MCP.so
ログイン
W

Wundervault MCP

@wundervault

Wundervault MCP について

MCP server for Wundervault zero-knowledge secret management. Exposes vault secrets to AI agents via the Model Context Protocol — secrets are decrypted server-side and never returned to the agent in plaintext.

基本情報

カテゴリ

開発者ツール

トランスポート

stdio

公開者

wundervault

投稿者

snoweman

設定

以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。

{
  "mcpServers": {
    "wundervault": {
      "command": "wundervault-mcp",
      "env": {
        "WUNDERVault_AGENT_VAULT_URL": "https://wundervault.com",
        "WUNDERVault_AGENT_VAULT_API_KEY": "wv_agent_<AGENT_ID>|<KEY_SUFFIX>",
        "WUNDERVault_AGENT_KEY": "<BASE64_ENCRYPTION_KEY>"
      }
    }
  }
}

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is Wundervault MCP?

Wundervault MCP is an open-source Model Context Protocol server that integrates with the Wundervault secret management service. It allows AI agents to securely retrieve and use vault secrets with a zero-knowledge encryption model—the server never sees the decryption key. Designed for developers and operators who need agent-driven secret handling without exposing plaintext secrets to the calling process.

How to use Wundervault MCP?

Clone the repository, run npm install and npm run build, then configure credentials via CLI flags (--api-key, --enc-key, --url), environment variables, or a credentials JSON file. Use the provided MCP tools (vault_entries_list, vault_entry_get, vault_entry_forget) to list, retrieve, and discard secret references. The vault_entry_get tool supports an optional exec parameter to run a shell command with the decrypted secret; the plaintext is never returned to the agent.

Key features of Wundervault MCP

  • Zero-knowledge encryption key lives only in the MCP process.
  • Burn-after-reading: plaintext secrets are never returned to the calling agent.
  • Exec scrubbing: stdout/stderr are stripped of plaintext when using exec.
  • Directive integrity verified via PBKDF2-HMAC-SHA256 with 600k iterations.
  • Timing-safe HMAC comparison using crypto.timingSafeEqual.

Use cases of Wundervault MCP

  • List all vault entries available to an agent without exposing secret values.
  • Retrieve and decrypt a vault secret for use in an automated task (e.g., service restart).
  • Execute a command with a decrypted secret using a secure stdin pattern (e.g., sudo -S).
  • Discard a local reference to a vault entry after use.

FAQ from Wundervault MCP

How is the encryption key stored?

The encryption key lives only in the MCP server process memory. It is loaded from CLI flags, environment variables, or a credentials file; the Wundervault server never sees it.

What happens to plaintext secrets after decryption?

After decryption, the calling agent receives only the message "Secret retrieved and burned." The plaintext is never returned and is immediately discarded.

How can I use the exec parameter securely?

Pass the secret via stdin using a heredoc pattern (e.g., sudo -S systemctl restart nginx <<< "$WUNDERVault_SECRET"). Do not use echo $SECRET | sudo -S as that exposes the secret in process logs.

What credential loading methods are supported?

Credentials are loaded in this order: CLI flags (--api-key, --enc-key, --url), environment variables (WUNDERVault_AGENT_VAULT_API_KEY, WUNDERVault_AGENT_KEY, WUNDERVault_AGENT_VAULT_URL), WUNDERVault_CREDENTIALS_FILE environment variable, ~/.wundervault/creds.json, and ~/.config/wundervault/credentials.

What is the license and open‑core model?

Licensed under AGPL-3.0-or-later. The MCP server and client are open source; the hosted service at wundervault.com is a commercial offering.

コメント

「開発者ツール」の他のコンテンツ