Wundervault MCP

Created By

wundervault2 days ago

MCP server for Wundervault zero-knowledge secret management. Exposes vault secrets to AI agents via the Model Context Protocol — secrets are decrypted server-side and never returned to the agent in plaintext.

# secrets-management

# vault

Overview Content Tools Comments

Overview

Security Model

Zero-knowledge: The encryption key lives only in the MCP server process. The Wundervault server never sees it. Burn-after-reading: Plaintext secrets are never returned to the calling agent. After decryption, the agent receives only "Secret retrieved and burned.". Exec scrubbing: If you use the exec parameter, stdout/stderr are scrubbed of the plaintext before being returned. Directive integrity: Server-side directive signatures (PBKDF2-HMAC-SHA256, 600k iterations) are verified before any secret is released. Timing-safe: HMAC comparison uses crypto.timingSafeEqual. Tools

vault_entries_list

List all vault entries available to this agent. Returns entry IDs and secret names — no values.

Input: {} Output: "Vault entries (N):\n [entry_id] secret_name (tier: read)" vault_entry_get

Retrieve and decrypt a vault secret. Optionally execute a command with it.

Input: entry_id: string # from vault_entries_list purpose: string # audit log reason exec?: string # optional shell command

Output: "Secret retrieved and burned." (plaintext NEVER returned) Secure exec pattern (sudo example):

sudo -S systemctl restart nginx <<< "$WUNDERVault_SECRET" Do NOT use echo $WUNDERVault_SECRET | sudo -S — that exposes the secret in process logs.

vault_entry_forget

Discard a local reference. No-op on the server.

Input: { entry_id: string } Output: "Reference [id] discarded from local context." Credential Loading Priority

CLI flags (--api-key, --enc-key, --url) Environment variables (WUNDERVault_AGENT_VAULT_API_KEY, WUNDERVault_AGENT_KEY, WUNDERVault_AGENT_VAULT_URL) WUNDERVault_CREDENTIALS_FILE env var (explicit path) ~/.wundervault/creds.json ~/.config/wundervault/credentials (XDG) Credentials file format

{ "agent_vault_url": "https://wundervault.com", "agent_vault_api_key": "wv_agent_|", "agent_encryption_key": "<BASE64_URL_SAFE_32_BYTES>" } CLI Options

wundervault-mcp [options]

--api-key Agent API key --enc-key Encryption key (base64 URL-safe) --url API base URL (default: https://wundervault.com) --credentials Path to credentials JSON file --help Show help Building from source

git clone https://github.com/wundervault/wundervault-mcp.git cd wundervault-mcp npm install npm run build # compiles TypeScript to dist/ npm test # run the test suite License

Licensed under the GNU Affero General Public License v3.0 or later (AGPL-3.0-or-later). See LICENSE.

Wundervault is open-core: this MCP server and the client are open source; the hosted service at wundervault.com is a commercial offering. For commercial or hosting inquiries, get in touch via wundervault.com/contact.

Try in Playground

Server Config

{
  "mcpServers": {
    "wundervault": {
      "command": "wundervault-mcp",
      "env": {
        "WUNDERVault_AGENT_VAULT_URL": "https://wundervault.com",
        "WUNDERVault_AGENT_VAULT_API_KEY": "wv_agent_<AGENT_ID>|<KEY_SUFFIX>",
        "WUNDERVault_AGENT_KEY": "<BASE64_ENCRYPTION_KEY>"
      }
    }
  }
}

Project Info

Created At

2 days ago

Updated At

2 days ago

Author Name

wundervault

Star

Language

License

Recommend Servers

View All

Numox

a day ago

Memory

@modelcontextprotocol

a year ago

Filesystem

@modelcontextprotocol

2 months ago

Pipedrive CRM

@ckalima

MCP server for Pipedrive CRM. 155 tools spanning deals, persons, organizations, activities, products, projects, tasks, leads, notes, mail, and fields.

8 hours ago

Stash

8 hours ago

Time

@modelcontextprotocol

A Model Context Protocol server that provides time and timezone conversion capabilities. This server enables LLMs to get current time information and perform timezone conversions using IANA timezone names, with automatic system timezone detection.

