDF forms with PII restored from encrypted storage
• Spreadsheet support -- Generate Excel and CSV files with PII scanning, redaction, and rehydration
• HITL consent -- Interactive elicitation dialogs ask users before redacting or revealing PII
• Compliance policies -- Activate named tenets (HIPAA Safe Harbor, financial, security) that configure detection thresholds, entity types, and redaction modes
• Session continuity -- Consistent placeholder numbering across tool calls. Recover original values from the encrypted token store when authorized
• Tutorial onboarding -- Synthetic healthcare sample files for first-run experience
• Fully local -- All PII processing happens on your machine. No data is sent to Tenet Labs or any cloud service

Prerequisites

Install the Tenet desktop app before using this MCP server:

• macOS / Windows: Download from tenetlabs.com/download
• Linux: See getting started guide

The MCP server is a thin proxy -- all detection logic runs in the Tenet app on your machine.

Installation

Claude Desktop

Add to your Claude Desktop config file:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "Tenet": {
      "command": "npx",
      "args": ["@tenetlabs/mcp"]
    }
  }
}

Restart Claude Desktop. The Tenet tools will appear automatically.

Claude Code

claude mcp add Tenet -- npx @tenetlabs/mcp

Cursor

Open Settings > MCP > Add new MCP server:

{
  "Tenet": {
    "command": "npx",
    "args": ["@tenetlabs/mcp"]
  }
}

Windsurf

Add to your Windsurf MCP configuration:

{
  "mcpServers": {
    "Tenet": {
      "command": "npx",
      "args": ["@tenetlabs/mcp"]
    }
  }
}

Other MCP clients

Any MCP client that supports stdio transport can use this server. Set the command to npx @tenetlabs/mcp.

Configuration

| Environment Variable | Default | Description | |---------------------|---------|-------------| | TENET_HOST | 127.0.0.1 | Tenet server host | | TENET_PORT | 19990 | Tenet server port |

Usage Examples

Example 1: Scan a patient file for PII

Prompt: "Check this prior authorization form for sensitive data before I review it."

Claude calls safe_read with mode="scan":

safe_read(file_path="prior_auth_request.txt", session_id="session-001", mode="scan")

Output:

PII detected in prior_auth_request.txt: FIRST_NAME (1), LAST_NAME (1), SSN (1),
EMAIL (1), PHONE (1), ADDRESS (1), DOB (1)

Total: 7 entities found.

[Tenet: User decision required]
This file contains PII. How would you like to proceed?
- Continue with PII redacted
- Use original data
- Cancel

If the MCP client supports elicitation, an interactive dialog appears. Otherwise, Claude presents the choices as text.

Example 2: Read a PDF form and extract fields

Prompt: "What fields does this insurance enrollment form have?"

Claude calls safe_read with extract="fields":

safe_read(file_path="enrollment_form.pdf", session_id="session-001", extract="fields")

Output:

{
  "text_fields": {
    "Patient Name": "[FIRST_NAME_1] [LAST_NAME_1]",
    "Date of Birth": "[DOB_1]",
    "SSN": "[SSN_1]",
    "Address": "[ADDRESS_1]",
    "Diagnosis": "Hypertrophic Cardiomyopathy (I42.1)"
  },
  "checkbox_and_radio_fields": {
    "Urgent": "/Off",
    "Routine": "/Yes"
  }
}

PII in form field values is redacted. Non-PII clinical data (diagnosis codes, procedure names) passes through unchanged.

Example 3: Convert an employee CSV to a carrier Excel template

Prompt: "Read the employee census CSV, map it to the carrier template columns, and generate a filled Excel file."

Claude reads the CSV with PII redacted, then generates an Excel file with placeholders:

safe_read(file_path="employee_census.csv", session_id="session-001")

Output (redacted CSV content):

Last Name,First Name,DOB,SSN,Email,Title,Medical Plan
[LAST_NAME_1],[FIRST_NAME_1],[DOB_1],[SSN_1],[EMAIL_1],CNC Operator,Gold PPO
[LAST_NAME_2],[FIRST_NAME_2],[DOB_2],[SSN_2],[EMAIL_2],Welder,Waive
[LAST_NAME_3],[FIRST_NAME_3],[DOB_3],[SSN_3],[EMAIL_3],Assembler,Silver HMO

