Security & privacy
What runs locally and what never leaves your machine.
Godot MCP Studio is local-first by design. The parts that touch your code run on
your machine, not our servers.
Everything runs locally
The MCP server runs on your computer as a local process. Your AI client talks to
it directly. Your project files, scenes, scripts, and everything the AI does to
them are processed on your own machine.
The editor bridge is loopback-only
Live tools talk to Godot over a WebSocket bound to localhost, protected by a
per-project bearer token. Nothing is exposed to your network or the internet.
Running-game sessions use their own short-lived token, handed off privately and
authenticated on every message.
The addon is readable on purpose
The Godot editor addon installs as plain GDScript into your project, so you can
audit every line of the code that touches your scenes and files. Nothing that
runs inside your editor is hidden. The MCP server and desktop app are compiled,
licensed binaries; the addon they install is open for inspection.
What we don't collect
- No telemetry or analytics from the desktop app or the local MCP server.
- We never read, upload, or store your Godot projects. Code stays with you.
- We don't sell or share your data. See the full
What we do store
Only what's needed to run your account: your email and name, authentication
details, and your license and device activations. Payments are handled by Polar,
so we never see your card details.
Permission modes are enforced server-side
The permission mode you choose is enforced by the MCP server, not just the UI.
An AI can't call a tool your mode disallows, and destructive or command-running
actions require confirmation. See Permission modes.
Your responsibility
Keep your license code and account private, and use version control on your
projects. As with any tool that can edit code, a clean git history is your best
undo.