Trust is the whole point of a self-hosted gateway
AnythingMCP is built by helpcode.ai GmbH, an independent team in Freiburg, Germany, using AI coding assistants (primarily Claude) as part of the day-to-day workflow. Every commit is reviewed by a human before merge. The catalog is validated by an automated test suite. Production deployments — including the one running this gateway at the original industrial group since 2025 — are operated by humans.
Why we say this out loud
In 2026, AI-assisted development is the norm, not the exception. We've found that not talking about it does more damage to trust than the practice itself ever could. Buyers and contributors quickly notice the gap between "in production for six months" and a one-person contributor graph. So we name it: humans own every decision, AI helps us move faster, and the test suite plus production deployment are the proof that the result works.
Where your data lives
Connector credentials — API keys, OAuth tokens, database passwords — are AES-256-GCM encrypted at rest in your PostgreSQL. The audit log of every tool invocation lives in your database. It never leaves your infrastructure.
AnythingMCP makes optional outbound calls to anythingmcp.com only for license verification and email delivery when SMTP is unset. No credentials and no tool payloads are ever sent.
Read the source
- AUTHORS.md — full team listing and development-approach disclosure
- SECURITY.md — vulnerability reporting, encryption details, key rotation procedure
- GitHub contributor graph — every human and AI co-author trailer, in the open