AgentReserve

Privacy

Effective date: 2026-04-27. Minimum-viable summary — full policy lives at the URL below and is the source of truth.

What we collect

  • Scan inputs. The MCP server URL you submit, the redacted protocol probe response, and the resulting score. URLs are public by design — assume they will be indexed.
  • Account data. If you sign in, we store your email address, your magic-link history, and any API keys you create (keys are stored as SHA-256 hashes, not in cleartext).
  • Request telemetry. Per scan: the SHA-256 hash of your IP, your User-Agent, your Referer, and the `scanSource` you self-declared. The raw IP is hashed at the edge and never persisted.

What we do not collect

  • We do not invoke any tool exposed by the MCP server we scan. All assessment is passive: we read protocol metadata and the tool catalog only.
  • We do not retain raw IP addresses. The hash cannot be reversed; comparable hashes are how we apply rate limits.
  • We do not sell scan data. We may publish aggregate statistics (e.g. “X% of MCP servers expose a destructive tool”) that cannot identify a specific server or operator.

Public reports

Every successful scan creates a report at /reports/<slug>. The slug is opaque but shareable — the report is publicly accessible to anyone with the link, indexed by search engines, and embedded in our directory at /servers. Reports are immutable once created. If you believe a report is wrong, file a dispute via the link on the report itself.

Webhooks

If you create a webhook, we will POST scored event payloads to the URL you configured. Outbound deliveries include the scan id, the public report slug, and the score — no probe internals or secrets. The receiver can verify the delivery via the HMAC signature in the X-AgentReserve-Signature header.

Contact

Privacy questions go to privacy@agentreserve.dev. The full policy will live at agentreserve.dev/legal/privacy (placeholder URL until the legal team publishes the long form).