Claude maps the columns and generates the carrier template:

safe_xlsx(
  output_path="carrier_template.xlsx",
  session_id="session-001",
  sheets=[{
    "name": "Enrollment",
    "headers": ["Employee Last Name", "Employee First Name", "DOB", "SSN", "Medical Plan"],
    "rows": [
      ["[LAST_NAME_1]", "[FIRST_NAME_1]", "[DOB_1]", "[SSN_1]", "Gold PPO"],
      ["[LAST_NAME_2]", "[FIRST_NAME_2]", "[DOB_2]", "[SSN_2]", "Waive"],
      ["[LAST_NAME_3]", "[FIRST_NAME_3]", "[DOB_3]", "[SSN_3]", "Silver HMO"]
    ]
  }],
  rehydrate=true
)

Output: Wrote 'carrier_template.xlsx' -- the Excel file contains the original employee data restored from the encrypted token store. The AI never saw the real names, SSNs, or dates of birth.

Tools

Detection

| Tool | Description | Annotations | |------|-------------|-------------| | pii_scan | Scan text for PII -- returns entity types and confidence scores | read-only | | pii_redact | Redact PII from text with type-safe placeholders ([EMAIL_1], [SSN_1]) | mutating |

Safe file operations

| Tool | Description | Annotations | |------|-------------|-------------| | safe_read | Read a file with PII redacted. Supports text and PDFs (text, tables, fields, all). Scan mode for summary only | read-only | | safe_write | Write content to a file only after verifying it contains no PII | mutating | | safe_exec | Execute a shell command and redact PII from the output | destructive |

Recovery and document generation

| Tool | Description | Annotations | |------|-------------|-------------| | pii_recover | Recover original PII values for a session from the encrypted token store | read-only | | safe_pdf_write | Generate a PDF from Markdown with PII placeholders restored | mutating | | safe_pdf_fill | Fill a PDF form template with PII placeholders restored to originals | mutating | | safe_xlsx | Generate an Excel spreadsheet with PII scanning and rehydration | mutating | | safe_csv | Generate a CSV file with PII scanning and rehydration | mutating |

Compliance management

| Tool | Description | Annotations | |------|-------------|-------------| | pii_status | Check Tenet server status and configuration | read-only | | tenet_list | List available compliance policies (tenets) | read-only | | tenet_activate | Activate a compliance tenet by ID | mutating | | tenet_deactivate | Deactivate a compliance tenet by ID | mutating |

Tutorial

| Tool | Description | Annotations | |------|-------------|-------------| | tutorial_setup | Create synthetic sample files for the getting-started tutorial | mutating | | tutorial_cleanup | Remove tutorial sample files | destructive |

Resources

| URI | Description | |-----|-------------| | tenet://compliance-foundation | Compliance behavior prompt -- teaches the AI the scan-first protocol | | tenet://status | Live Tenet server status as JSON | | tenet://config | Current Tenet configuration | | tenet://audit/recent | Last 20 audit events | | tenet://tenets | All available tenets with active status | | tenet://decisions/{session_id} | Session decision state |

Prompts

| Prompt | Description | |--------|-------------| | pii_review | Review text for PII and recommend handling strategies | | compliance_report | Generate a HIPAA compliance report from the current session |

Troubleshooting

Tools return "Tenet is not installed" Install the Tenet desktop app from tenetlabs.com/download.

Tools return "Tenet is not running" Start Tenet from the menu bar icon (macOS), system tray (Windows), or run tenet start in a terminal.

Tools return "Model is loading" Wait 30-60 seconds for the detection model to finish loading on first launch.

Tools return HTTP 401 errors The API key is missing or invalid. Run tenet install to generate a new key.

PDF extraction returns empty results Ensure the PDF contains extractable text (not scanned images). Use extract="all" to check all extraction modes.

Privacy Policy

Tenet runs entirely on your local machine. PII detection, redaction, storage, and audit logging all happen locally. Tenet Labs does not operate a cloud service that receives, processes, or stores your data in standard deployments.

Full privacy policy: tenetlabs.com/privacy

Support

• Issues and bug reports: github.com/tenetlabsdev/tenet-mcp-server/issues
• Email: [email protected]
• Documentation: docs.tenetlabs.com
• Privacy questions: [email protected]

License

MIT