Summary
Add an opt-in way to sanitize/summarize exception content in logs using the standard .NET Microsoft.Extensions.Diagnostics.ExceptionSummarization abstractions (IExceptionSummarizer / ExceptionSummary).
Motivation
Today, exceptions are logged by passing Exception instances to ILogger logger-message methods on failure paths (notably request handler failures and outer message-handler failures).
Many logging providers render exception message + stack trace, which can include sensitive or overly detailed runtime data.
Hosts currently can customize providers/sinks, but there isn’t an SDK-level opt-in to use the .NET exception summarization abstraction directly at these logging callsites. Supporting that would make privacy/safety-oriented logging easier and more consistent in production environments.
Proposed behavior
If no summarizer is configured: keep current behavior (log raw exception as today).
If an IExceptionSummarizer is configured: log summarized/sanitized description (e.g., ExceptionSummary.Description) on the relevant exception logging paths instead of passing the raw exception object for those paths.
Why this helps
Enables centralized privacy/safety controls for logs at a common server hot path.
Aligns with existing .NET diagnostics abstractions instead of introducing MCP-specific logging contracts.
Keeps compatibility by remaining opt-in and preserving default behavior.
Summary
Add an opt-in way to sanitize/summarize exception content in logs using the standard .NET Microsoft.Extensions.Diagnostics.ExceptionSummarization abstractions (IExceptionSummarizer / ExceptionSummary).
Motivation
Today, exceptions are logged by passing Exception instances to ILogger logger-message methods on failure paths (notably request handler failures and outer message-handler failures).
Many logging providers render exception message + stack trace, which can include sensitive or overly detailed runtime data.
Hosts currently can customize providers/sinks, but there isn’t an SDK-level opt-in to use the .NET exception summarization abstraction directly at these logging callsites. Supporting that would make privacy/safety-oriented logging easier and more consistent in production environments.
Proposed behavior
If no summarizer is configured: keep current behavior (log raw exception as today).
If an IExceptionSummarizer is configured: log summarized/sanitized description (e.g., ExceptionSummary.Description) on the relevant exception logging paths instead of passing the raw exception object for those paths.
Why this helps
Enables centralized privacy/safety controls for logs at a common server hot path.
Aligns with existing .NET diagnostics abstractions instead of introducing MCP-specific logging contracts.
Keeps compatibility by remaining opt-in and preserving default behavior.