MCP.so
登录

🔐 get-mcp-keys

@StuMason

关于 🔐 get-mcp-keys

A lightweight utility that securely loads API keys for Cursor MCP servers from your home directory, preventing accidental exposure of secrets in repositories. Keep your credentials safe while maintaining seamless integration with AI coding assistants.

基本信息

分类

开发工具

运行时

node

传输方式

stdio

发布者

StuMason

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "firecrawl": {
      "command": "npx",
      "args": [
        "-y",
        "firecrawl-mcp"
      ],
      "env": {
        "FIRECRAWL_API_KEY": "sk_live_ohno-this-should-NOT-be-in-git"
      }
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is get-mcp-keys?

get-mcp-keys is a utility that loads API keys from a secure ~/.mcprc file and injects them as environment variables before running any MCP server command. It is designed for developers using AI coding assistants like Cursor who want to avoid accidentally committing API keys in repository configuration files.

How to use get-mcp-keys?

Create a .mcprc file in your home directory, set its permissions to 600, and add your API keys (e.g., FIRECRAWL_API_KEY="..."). Then update your MCP configuration so the command array starts with npx @masonator/get-mcp-keys followed by the original server command and arguments.

Key features of get-mcp-keys

  • Loads API keys from a ~/.mcprc file in your home directory.
  • Injects keys as environment variables into any MCP server command.
  • Runs the specified MCP server command with the keys available.
  • Keeps API keys out of repository files entirely.
  • Debug output shows only first and last few characters of keys.
  • Works with any MCP server that needs environment variables.

Use cases of get-mcp-keys

  • Prevent accidental Git commits of API keys in MCP configuration files.
  • Share team MCP configuration via dotfiles without exposing secrets.
  • Centralize API key management for multiple MCP servers in a single profile.
  • Use any MCP server (e.g., FireCrawl, Brave Search, Supabase) without embedding keys in the project.

FAQ from get-mcp-keys

Does this only work with specific MCP servers?

No, get-mcp-keys works with any MCP server that reads API keys or other secrets from environment variables.

Where is the secure key file stored?

The file is ~/.mcprc in your home directory. The README recommends setting its permissions to 600 (readable only by you).

How does get-mcp-keys keep my keys secure?

Keys are never written to repository files. The utility reads them from the home directory, injects them as environment variables only at runtime, and its debug output exposes only the first and last few characters of each key.

Is get-mcp-keys an MCP server itself?

No, it is a wrapper/utility that reads .mcprc, sets environment variables, and then executes whatever command you specify after it in the arguments list.

What transport or authentication does get-mcp-keys use?

评论

开发工具 分类下的更多 MCP 服务器