Yes, Agentvault is free to use.

How do I install Agentvault?

Agentvault is a local plugin. Install it using npm package: agentvault-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does Agentvault need?

Agentvault requires the following credentials or environment variables: AGENTVAULT_API_URL, AGENTVAULT_AGENT_KEY. You can find setup instructions on the server detail page.

What AI apps work with Agentvault?

Agentvault uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Agentvault MCP Server

by Bch1212

Developer ToolsUse Caution4.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Credential vault for AI agents — Fernet-encrypted keys, per-agent budgets, audit logs.

About

Credential vault for AI agents — Fernet-encrypted keys, per-agent budgets, audit logs.

Security Report

4.2

Use Caution4.2High Risk

AgentVault is a well-architected credential management service with strong encryption, proper authentication, and comprehensive audit logging. The MCP server implementation follows best practices with env-var-based secrets management and appropriate permission scoping. Primary concerns are limited input validation on permission patterns (fnmatch could be abused) and absence of rate limiting on vault endpoints, but these do not constitute critical vulnerabilities given the service's authorization model. Supply chain analysis found 7 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.

8 files analyzed · 15 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

database

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

Base URL of your AgentVault deploymentOptional

Environment variable: AGENTVAULT_API_URL

Your avk_ agent API keyRequired

Environment variable: AGENTVAULT_AGENT_KEY

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-bch1212-agentvault": {
      "env": {
        "AGENTVAULT_API_URL": "your-agentvault-api-url-here",
        "AGENTVAULT_AGENT_KEY": "your-agentvault-agent-key-here"
      },
      "args": [
        "-y",
        "agentvault-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

AgentVault

AI-native credential management for autonomous agents. Store API keys with column-level Fernet encryption, issue unique avk_ keys to registered agent identities, proxy decrypted values with TTL, enforce per-agent spending budgets, log every access, and expose everything as an MCP server.

Live API: https://agentvault-api-production.up.railway.app
Docs: https://agentvault-api-production.up.railway.app/docs
Status: Production (Railway + Postgres + Stripe live)

Why

Autonomous agents need API keys to do anything useful — Stripe, OpenAI, SendGrid, your own internal services. Three bad options today:

Hardcode in the agent prompt or config. Leaks in logs, can't rotate, no audit trail.
Pass via env vars at spawn. No per-agent isolation, no budget controls, no revocation without redeploy.
Roll your own vault. Real work — encryption at rest and in transit, audit logs, key rotation, budget tracking.

AgentVault is option 3 as a service. One avk_ key per agent. Permission patterns (["stripe_*", "openai_*"]). Daily/monthly spending caps. Full access log. MCP-native so agents can vault.get_credential("stripe_key") and get a TTL-bound decrypted value back.

Quickstart

Direct HTTP

import httpx

resp = httpx.post(
    "https://agentvault-api-production.up.railway.app/api/v1/vault/get/stripe_key",
    headers={"X-Agent-Key": "avk_..."},
    params={"cost": 0.05},
)
stripe_key = resp.json()["value"]

MCP (Claude Desktop / Cursor / Cline)

{
  "mcpServers": {
    "agentvault": {
      "command": "python",
      "args": ["-m", "mcp_server"],
      "env": {
        "AGENTVAULT_API_URL": "https://agentvault-api-production.up.railway.app",
        "AGENTVAULT_AGENT_KEY": "avk_..."
      }
    }
  }
}

Then in Claude: vault.get_credential("stripe_key") returns the decrypted value.

How it works

Column-level Fernet encryption — credentials are encrypted with VAULT_ENCRYPTION_KEY before they hit the database. Stronger than at-rest disk encryption alone.
avk_ agent keys — SHA-256 hashed at rest, never stored plaintext. Recognizable prefix like sk_live_ / whsec_.
Permission patterns — ["stripe_*", "openai_*"] scopes an agent without a full policy engine. fnmatch-based.
Budget enforcement — daily and monthly caps per agent. /vault/get?cost=0.05 records the spend; 429 once the cap is hit.
Audit log — every access (success or denied) goes into credential_access_logs with IP, user-agent, error reason.
MCP server — mcp_server/ exposes list_credentials, get_credential, vault_status, set_budget, view_audit_log as stdio MCP tools.

Pricing

Tier	$/mo	Agents	Credentials	Audit	Rotation	Budgets	Team
Free	$0	3	10	–	–	–	–
Pro	$49	25	100	✓	✓	–	–
Business	$149	∞	∞	✓	✓	✓	✓
Enterprise	$499	∞	∞	✓	✓	✓	✓ + SSO + compliance

Self-host

git clone https://github.com/bch1212/agentvault
cd agentvault
pip install -r requirements.txt
cp .env.example .env  # then fill in VAULT_ENCRYPTION_KEY and DATABASE_URL
python -m api.main

Run tests:

python -m pytest -v   # 34 tests

Deploy to Railway:

bash deploy.sh

Architecture

api/
├── main.py                 # FastAPI + lifespan
├── database.py             # Async SQLAlchemy (auto-rewrites postgresql:// → postgresql+asyncpg://)
├── services/
│   ├── encryption.py       # Fernet encrypt/decrypt
│   ├── auth.py             # avk_ key gen + SHA-256 hashing
│   ├── budget.py           # Per-agent spend tracking
│   ├── audit.py            # Access log
│   └── alerts.py           # SendGrid alerts
├── middleware/             # X-Agent-Key + Bearer auth
└── routers/                # users, agents, credentials, vault, audit, budgets, billing
mcp_server/                 # FastMCP stdio server
tests/                      # 34 tests, SQLite in-memory

License

MIT.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Agentvault MCP Server

About

Security Report

Findings (15)Action required

Permissions Required

What You'll Need

How to Install

Documentation

AgentVault

Why

Quickstart

Direct HTTP

MCP (Claude Desktop / Cursor / Cline)

How it works

Pricing

Self-host

Architecture

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent