Which integrations are available for this server?

Allows AI assistants to write .env files with secrets from a local database without exposing secret values, providing tools to search for secrets by name/description and write them directly to .env files

How do I use Secret MCP?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@Secret MCP add my OpenAI API key to the project's .env file" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

Secret MCP

A desktop app for managing secrets with an MCP server that lets AI coding assistants write .env files without ever seeing the secret values.

Why?

Generating .env file is a pain, especially because there is no vibing out of it. But its an even stronger pain to leak secrets to AI coding assistants run on the cloud.

Features

Desktop App: Simple window for managing secrets (name, description, value)
MCP Server: Two tools for AI assistants:
- search_secrets: Find secrets by name/description (never exposes values)
- write_env: Write secrets to .env files (values go straight to file, never to AI)
Local Storage: All secrets stored locally in SQLite
npm Package: Just npx secret-mcp - no build required

Installation

Desktop App

Download from Releases or build from source:

npm install
npm run tauri build

MCP Server Setup

Add to your MCP client config:

"secret-mcp": {
  "command": "npx",
  "args": ["secret-mcp"]
}

Usage

Open Secret MCP app
Add your secrets (API keys, tokens, etc.)
When coding with AI, it will automatically use search_secrets and write_env to set up your .env files (Note: the name of the secret is the variable name in the .env file)

MCP Tools

search_secrets

Search for secrets by name or description. Returns names and descriptions only - values are never exposed.

// Input
{ query: "openai" }

// Output
[
  { name: "OPENAI_API_KEY", description: "OpenAI API key" }
]

write_env

Write secrets to a .env file. Values go directly from your local database to the file - never passed through the AI.

// Input
{
  keys: ["OPENAI_API_KEY", "DATABASE_URL"],
  path: "/Users/you/project/.env"
}

// Output
"Successfully wrote 2 secret(s) to /Users/you/project/.env"

Data Storage

Secrets are stored locally:

macOS: ~/Library/Application Support/secret-mcp/secrets.db
Linux: ~/.local/share/secret-mcp/secrets.db
Windows: %APPDATA%/secret-mcp/secrets.db

Security

Secret values never leave your machine (except to .env files you specify)
MCP server only returns secret names and descriptions to the AI
.env files written with 600 permissions (owner read/write only)

Tech Stack

Desktop: Tauri 2.0 + Svelte 5 + TypeScript
MCP Server: Node.js + @modelcontextprotocol/sdk + better-sqlite3

License

MIT

This server cannot be installed

-

security - not tested

F

license - not found

-

quality - not tested

How are these scores calculated?

Resources

GitHub Repository

Need Help?

Report Issue

Related Servers

Secret MCP

Secret MCP

Why?

Features

Installation

Desktop App

MCP Server Setup

Usage

MCP Tools

search_secrets

write_env

Data Storage

Security

Tech Stack

License

Resources

Latest Blog Posts

MCP directory API