VaultMCP
your AI agent can use secrets without ever seeing them
npx -y github:Isco0819/vault-mcpEver run into this?
like 1Password (50M users, proven massive demand for secret vaults), but zero MCP-native layer exists for it. every time you give Claude Code or Cursor a .env file, your API keys flow into LLM context and get forwarded to Anthropic/OpenAI verbatim with every message. no tool today intercepts this at the agent-protocol layer.
The fix
An MCP server that exposes get_secret(key) — the value lands directly in the tool result without ever appearing in conversation messages. Agents can authenticate to your secrets store without your secrets ever touching chat history.
What it does
- get_secret(key) MCP tool: value arrives in tool-result only, never contaminates conversation context
- OS keychain backend via keytar + AES-256 encrypted local vault fallback — zero cloud dependency
- audit log: which agent session accessed which key, with timestamp and MCP tool-call ID