MCP server for Wundervault — give AI agents zero-knowledge vault secrets without exposing plaintext keys. AGPL-3.0.
git clone https://github.com/wundervault/wundervault-mcp{
"mcpServers": {
"wundervault-mcp": {
"command": "node",
"args": ["/path/to/wundervault-mcp/dist/index.js"]
}
}
}MCP Servers overview
# @wundervault/mcp-server
[](https://www.npmjs.com/package/@wundervault/mcp-server)
[](https://registry.modelcontextprotocol.io/v0/servers?search=wundervault)
[](LICENSE)
MCP server for [Wundervault](https://wundervault.com) zero-knowledge secret management. Exposes vault secrets to AI agents via the [Model Context Protocol](https://modelcontextprotocol.io) — secrets are decrypted server-side and never returned to the agent in plaintext.
## Install
```bash
npm install -g @wundervault/mcp-server
```
## Quick Start
```json
{
"mcpServers": {
"wundervault": {
"command": "wundervault-mcp",
"env": {
"WUNDERVault_AGENT_VAULT_URL": "https://wundervault.com",
"WUNDERVault_AGENT_VAULT_API_KEY": "wv_agent_<AGENT_ID>|<KEY_SUFFIX>",
"WUNDERVault_AGENT_KEY": "<BASE64_ENCRYPTION_KEY>"
}
}
}
}
```
Or using a credentials file:
```bash
wundervault-mcp --credentials ~/.wundervault/creds.json
```
## Security Model
- **Zero-knowledge:** The encryption key lives only in the MCP server process. The Wundervault server never sees it.
- **Burn-after-reading:** Plaintext secrets are never returned to the calling agent. After decryption, the agent receives only `"Secret retrieved and burned."`.
- **Exec scrubbing:** If you use the `exec` parameter, stdout/stderr are scrubbed of the plaintext before being returned.
- **Directive integrity:** Server-side directive signatures (PBKDF2-HMAC-SHA256, 600k iterations) are verified before any secret is released.
- **Timing-safe:** HMAC comparison uses `crypto.timingSafeEqual`.
## Tools
### `vault_entries_list`
List all vault entries available to this agent. Returns entry IDs and secret names — no values.
```
Input: {}
Output: "Vault entries (N):\n [entry_id] secret_name (tier: read)"
```
### `vault_entry_get`
Retrieve and decrypt a vault secret. Optionally execute a command with it.
```
Input:
entry_id: string # from vault_entries_list
purpose: string # audit log reason
exec?: string # optional shell command
Output: "Secret retrieved and burned." (plaintext NEVER returned)
```
**Secure exec pattern** (sudo example):
```bash
sudo -S systemctl restart nginx <<< "$WUNDERVault_SECRET"
```
Do NOT use `echo $WUNDERVault_SECRET | sudo -S` — that exposes the secret in process logs.
### `vault_entry_forget`
Discard a local reference. No-op on the server.
```
Input: { entry_id: string }
Output: "Reference [id] discarded from local context."
```
## Credential Loading Priority
1. CLI flags (`--api-key`, `--enc-key`, `--url`)
2. Environment variables (`WUNDERVault_AGENT_VAULT_API_KEY`, `WUNDERVault_AGENT_KEY`, `WUNDERVault_AGENT_VAULT_URL`)
3. `WUNDERVault_CREDENTIALS_FILE` env var (explicit path)
4. `~/.wundervault/creds.json`
5. `~/.config/wundervault/credentials` (XDG)
### Credentials file format
```json
{
"agent_vault_url": "https://wundervault.com",
"agent_vault_api_key": "wv_agent_<ID>|<SUFFIX>",
"agent_encryption_key": "<BASE64_URL_SAFE_32_BYTES>"
}
```
## CLI Options
```
wundervault-mcp [options]
--api-key <key> Agent API key
--enc-key <key> Encryption key (base64 URL-safe)
--url <url> API base URL (default: https://wundervault.com)
--credentials <f> Path to credentials JSON file
--help Show help
```
## Building from source
```bash
git clone https://github.com/wundervault/wundervault-mcp.git
cd wundervault-mcp
npm install
npm run build # compiles TypeScript to dist/
npm test # run the test suite
```
## License
Licensed under the **GNU Affero General Public License v3.0 or later** (`AGPL-3.0-or-later`). See [LICENSE](LICENSE).
Wundervault is **open-core**: this MCP server and the client are open source; the hosted service at [wundervault.com](https://wundervault.com) is a commercial offering. For commercial or hosting inquiries, get in touch via [wundervault.com/contact](https://wundervault.com/contact).
What people ask about wundervault-mcp
What is wundervault/wundervault-mcp?
+
wundervault/wundervault-mcp is mcp servers for the Claude AI ecosystem. MCP server for Wundervault — give AI agents zero-knowledge vault secrets without exposing plaintext keys. AGPL-3.0. It has 0 GitHub stars and was last updated today.
How do I install wundervault-mcp?
+
You can install wundervault-mcp by cloning the repository (https://github.com/wundervault/wundervault-mcp) or following the README instructions on GitHub. ClaudeWave also provides quick install blocks on this page.
Is wundervault/wundervault-mcp safe to use?
+
wundervault/wundervault-mcp has not been audited yet by our security agent. Review the original repository on GitHub before using it in production.
Who maintains wundervault/wundervault-mcp?
+
wundervault/wundervault-mcp is maintained by wundervault. The last recorded GitHub activity is from today, with 0 open issues.
Are there alternatives to wundervault-mcp?
+
Yes. On ClaudeWave you can browse similar mcp servers at /categories/mcp, sorted by popularity or recent activity.
Deploy wundervault-mcp to your cloud
Ship this repo to production in minutes. Each platform spins up its own environment with editable env vars.
Maintain this repo? Add a badge to your README
Drop the badge into your GitHub README to show it's tracked on ClaudeWave. Each badge links back to this page and reflects the live Trust Score.
[](https://claudewave.com/repo/wundervault-wundervault-mcp)<a href="https://claudewave.com/repo/wundervault-wundervault-mcp"><img src="https://claudewave.com/api/badge/wundervault-wundervault-mcp" alt="Featured on ClaudeWave: wundervault/wundervault-mcp" width="320" height="64" /></a>More MCP Servers
Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
User-friendly AI Interface (Supports Ollama, OpenAI API, ...)
An open-source AI agent that brings the power of Gemini directly into your terminal.
The fastest path to AI-powered full stack observability, even for lean teams.
🕷️ An adaptive Web Scraping framework that handles everything from a single request to a full-scale crawl!
⭐AI-driven public opinion & trend monitor with multi-platform aggregation, RSS, and smart alerts.🎯 告别信息过载,你的 AI 舆情监控助手与热点筛选工具!聚合多平台热点 + RSS 订阅,支持关键词精准筛选。AI 智能筛选新闻 + AI 翻译 + AI 分析简报直推手机,也支持接入 MCP 架构,赋能 AI 自然语言对话分析、情感洞察与趋势预测等。支持 Docker ,数据本地/云端自持。集成微信/飞书/钉钉/Telegram/邮件/ntfy/bark/slack 等渠道智能推送。