Security

Context7 takes security and privacy seriously. This page outlines our security practices, data handling, and compliance measures.

Highlights

Your original prompts stay with your AI assistant; Context7 only receives search queries formulated by the MCP client, which is instructed to strip sensitive data before sending
Documentation is indexed inside SOC 2 compliant infrastructure operated by Upstash
API keys are encrypted, rate limited, and easy to rotate from your dashboard
Enterprise customers can enable SSO (SAML, OAuth, OIDC) and receive dedicated audit trails
The Context7 Addendum, Upstash Terms and Privacy Policy applies to all users; see trust.upstash.com for full infrastructure compliance details, certifications

Privacy-First Architecture

Query Privacy

Your original prompts and code stay with your AI assistant.

When you use Context7 through an MCP client, the AI assistant (not the user directly) formulates search queries to retrieve relevant documentation. Here is what happens:

Your prompt is processed locally by your AI assistant (e.g., Cursor, Claude Code)
The AI assistant formulates a search query and library name based on your request
Only these formulated queries are sent to the Context7 API — your full prompt, source code, and conversation history are never transmitted
The MCP tool descriptions explicitly instruct the AI assistant to strip sensitive information (API keys, passwords, credentials, personal data, and proprietary code) from queries before sending

What is sent to the Context7 API:

query — a search query formulated by the MCP client (not your original prompt)
libraryName or libraryId — the library to look up
API key (if provided, for authentication)
MCP client name and version (e.g., IDE info, for analytics)
Transport type (stdio or http)
Client IP address, encrypted with AES-256-CBC (HTTP transport only, for rate limiting)

<Note> The MCP client formulates search queries on your behalf and is instructed not to include sensitive or confidential information. Your full prompts, code, and conversation context remain with your AI assistant and are never sent to Context7. </Note>

Use of MCP Queries

The search queries formulated by the MCP client (not your original prompts) are used server-side in two ways:

Documentation Reranking

MCP-formulated queries are passed to LLMs to rerank and select the most relevant documentation for your request. Context7 uses well-known, trusted LLM providers for this purpose — including OpenAI, Google Gemini, and Anthropic.

Benchmarking and Quality Improvement

MCP-formulated queries are anonymously stored and used to benchmark retrieval accuracy and improve the documentation matching pipeline over time.

Enterprise Controls

On-premise Enterprise plans can use their own LLM provider for code extraction and private library ranking
On-premise Enterprise plans can disable public documentation usage, limiting context retrieval to privately indexed documentation only
Enterprise plans can disable query storage for benchmarking — however, this may affect the quality of context retrieval over time

Contact our sales team at context7.com for Enterprise and on-premise plan details.

Customizing What Is Shared

The Context7 MCP server is open source. If you want full control over what is sent as the query parameter, you can:

Fork the Context7 MCP repository
Edit the tool input descriptions in packages/mcp/src/index.ts — these descriptions instruct the AI assistant on how to formulate the query
Build and run your custom MCP server locally

<Warning> The `query` parameter is used server-side for LLM-based reranking of documentation results. Modifying, redacting, or omitting the query can significantly reduce the relevance and quality of returned documentation. </Warning>

Data Storage

Context7 does not store your source files.

We only index and store documentation and code examples from repositories
Your code, and source files are not stored or shared
All indexed content is stored in a secure vector database optimized for retrieval

What we store:

Library documentation
Code examples from documentation
Metadata about indexed libraries
Queries formulated by the MCP client

What we don't store:

Your source code
Your original prompts or conversations
Your conversations with AI assistants

Infrastructure Security

SOC 2 Compliance

Context7 runs on SOC 2 compliant infrastructure provided by Upstash.

Type II SOC 2 certified infrastructure
Regular security audits and assessments
Continuous monitoring and compliance checks
Industry-standard security controls

Managed by Upstash

Context7's infrastructure is managed by the experienced Upstash team:

24/7 infrastructure monitoring
Automated security patching
DDoS protection and mitigation
Redundant backups and disaster recovery
Enterprise-grade reliability and uptime

Upstash Security Practices

All security practices and certificates of Upstash apply to Context7 products:

Data Encryption: Encryption at rest and in transit (TLS 1.2+)
Network Security: VPC isolation, firewall rules, and network segmentation
Access Control: Role-based access control (RBAC) and least privilege principles
Audit Logging: Comprehensive logging of all system activities
Incident Response: Documented incident response procedures
Vulnerability Management: Regular security scanning and penetration testing

Learn more about Upstash security: trust.upstash.com

Authentication and Access Control

API Key Security

API keys use cryptographic random generation
Keys are hashed and encrypted in our database
Keys can be rotated at any time from your dashboard
Rate limiting prevents abuse and unauthorized access

Enterprise SSO

Single Sign-On (SSO) is available for Enterprise plans.

