What the AI can and can't see
When you connect an AI assistant to In Parallel over MCP, what it can reach is bounded by choices you make — which Workspaces you share, which actions you approve, and whether people's names are masked.
What it is
An AI assistant connected over MCP only ever sees In Parallel through the access you grant it. There is no hidden, broader view: the assistant reaches your data through a defined set of tools, and three layers of control sit in front of those tools — the Workspaces you shared at connect time, the per-tool permissions you set, and the optional masking of people. This article explains each boundary so you know exactly what a connected assistant can and can't reach before you point it at sensitive work.
Boundary 1 — only the Workspaces you shared
When you connect a tool, In Parallel's consent screen asks which Workspaces to grant access to:
Full access shares all your current and future Workspaces.
Or you tick individual Workspaces to share only those.
The assistant can only see Workspaces in that grant. A Workspace you didn't share is invisible to it — it won't appear in list_workspaces, and no tool can reach into it. To widen or narrow the grant later, reconnect and choose differently. (The grant is also bounded by your own access — connecting an assistant never lets it see more than you can.)
Boundary 2 — reading is free, changing needs approval
Within the Workspaces you shared, tools split into two kinds:
Read tools look things up — meetings, transcripts, decisions, action items, goals, the execution plan, drift reports — and never change anything. These run freely.
Write tools create or change records. In clients that support per-tool permissions (like Claude), write and delete tools default to Needs approval, so the assistant has to ask before it acts. You can tighten this further — switch any tool or group to Blocked, or set a Custom rule.
A handful of write tools are irreversible — deleting a Workspace, publishing or rejecting a changelog entry — and stay on Needs approval for good reason. You set all of this when you connect; see step 6 of the Claude walkthrough in Connect your AI tool.
Some write tools are also ownership-gated: the changelog tools, for example, only reach entries in Workspaces you own, even if you can read others.
Boundary 3 — names are visible unless you mask them
By default, a connected assistant sees real names and email addresses in the data it reads. If you'd rather it didn't, turn on MCP privacy: In Parallel then replaces each person with a stable pseudonym (like Person 4F2A1C) before any response reaches your assistant. The assistant can still tell people apart and follow the work — it just never learns who's who.
Masking is deliberately narrow: it covers people In Parallel knows (Workspace members and meeting participants) and leaves Workspace names, IDs, and the In Parallel recorder intact. See MCP privacy for exactly what is and isn't masked.
What it can and can't reach — at a glance
The assistant can… | The assistant can't… |
Read meetings, transcripts, decisions, action items, goals, the plan, and drift — in the Workspaces you shared | Reach a Workspace you didn't grant access to |
Create or change records — after your approval | Write or delete anything silently, or without the approval you've set |
Act on changelog entries in Workspaces you own | Publish or reject changelog entries in Workspaces you don't own |
See who's who — unless MCP privacy is on | See real names or emails once MCP privacy is on |
Use the current set of tools your client fetches on connect | Reach anything outside the In Parallel tools — there's no back door to your data |
A note on the AI built into In Parallel
This article is about an external assistant you connect over MCP. The AI built into In Parallel — the layer that turns meetings into reports and proposes plan changes — operates under a separate guarantee: it never silently changes execution truth. Every suggestion flows through the report → review → confirm loop, where a person confirms it before it becomes part of the plan. See AI in In Parallel.
Related
What you can do with In Parallel's AI — the use-cases these boundaries make safe.
MCP privacy: mask people in AI responses — hide names and emails from your assistant.
Connect your AI tool to In Parallel — where you set the Workspace grant and per-tool permissions.
In Parallel MCP tools reference — every tool, and which ones read versus write.
Governance, security, and trust — In Parallel's access controls and data handling.
AI in In Parallel — the in-product AI layer and its review gate.