MCP-Secrets-Vault
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@MCP-Secrets-Vaultsave my GitHub token"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
MCP-Secrets-Vault
Security-first secrets vault for MCP servers, Claude Code, Cursor, and AI agents.
Stop hardcoding API keys in .env files and MCP configs. MCP-Secrets-Vault stores credentials encrypted (AES-256-GCM) on your machine and exposes them to AI clients via MCP tools.
Quick Start
npx @gpitrella/mcp-secrets-vault init
# Set VAULT_PASSPHRASE in ~/.mcp-secrets-vault/.env
npx @gpitrella/mcp-secrets-vault set openai_key sk-your-key
npx @gpitrella/mcp-secrets-vault get openai_keyRelated MCP server: clavis-mcp-server
Claude Desktop / Cursor
{
"mcpServers": {
"secrets-vault": {
"command": "npx",
"args": ["-y", "@gpitrella/mcp-secrets-vault"],
"env": {
"VAULT_PASSPHRASE": "your-passphrase"
}
}
}
}MCP Tools
Tool | Description |
| Store encrypted credential |
| Retrieve decrypted credential |
| Rotate value (keeps 5 versions) |
| List metadata (no values) |
| Soft or hard delete |
| Full-text search |
| Bulk import from |
| Export as |
| Interactive HTML dashboard |
CLI
npx @gpitrella/mcp-secrets-vault init
npx @gpitrella/mcp-secrets-vault set <name> <value> [--workspace=default]
npx @gpitrella/mcp-secrets-vault get <name>
npx @gpitrella/mcp-secrets-vault list
npx @gpitrella/mcp-secrets-vault import .env --workspace=memxus
npx @gpitrella/mcp-secrets-vault export --workspace=memxus
npx @gpitrella/mcp-secrets-vault gen-keySecurity
Bound to
127.0.0.1only for HTTP (NeighborJack defense)AES-256-GCM with Node.js
crypto(zero third-party crypto deps)Strict Zod validation,
additionalProperties: falseon all toolsAudit logs never contain secret values
All dependencies pinned to exact versions
See docs/SECURITY.md for the threat model.
License
AGPL v3 — See LICENSE.
Vault Cloud (coming soon)
Self-hosted is free forever. Hosted tier with team workspaces, RBAC, and compliance reports.
This server cannot be installed
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/gpitrella/mcp-secrets-vault'
If you have feedback or need assistance with the MCP directory API, please join our Discord server