MCP server for AI agents
Let agents hand off secrets securely — encryption runs locally in the MCP process.
On this page
Who this is for
Use MCP when an AI assistant needs to create a PrivateNote link as part of a workflow — for example, sending an API key securely with burn-after-reading.
The MCP server exposes a create_private_note tool. The local process encrypts content and returns a shareable URL to the agent.
Install and configure
# npm package (runs via npx)
npx -y privatenote-mcp
# Cursor — ~/.cursor/mcp.json
{
"mcpServers": {
"privatenote": {
"command": "npx",
"args": ["-y", "privatenote-mcp"]
}
}
}
# Claude Desktop — claude_desktop_config.json (same structure)Try it live
Simulate an MCP tool call — the playground encrypts in-page and returns the JSON shape agents receive from create_private_note.
Live demo — creates a real note on privatenote.ai. Use a throwaway secret, not production credentials.
// MCP tool callcreate_private_note({ "content": "sk-live-demo-replace-me", "expiresIn": "1h", "burnAfterReading": true })
Security architecture and privacy boundary
Encryption happens in the local MCP process before upload. The server stores ciphertext only.
Important: if you paste a secret into a cloud AI prompt, the model provider can see it before the MCP tool runs. For the strongest posture, use a local model or the VS Code extension for secrets the agent must never see.
Encrypt locally
AES-256-GCM on your device — browser, editor, terminal, or MCP process.
Upload ciphertext
Only encrypted bytes and note metadata (expiry, burn-after-reading) reach the server.
Key in #fragment
The decryption key stays in the URL hash. Browsers do not send fragments in HTTP requests.
privatenote.ai/note/…#key
creationSource: mcp in analytics.
Optional PRIVATENOTE_API_BASE_URL for self-hosted instances.
Works with any MCP-compatible client.
Configuration reference
| Name | Description |
|---|---|
| create_private_note | MCP tool — content, expiry, burn-after-reading |
| command | npx (or node path to local build) |
| args | ["-y", "privatenote-mcp"] |
| PRIVATENOTE_API_BASE_URL | Override API for self-hosted deployments |
Related integrations
PrivateNote CLI
Zero-footprint secrets in scripts, pipes, and CI — encrypted locally before anything reaches the network.
View docsVS Code, Cursor & Codex IDE
The primary developer entry point — compose, configure, and share without switching context.
View docsOpenAI Codex plugin
MCP plus skills for Codex CLI and IDE — same repository as this site.
View docsChrome extension
Encrypt selected text in the browser without opening privatenote.ai — same client-side flow, fewer context switches.
View docsMCP server for AI agents
Let agents hand off secrets securely — encryption runs locally in the MCP process.