How do I use MCP-Secrets-Vault?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@MCP-Secrets-Vault save my GitHub token" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

MCP-Secrets-Vault

Security-first secrets vault for MCP servers, Claude Code, Cursor, and AI agents.

License: AGPL v3 npm MCP Compatible

Stop hardcoding API keys in .env files and MCP configs. MCP-Secrets-Vault stores credentials encrypted (AES-256-GCM) on your machine and exposes them to AI clients via MCP tools.

Quick Start

npx @gpitrella/mcp-secrets-vault init
# Set VAULT_PASSPHRASE in ~/.mcp-secrets-vault/.env
npx @gpitrella/mcp-secrets-vault set openai_key sk-your-key
npx @gpitrella/mcp-secrets-vault get openai_key

Related MCP server: clavis-mcp-server

Claude Desktop / Cursor

{
  "mcpServers": {
    "secrets-vault": {
      "command": "npx",
      "args": ["-y", "@gpitrella/mcp-secrets-vault"],
      "env": {
        "VAULT_PASSPHRASE": "your-passphrase"
      }
    }
  }
}

MCP Tools

Tool	Description
`set_secret`	Store encrypted credential
`get_secret`	Retrieve decrypted credential
`rotate_secret`	Rotate value (keeps 5 versions)
`list_secrets`	List metadata (no values)
`delete_secret`	Soft or hard delete
`search_secrets`	Full-text search
`import_env`	Bulk import from `.env` content
`export_env`	Export as `.env` format
`dashboard`	Interactive HTML dashboard

CLI

npx @gpitrella/mcp-secrets-vault init
npx @gpitrella/mcp-secrets-vault set <name> <value> [--workspace=default]
npx @gpitrella/mcp-secrets-vault get <name>
npx @gpitrella/mcp-secrets-vault list
npx @gpitrella/mcp-secrets-vault import .env --workspace=memxus
npx @gpitrella/mcp-secrets-vault export --workspace=memxus
npx @gpitrella/mcp-secrets-vault gen-key

Security

Bound to 127.0.0.1 only for HTTP (NeighborJack defense)
AES-256-GCM with Node.js crypto (zero third-party crypto deps)
Strict Zod validation, additionalProperties: false on all tools
Audit logs never contain secret values
All dependencies pinned to exact versions

See docs/SECURITY.md for the threat model.

License

AGPL v3 — See LICENSE.

Vault Cloud (coming soon)

Self-hosted is free forever. Hosted tier with team workspaces, RBAC, and compliance reports.

This server cannot be installed

F

license - not found

-

quality - not tested

C

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

–Release cycle

–Releases (12mo)

Commit activity

Resources

GitHub Repository

Need Help?

Related Servers

MCP-Secrets-Vault

MCP-Secrets-Vault

Quick Start

Claude Desktop / Cursor

MCP Tools

CLI

Security

License

Vault Cloud (coming soon)

Maintenance

Resources

Latest Blog Posts

MCP directory API