Troubleshooting & FAQ

When you drop a document into the library, it flows through a multi-stage pipeline that validates, extracts, enriches, and indexes the content — then makes it searchable through Claude and the website. Here's what happens at each stage:

What makes this different: Most document search systems just do OCR and keyword matching. This pipeline uses structure-aware AI that understands tables and diagrams, semantic search that finds answers even when the exact words don't match, and security-first ingress that sanitizes every file before it enters the system. Every value traces back to a specific page and element in the source document.

PDF Swallow is entirely self-hosted on your company's infrastructure — no document content ever leaves your network except for the specific AI processing calls described below. Here's how each layer of security works:

Your documents stay on your servers

All uploaded files, extracted data, page images, and search embeddings are stored on server3 (Synology NAS) and the GPU workstation — both owned and operated by Expertise Engineering and located in our office. The original unsanitized files are preserved in a private induction library for reprocessing. Sanitized copies are stored separately for extraction and search. Nothing is hosted in the cloud.

Document sanitization

Every uploaded file passes through a security-first ingress pipeline before entering the system:

• Strict allowlist — only known safe file types are accepted. Unknown types are rejected outright, not stored.
• Malware scanning — ClamAV scans every file before it enters the library. Infected files are rejected immediately.
• PDF sanitization — JavaScript, launch actions, form submissions, embedded files, and ActiveX controls are stripped. Bookmarks, table of contents, and hyperlinks are preserved. Embedded images are re-encoded to eliminate hidden payloads.
• Image sanitization — all EXIF metadata (GPS, device info) is stripped. Images are decoded and re-encoded.
• Office documents — external references, OLE objects, and external templates are removed. Macro-enabled formats (.docm, .xlsm, .pptm) are rejected entirely.
• Deduplication — dual SHA-256 hashing (pre- and post-sanitization) prevents both exact re-uploads and near-duplicates from entering the library.

Rejected files are deleted immediately — only the rejection record (filename, reason, hash) is kept for audit.

What goes to the cloud — and only to the cloud

Three specific functions use the Anthropic Claude API. Anthropic does not train on API inputs.

• Entity extraction — table content is sent to Claude Sonnet to extract structured data (parameters, registers, pins). Uses the Batch API at reduced cost.
• Figure enrichment — cropped diagram images are sent to Claude Haiku during extraction for text label extraction and description.
• Search intelligence — your search query text (not document content) is sent to Claude Haiku to parse intent and synthesize a brief answer from results.

Search queries from Claude.ai also go through Anthropic (since Claude is the one calling the MCP tools), but the search itself happens locally — only the results are returned, not your full document corpus.

Cost guardrails are enforced: a per-document call limit (500) and a monthly spend freeze ($100) prevent runaway API usage. The admin can monitor costs on the AI Accounts page.

Network architecture

The platform sits behind an OPNsense firewall (VP2420) on a dedicated platform network, separate from the office LAN. Engineers connect through the firewall's SNI routing — there is no direct network access to the server. All external connections use TLS 1.3 with AES-256-GCM encryption. Let's Encrypt certificates auto-renew. HSTS headers ensure browsers never downgrade to unencrypted connections. Internal traffic between services uses Docker's private network, isolated from the LAN. The GPU workstation has no direct internet access — it reaches the internet only through a forward proxy on server3.

Authentication

Every tool call and website action requires authentication. The MCP server uses OAuth 2.0 with PKCE for Claude.ai connections and bearer tokens for Claude Code. Tokens are stored as SHA-256 hashes — even if the database were compromised, the actual tokens cannot be recovered. Personal tokens expire after one year, OAuth tokens after 30 days. The MCP server also enforces per-IP rate limiting (60 requests/minute).

Access control

Only engineers with accounts can access the platform. Accounts are created by admin invitation only — there is no self-registration. The admin can deactivate any engineer's access instantly, which revokes all their tokens. Every tool call and document event is logged with the caller's identity for audit purposes.

