Hive Secrets
Server Details
Encrypted secret store and rotation for autonomous agent credentials
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
- Repository
- srotzin/hive-mcp-secrets
- GitHub Stars
- 0
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 3.9/5 across 4 of 4 tools scored. Lowest: 3.3/5.
Each tool targets a distinct operation: audit (log read), get (secret read), list (key enumeration), put (secret write). No overlap in functionality.
All tools follow a consistent verb_noun pattern with snake_case and the common prefix 'secrets_': audit, get, list, put. This allows agents to predict tool names.
With 4 tools covering core operations (read, write, list, audit), the count is well-scoped for a secrets management server, fitting the typical 3-15 range.
The set covers key operations but lacks a delete/remove tool. However, the put tool overwrites, so the missing delete is a minor gap that agents might work around.
Available Tools
4 toolssecrets_auditBInspect
Read the audit log for a namespace. Returns the most recent entries within an optional time window. Charges $0.002 USDC on Base.
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No | Default 100, max 1000. | |
| tx_hash | No | ||
| since_ms | No | ||
| until_ms | No | ||
| namespace | Yes | ||
| caller_did | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Discloses read-only nature and time window filtering. Lacks details on pagination, rate limits, or idempotency, but cost is noted. Without annotations, more behavioral context would be beneficial.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Three short, front-loaded sentences with no redundancy. Every sentence adds value: purpose, behavior, cost.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Lacks output format, pagination, error handling, and parameter format details (e.g., time units). Given moderate parameter count and no output schema, description is incomplete.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Description hints at time window parameters (since_ms, until_ms) but doesn't explain tx_hash or caller_did. Schema coverage is low (17%) and description adds minimal meaning beyond schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Explicitly states verb (read) and resource (audit log for a namespace), with specific detail ('most recent entries within an optional time window'). Clearly distinguishes from sibling tools like secrets_get.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
No guidance on when to use vs alternatives (e.g., secrets_list or secrets_get). Only mentions cost, not usage context or prerequisites.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
secrets_getAInspect
Read and decrypt a secret by namespace and key. Caller must own the namespace (caller_did === namespace). Charges $0.002 USDC on Base.
| Name | Required | Description | Default |
|---|---|---|---|
| key | Yes | Secret key within the namespace. | |
| tx_hash | No | Base USDC tx hash that paid the asking amount to W1. | |
| namespace | Yes | Owner DID. Must equal caller_did. | |
| caller_did | Yes | DID of the caller. Used for namespace authorization. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations exist, so the description carries full burden. It discloses key behaviors: read and decrypt (idempotent-like but with cost), authorization requirement, and monetary charge. Lacks details on error conditions but covers the main behavioral traits.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Three short, front-loaded sentences with no wasted words. Every sentence adds essential information: purpose, authorization, cost.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
With no output schema, the description should mention return values or expected output, which it omits. It covers purpose, auth, and cost but leaves the return format unaddressed, making it only minimally complete.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100%, so baseline is 3. The description reinforces the namespace-caller_did relationship and cost context but does not add new semantics beyond the schema's param descriptions.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description uses specific verb 'Read and decrypt' and names the resources 'secret by namespace and key'. It clearly distinguishes from siblings (secrets_audit, secrets_list, secrets_put) by describing a unique operation.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description states the prerequisite (caller must own namespace) and cost ($0.002 USDC), giving clear context for when to use. It does not explicitly compare to siblings, but the unique operation implies when to choose this tool.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
secrets_listAInspect
List keys in a namespace. Read-only, no charge. Caller must own the namespace.
| Name | Required | Description | Default |
|---|---|---|---|
| namespace | Yes | ||
| caller_did | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations, the description carries full burden. It discloses read-only behavior and no charge, which is good. However, it omits what the tool returns (e.g., list of keys) or any side effects, leaving gaps.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Two short sentences with no extraneous words. Every sentence provides essential information efficiently.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given no output schema or annotations, the description is minimal. It covers read-only and ownership but lacks details on return format, error handling, or pagination. Adequate for a simple tool but could be more comprehensive.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 0% with no parameter descriptions. The description implies 'namespace' but does not explain 'caller_did' or how it's used. It adds minimal value beyond the schema structure.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description 'List keys in a namespace' uses a specific verb and resource, clearly stating the tool's function. It also adds 'Read-only, no charge' which distinguishes it from sibling tools like secrets_put (write) and secrets_get (single key retrieval).
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides clear context by stating 'Caller must own the namespace,' a key precondition. It does not explicitly exclude alternative tools, but the purpose is distinct enough from siblings to guide selection.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
secrets_putAInspect
Encrypt and store a secret value at (namespace, key). Overwrites the previous value if present and bumps version. Charges $0.005 USDC on Base. Returns 503 if SECRETS_MASTER_KEY is not set on the server.
| Name | Required | Description | Default |
|---|---|---|---|
| key | Yes | ||
| value | Yes | UTF-8 string up to 65536 bytes. | |
| tx_hash | No | ||
| namespace | Yes | Owner DID. Must equal caller_did. | |
| caller_did | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations exist, so the description carries full burden. It discloses encryption, overwrite, version bump, cost, and a specific error condition (503). It does not mention authorization constraints (namespace must equal caller_did) or what happens to previous values beyond overwrite.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Two sentences convey all essential information: action, overwrite, version, cost, error condition. No fluff, every clause adds value.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given 5 parameters and no output schema, the description covers the core behavior and a key error. However, it omits the return value on success and doesn't explain the tx_hash parameter, which is important for a paid operation.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 40% (2 of 5 parameters have descriptions). The description adds overall context but does not explain key, tx_hash, or caller_did beyond their names. It partially compensates for low coverage by explaining the operation's purpose, but per-parameter detail is lacking.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description uses specific verbs ('encrypt and store') and identifies the resource ('secret value at (namespace, key)'). It clearly distinguishes from sibling tools (secrets_audit, secrets_get, secrets_list) by describing overwrite behavior, version bump, and cost.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies the tool is for storing or updating secrets, and the cost hint advises against frequent or unnecessary use. However, it lacks explicit guidance on when to avoid this tool or when to use siblings instead.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!