MCP.so
Sign In
K

Keyward

@arturayupov

About Keyward

Local, encrypted secret broker for AI agents — tools request an API key by name over MCP, you approve in a native OS dialog, and only that key is injected into your project; the model never sees the value.

Basic information

Category

Developer Tools

Transports

stdio

Publisher

arturayupov

Submitted by

Artur Aiupov

Config

No standard config provided

This server doesn't expose a parseable MCP config block in its README. See the repository for install instructions.

Repository

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Keyward?

Keyward is a local, encrypted secret broker for AI agents. When an agent requests an API key by name over MCP, Keyward prompts you to approve the request via a native OS dialog, then injects only that key into your project without the model ever seeing the value.

How to use Keyward?

Key features of Keyward

  • Local, encrypted secret storage
  • Agent requests keys by name over MCP
  • Approval via native OS dialog
  • Only requested key injected into project
  • Model never sees the secret value

Use cases of Keyward

  • Secure API key management for AI agents
  • Prevent credential leakage to language models
  • Granular per-request secret approval

FAQ from Keyward

How does Keyward differ from using environment variables or .env files?

Keyward keeps secrets encrypted and only injects the specific key approved per request, so the model and any third-party code never have access to all your secrets.

Where are secrets stored?

Secrets are stored locally in an encrypted store. No data leaves your machine.

Does Keyward work in headless or automated environments?

Approval requires a native OS dialog, so headless or fully automated workflows cannot approve requests.

What transport does Keyward use?

Keyward communicates with AI agents using the Model Context Protocol (MCP).

Does Keyward ever expose secrets to the model?

No. Keyward injects only the approved key into the project’s tool‑call response; the model never sees the raw secret.

Comments

More Developer Tools MCP servers