Input protection

All database queries use parameterized statements (immune to SQL injection). Every user input field has server-side length validation — bundle names, part numbers, search queries, passwords, and all form fields are capped to prevent abuse. Select fields (document role, feedback category) are validated against whitelists. The website sets security headers including X-Frame-Options (prevents clickjacking), X-Content-Type-Options (prevents MIME sniffing), HSTS, and a strict Referrer-Policy.

Infrastructure isolation

Each service runs in its own Docker container with memory limits and log rotation configured. The database runs on a dedicated NVMe volume, not exposed to the internet or the office LAN — only internal containers can reach it. Engineers have no direct access to the server; all interaction goes through the authenticated website and MCP interfaces. The VP2420 firewall is the only internet-facing component, shielding the application servers from direct exposure. Database operations use connection timeouts and command timeouts to prevent hanging queries from blocking the system.

What we don't do

• We don't send your documents to any third-party service other than Anthropic's Claude API for the specific steps above.
• We don't store passwords in plaintext — they're bcrypt-hashed with salt, and password length is capped to prevent CPU abuse.
• We don't log sensitive content — event logs record summaries, not full document text.
• We don't retain data on external servers — everything is on Expertise Engineering hardware in our office.
• We don't keep rejected files — they are deleted immediately after recording the rejection reason.

In short: Your documents live on our office servers — not in the cloud. Every file is scanned, sanitized, and stripped of hidden threats before entering the system. The AI reads specific parts during processing, then discards them. All access goes through our firewall, is encrypted with TLS 1.3, and requires authentication. The admin has full control over who can use the system and how much AI budget is spent.

PDF Swallow runs on dedicated hardware in the Expertise Engineering office. Three network zones connect through an AT&T router with multiple static IPs:

PDF Swallow includes MCP tools that let Claude automate the first step of a design review: making sure every component on your BOM has a datasheet in the library. This works with BOM exports from Altium (or any tool that produces a parts list).

The workflow

When you ask Claude to review a PCB design, it follows this sequence:

1. Parse the BOM — Claude reads your BOM file (CSV, Excel, or IPC 2581) and extracts the list of part numbers.
2. Check coverage — The check_bom tool queries the library in batch and identifies which components already have completed datasheets and which are missing.
3. Upload missing datasheets — For missing parts, upload the datasheets manually through the Library page. Use the Part Number field to tag each upload with the correct IPN.
4. Wait for processing — The ingestion_status tool polls the pipeline. Each datasheet goes through extraction and chunking — typically 5 to 15 minutes per document. Pass the doc_number (the 6-digit number shown in the UI) or a UUID.
5. Proceed with review — Once all datasheets are indexed, Claude uses the standard library tools (search_docs, get_component, lookup_parameter, etc.) to perform the actual design review.

Tools

In short: Claude checks which datasheets you already have and which are missing. You upload the missing ones, and once everything is indexed, Claude has the full technical context to review your design.

Check that you entered exactly https://mcp.exp-prod.info with no trailing slash. If a browser tab opened and then closed without redirecting back to Claude.ai, try again — the OAuth flow may have timed out. If no browser tab opened at all, try a different browser.

This is usually a browser popup blocker. Make sure popups are allowed from mcp.exp-prod.info. Try the connection flow again.

Check the server URL in your config: claude mcp list. It should show https://mcp.exp-prod.info/mcp. If the URL is correct, go to the Verify page (linked from the Connect page) and check whether the MCP server is reachable.

Personal tokens expire after 1 year and OAuth tokens expire after 30 days (but refresh automatically in Claude.ai). If you're using Claude Code, go to your account page and check whether your token is still active. If it's expired or revoked, rotate it and update your Claude Code config.

In Claude Code, run /mcp to check connection status. If the server shows as disconnected, run claude mcp list to verify the config. In Claude.ai, go to Settings → Connectors and check the server shows as connected.

Go to your account page and rotate your token. This generates a new one. Update your Claude Code config with the new token.