Supported SSO providers:

SAML 2.0
OAuth 2.0
OpenID Connect (OIDC)

Enterprise features include:

Centralized user management
Teamspace access controls
Audit logs for compliance
Custom authentication policies

Contact our sales team at context7.com for Enterprise plan details.

Data Protection

Privacy by Design

Data Minimization: We only collect and store what's necessary
Purpose Limitation: Documentation data is used only for documentation retrieval
Storage Limitation: Automated cleanup of outdated data
Transparency: Clear documentation of what we collect and why

Context7 provides:

The right to access your data
The right to delete your data
Data portability options
Clear consent mechanisms
Privacy-first data processing

Data Residency

All indexed documentation and metadata are stored within Upstash's SOC 2 compliant infrastructure in the United States and the European Union. Cross-border data transfers comply with the EU General Data Protection Regulation (GDPR) and the EU-U.S. Data Privacy Framework (DPF), and enterprise customers can request region-specific data residency to meet local regulatory requirements.

Rate Limiting and Abuse Prevention

IP-based rate limiting for anonymous requests
API key-based rate limiting with tiered limits
Automatic detection and blocking of abusive patterns
Protection against DDoS and scraping attacks

Prompt Injection Detection

Context7 indexes documentation from public and private repositories. To protect against malicious content being served to AI assistants, Context7 employs a two-pass prompt injection detection pipeline.

Complementary detection stages — two independent classifiers run in sequence, combining different detection approaches to maximize coverage while minimizing false positives
Skills.md pipeline — a separate but related detection pipeline is used for Skills files, adapted to their distinct structure and intent
Continuous monitoring — flagged content is tracked and reviewed on an ongoing basis
Regular updates — classifier pipelines are updated to address evolving attack methods and new injection techniques

This ensures that documentation retrieved through Context7 is safe to consume by both human developers and AI coding agents.

For more details on how Context7 handles quality and safety, see the Quality and Safety in Context7 blog post.

Secure Development Practices

Regular security code reviews
Automated dependency scanning
Secure CI/CD pipelines
Principle of least privilege for all systems
Security testing in development lifecycle

Reporting Security Issues

If you discover a security vulnerability:

Do not publicly disclose the issue
Report via GitHub Security
Include detailed steps to reproduce the issue
Allow reasonable time for us to address the issue

We take all security reports seriously and will respond promptly.

Transparency and Compliance

Open Source

The Context7 MCP server is open source:

Code is publicly available on GitHub
Community can audit and contribute
Transparent implementation and practices

Repository: github.com/upstash/context7

Compliance Certifications

Context7 benefits from Upstash's compliance certifications:

SOC 2 Type II
GDPR compliant
ISO 27001 (in progress)

Best Practices for Users

Secure Your API Keys

Never commit API keys to version control
Use environment variables for key storage
Rotate keys regularly
Use different keys for different environments
Revoke unused or compromised keys immediately

Private Repositories

For private repository access:

Only grant minimum required permissions
Use dedicated API keys for private repos
Regularly audit access permissions
Consider using GitHub Apps with fine-grained permissions

Network Security

Use HTTPS for all API communications (enforced)
Configure proxy settings securely if behind a firewall
Monitor API usage for unusual patterns
Implement request timeouts and retries

Data Retention

Library Documentation: Retained while the library is active and public
API Logs: Retained for 30 days for debugging and analytics
User Data: Retained according to your account status
Deleted Data: Permanently removed within 30 days of deletion request

Questions and Support

For security-related questions:

Contact us through GitHub Issues
Join our Discord Community
Enterprise customers: Contact your dedicated support team

For privacy policy details, visit: context7.com/privacy

Last Updated: February 2026

We continuously improve our security practices. Check this page regularly for updates.