delete_secret
Remove stored secrets from the keyring to manage API keys and sensitive data securely, preventing plaintext leaks in your projects.
Instructions
Remove a secret from the keyring.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| key | Yes | The secret key name | |
| scope | No | Scope: global or project | |
| projectPath | No | Project root path for project-scoped secrets |
Implementation Reference
- src/core/keyring.ts:247-275 (handler)Implementation of deleteSecret, which handles the deletion of credentials from the keyring for a specific key.
export function deleteSecret( key: string, opts: KeyringOptions = {}, ): boolean { const scopes = resolveScope(opts); const source = opts.source ?? "cli"; let deleted = false; for (const { service, scope } of scopes) { const entry = new Entry(service, key); try { if (entry.deleteCredential()) { deleted = true; logAudit({ action: "delete", key, scope, source }); fireHooks({ action: "delete", key, scope, timestamp: new Date().toISOString(), source, }).catch(() => {}); } } catch { // not found } } return deleted; } - src/mcp/server.ts:232-247 (registration)Tool registration for "delete_secret" in the MCP server.
server.tool( "delete_secret", "Remove a secret from the keyring.", { key: z.string().describe("The secret key name"), scope: scopeSchema, projectPath: projectPathSchema, }, async (params) => { const deleted = deleteSecret(params.key, opts(params)); return text( deleted ? `Deleted "${params.key}"` : `Secret "${params.key}" not found`, !deleted, ); }, );