Back to Browse
Free
Server data from the Official MCP Registry
Encrypted secrets vault for AI agents — secrets resolved at runtime, never seen by LLMs.
About
Encrypted secrets vault for AI agents — secrets resolved at runtime, never seen by LLMs.
Security Report
10.0
Low Risk10.0Low RiskValid MCP server (2 strong, 4 medium validity signals). No known CVEs in dependencies. Package registry verified. Imported from the Official MCP Registry.
8 files analyzed · 1 issue found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-aarifmms-keyblind": {
"args": [
"-y",
"keyblind",
"-y",
"keyblind"
],
"command": "npx"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
Keyblind — Blind AI to Your Keys
Encrypted secrets vault with MCP for AI agents. Secrets resolved at runtime, never leaked to LLM conversations.
Why
Developers regularly leak API keys, passwords, and tokens to AI coding tools. 100,000+ LLM conversations with exposed secrets were found indexed by search engines in 2025.
AI agents read your .env files. They copy-paste secrets into conversations. They commit them accidentally. Keyblind stops this by keeping secrets encrypted at rest and resolving them at runtime — the plaintext value never touches the LLM transcript.
How It Works
┌──────────┐ ┌────────────────┐ ┌─────────────────┐
│ AI Agent │ ──→ │ Keyblind MCP │ ──→ │ Encrypted │
│ (Claude) │ │ Server │ │ SQLite Vault │
│ │ ←── │ (6 tools) │ ←── │ (AES-256-GCM) │
└──────────┘ └────────────────┘ └─────────────────┘
↑ │
│ secret value never appears │ secrets never
│ in conversation transcript │ stored in plaintext
Quick Start
# Install
npm i -g keyblind
# Initialize your vault
keyblind init
# Store secrets
echo "sk-proj-abc123" | keyblind set OPENAI_API_KEY
keyblind set DATABASE_URL - # prompts securely
# Sandbox your .env (AI agents see fakes)
keyblind sandbox
# Resolve a secret
keyblind get OPENAI_API_KEY
# Run commands with secrets injected as env vars
keyblind run -- npm start
# List all secrets (names only)
keyblind list
MCP Server
Keyblind is MCP-first — it works with every AI tool that speaks the Model Context Protocol:
Claude Code — add to .mcp.json:
{
"mcpServers": {
"keyblind": {
"command": "npx",
"args": ["keyblind", "start"]
}
}
}
Cursor, Windsurf, Copilot, Cline, Zed — any MCP-compatible editor.
MCP Tools
| Tool | Description |
|---|---|
resolve_secret | Resolve a secret at runtime (value hidden from transcript) |
store_secret | Encrypt and store a secret |
list_secrets | List secret names (values never revealed) |
sandbox_env | Replace .env values with deterministic fakes |
unsandbox_env | Restore real .env values from vault |
delete_secret | Delete a secret |
Backends
Keyblind supports multiple secret backends:
keyblind backends # List available backends
keyblind backend 1password # Switch to 1Password
keyblind backend bitwarden # Switch to Bitwarden
| Backend | Read | Write | Requires |
|---|---|---|---|
| local (default) | ✓ | ✓ | Nothing |
| 1password | ✓ | ✓ | op CLI |
| bitwarden | ✓ | — | bw CLI |
| env | ✓ | — | Nothing |
Keyblind vs Cloak
| Keyblind | Cloak | |
|---|---|---|
| Protocol | MCP (all editors) | VS Code extension only |
| Storage | AES-256-GCM SQLite | AES-256-GCM file |
| Backends | Local, 1Password, Bitwarden, Env | Local only |
| Sandbox | Deterministic HMAC fakes | AES-256-GCM encrypted |
| Touch ID | ✓ (macOS biometric gate) | ✓ |
| CI/CD | keyblind run for env injection | — |
| Network | Zero (fully local) | Zero |
| License | MIT | Proprietary |
Security
- AES-256-GCM encryption with PBKDF2 key derivation (600K iterations)
- Machine-identity-bound key — encryption key XOR-wrapped with machine fingerprint
- Zero network, zero telemetry — no cloud, no accounts, no analytics
- Vault stored at
~/.keyblind/with0700permissions - Deterministic sandbox fakes using HMAC-SHA256 per project + key name
CLI Reference
keyblind init Initialize the encrypted vault
keyblind set <name> Store a secret (value from stdin)
keyblind set <name> - Store a secret (prompts securely)
keyblind get <name> Resolve and print a secret
keyblind list List all stored secrets
keyblind delete <name> Delete a secret
keyblind sandbox [.env] Replace .env with deterministic fakes
keyblind unsandbox [.env] Restore real .env values
keyblind run <command...> Run command with secrets as env vars
keyblind start Start MCP server (for AI agents)
keyblind backends List available backends
keyblind backend <name> Switch backend
Development
git clone https://github.com/aarifmms/keyblind.git
cd keyblind
npm install
npm run build # Compile TypeScript
npm test # Run tests
npm run dev # Watch mode
License
MIT
Reviews
No reviews yet
Be the first to review this server!
More Developer Tools MCP Servers
Git
Freeby Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
80.0K
Stars
4
Installs
6.5
Security
No ratings yet
Local
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
137
Stars
476
Installs
8.0
Security
4.8
Local
mcp-creator-python
Freeby mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
-
Stars
63
Installs
10.0
Security
4.6
Local