4 months ago

Upload Post

@Upload-Post

Upload-Post is the all-in-one social media MCP server — the Model Context Protocol server for social media publishing, scheduling and analytics. Connect any MCP-compatible AI agent (Claude, Cursor, ChatGPT, Claude Desktop, n8n, and more) and publish, schedule and analyze content across 13+ social networks from one API: TikTok, Instagram, YouTube, YouTube Shorts, Instagram Reels, LinkedIn, Facebook, X (Twitter), Threads, Pinterest, Reddit, Bluesky, Google Business, Discord and Telegram. A single social media MCP for cross-posting, content automation, post scheduling, analytics and engagement: ~45 tools covering video/photo/text uploads, scheduling queues, performance analytics and impressions, comment management, direct messages (DMs) and auto-DMs, plus GPU FFmpeg video encoding. Perfect for social media automation, AI content agents, marketing workflows and social media management. Remote hosted server (streamable-HTTP + OAuth) or local stdio. Listed on the official MCP Registry as com.upload-post/mcp. Keywords: social media MCP, MCP social media, social media API, social media automation, post scheduler, cross-posting, content automation, TikTok MCP, Instagram MCP, YouTube MCP, LinkedIn MCP, social media analytics.

7 hours ago

Puppeteer

@modelcontextprotocol

Browser automation and web scraping

a year ago

Filesystem

Secure file operations with configurable access controls

a year ago

Redis

@modelcontextprotocol

A Model Context Protocol server that provides access to Redis databases. This server enables LLMs to interact with Redis key-value stores through a set of standardized tools.

a year ago

Tavily Mcp

@tavily-ai

JavaScript

a year ago

Orkestr

2 days ago

Thread Keeper

@po4erk91

Multi-agent shared brain across Claude Code/Desktop, Codex, Antigravity CLI (agy), Gemini, Copilot, and VS Code. One local SQLite store for threads, notes, verbatim quotes, and a dialectic user model; spawn/broadcast/whisper/inbox multi-agent coordination primitives; autonomous background loops that materialize SKILL.md skills into every connected CLI's skills root. Install: pipx install 'threadkeeper[semantic]' && thread-keeper-setup

9 hours ago

Mcp Server For Deconz Server

@marcinn2

MCP Server for deConz server developed by Dresden Elektronik (bridge between smart home automation platforms and wireless Zigbee networks)

a day ago

Mindcore Memory Mcp

@woshilaohei

Long-term memory system for AI agents with semantic search, context management, and multi-format storage. Hierarchical memory architecture (STM → LTM → Deduction), FAISS vector retrieval, SQLite persistence.

20 hours ago

AgentQL MCP Server

@tinyfish-io

Model Context Protocol server that integrates AgentQL's data extraction capabilities.

JavaScript

a year ago

Sentry

@modelcontextprotocol

Retrieving and analyzing issues from Sentry.io

a year ago

Github

@modelcontextprotocol

Repository management, file operations, and GitHub API integration

a year ago

Sequential Thinking

@modelcontextprotocol

An MCP server implementation that provides a tool for dynamic and reflective problem-solving through a structured thinking process.

a year ago

PostgreSQL

@modelcontextprotocol

Read-only database access with schema inspection

a year ago

Pollbolt

AI-native survey & form builder. Let AI agents create and manage surveys directly — build surveys, manage responses, pull analytics, and configure webhooks. Secured with OAuth 2.1.

15 hours ago

Serper MCP Server

@garymengcom

A Serper MCP Server

Python

a year ago

mcp-server-flomo MCP Server

@chatmcp

Write notes to Flomo

JavaScript

a year ago

H|ψ⟩ Quantum Finance — Quantum ML Trading Analytics

@hpsilab.com

Real-time quantum ML trading analytics — IV Radar, Monte Carlo simulation, AI predictions, and options pressure maps for any ticker. Built on Quantum State Vectors and ensemble ML. Free + Pro ($9.99/mo). hpsilab.com

11 hours ago

MiniMax MCP

@MiniMax-AI

Official MiniMax Model Context Protocol (MCP) server that enables interaction with powerful Text to Speech, image generation and video generation APIs.

Python

a year ago

Zambo Ai Tools

10+ advanced tools for AI agents

18 hours ago

Mailopoly

@Mailopoly

Mailopoly is your unified inbox — one place for everything that reaches you, starting with all your email accounts (Gmail, Outlook, iCloud, IMAP) brought together and searchable in a single pass. Get a Catch-Up briefing and My Day, check My Data widgets (bills, deliveries, replies owed), manage tasks and custom lists, and draft or send from your own address. SOC 2 Type II certified.

a day ago

Google Maps

@modelcontextprotocol

Location services, directions, and place details

a year ago

302_browser_use_mcp

@302ai

Automatically create a remote browser to complete your specified tasks, developed based on Browser Use + Sandbox. 自动创建一个远程浏览器，完成你指定的任务，基于Browser Use + Sandbox开发。

a year ago

Bucket Feature Flags MCP Server

@bucketco

Flag features directly from chat in your code editor, including VS Code, Cursor, Windsurf, Claude Code—any IDE with MCP support.

a year ago