MCP.so
登录
W

Wundervault MCP

@wundervault

关于 Wundervault MCP

MCP server for Wundervault zero-knowledge secret management. Exposes vault secrets to AI agents via the Model Context Protocol — secrets are decrypted server-side and never returned to the agent in plaintext.

基本信息

分类

开发工具

传输方式

stdio

发布者

wundervault

提交者

snoweman

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "wundervault": {
      "command": "wundervault-mcp",
      "env": {
        "WUNDERVault_AGENT_VAULT_URL": "https://wundervault.com",
        "WUNDERVault_AGENT_VAULT_API_KEY": "wv_agent_<AGENT_ID>|<KEY_SUFFIX>",
        "WUNDERVault_AGENT_KEY": "<BASE64_ENCRYPTION_KEY>"
      }
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is Wundervault MCP?

Wundervault MCP is an open-source Model Context Protocol server that integrates with the Wundervault secret management service. It allows AI agents to securely retrieve and use vault secrets with a zero-knowledge encryption model—the server never sees the decryption key. Designed for developers and operators who need agent-driven secret handling without exposing plaintext secrets to the calling process.

How to use Wundervault MCP?

Clone the repository, run npm install and npm run build, then configure credentials via CLI flags (--api-key, --enc-key, --url), environment variables, or a credentials JSON file. Use the provided MCP tools (vault_entries_list, vault_entry_get, vault_entry_forget) to list, retrieve, and discard secret references. The vault_entry_get tool supports an optional exec parameter to run a shell command with the decrypted secret; the plaintext is never returned to the agent.

Key features of Wundervault MCP

  • Zero-knowledge encryption key lives only in the MCP process.
  • Burn-after-reading: plaintext secrets are never returned to the calling agent.
  • Exec scrubbing: stdout/stderr are stripped of plaintext when using exec.
  • Directive integrity verified via PBKDF2-HMAC-SHA256 with 600k iterations.
  • Timing-safe HMAC comparison using crypto.timingSafeEqual.

Use cases of Wundervault MCP

  • List all vault entries available to an agent without exposing secret values.
  • Retrieve and decrypt a vault secret for use in an automated task (e.g., service restart).
  • Execute a command with a decrypted secret using a secure stdin pattern (e.g., sudo -S).
  • Discard a local reference to a vault entry after use.

FAQ from Wundervault MCP

How is the encryption key stored?

The encryption key lives only in the MCP server process memory. It is loaded from CLI flags, environment variables, or a credentials file; the Wundervault server never sees it.

What happens to plaintext secrets after decryption?

After decryption, the calling agent receives only the message "Secret retrieved and burned." The plaintext is never returned and is immediately discarded.

How can I use the exec parameter securely?

Pass the secret via stdin using a heredoc pattern (e.g., sudo -S systemctl restart nginx <<< "$WUNDERVault_SECRET"). Do not use echo $SECRET | sudo -S as that exposes the secret in process logs.

What credential loading methods are supported?

Credentials are loaded in this order: CLI flags (--api-key, --enc-key, --url), environment variables (WUNDERVault_AGENT_VAULT_API_KEY, WUNDERVault_AGENT_KEY, WUNDERVault_AGENT_VAULT_URL), WUNDERVault_CREDENTIALS_FILE environment variable, ~/.wundervault/creds.json, and ~/.config/wundervault/credentials.

What is the license and open‑core model?

Licensed under AGPL-3.0-or-later. The MCP server and client are open source; the hosted service at wundervault.com is a commercial offering.

评论

开发工具 分类下的更多 MCP 服务器