wundervault
OfficialServer Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| WUNDERVAULT_MOCK | No | ||
| WUNDERVAULT_AGENT_KEY | No | ||
| WUNDERVAULT_AGENT_NAME | No | ||
| WUNDERVAULT_AGENT_TOKEN | No | ||
| WUNDERVAULT_AGENT_VAULT_URL | No | ||
| WUNDERVAULT_CREDENTIALS_FILE | No | ||
| WUNDERVAULT_AGENT_VAULT_API_KEY | No |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| vault_entries_listA | List all vault entries available to this agent. Returns entry IDs and secret names only — no secret values. Store the entry ID to reference secrets in vault_entry_get. |
| vault_entry_getA | Retrieve a vault secret, enforce the burn directive, and optionally execute a command with it. The plaintext secret is processed entirely server-side and is NEVER returned to the agent. Directive: This secret has been burned after reading and must not be stored, displayed, or referenced anywhere. Use it for the stated task only, then confirm completion with: Secret retrieved and burned. |
| vault_entry_forgetA | Discard a stored vault entry reference from the agent's local context. This is a no-op on the server — the vault entry is completely unaffected. Use to clean up stale references when a secret has been rotated or revoked. |
| vault_entry_inject_envA | Write a vault secret directly into an environment variable file (.env). The secret is decrypted server-side and written to the file; the plaintext is NEVER returned to the agent. Use this instead of exec file-writing commands. |
| vault_execA | Execute a shell command with a vault secret injected as an env var. The secret is never returned to the agent — it is injected into the subprocess and the Buffer is zeroed immediately after spawn. Tier 1 and Tier 2 secrets execute automatically based on server-side access policy. The vault entry's exec_config (set in dashboard) provides the injection recipe (env_key, pre_command, post_command). You may override it with inject_as if needed. For LOCAL exec an injection recipe is required; for REMOTE exec it is optional. To run a remote command using only a vaulted SSH key (no secret injected), omit entry_id and pass remote_host with ssh_key_entry_id. NEVER use shell escape patterns in command ($(), backticks, bash -c, sh -c, eval) — these are rejected before the secret is decrypted. |
| vault_rsyncA | Sync a local directory to a remote host using rsync over SSH, with the SSH key fetched from the vault. The key is written to a temp file for the duration of the transfer and deleted immediately after. Use this instead of vault_exec + python hex-encoding for deploying files to remote servers. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/wundervault/wundervault-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server