Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"enigmagent": {
"args": [
"-y",
"enigmagent-mcp",
"--vault",
"/absolute/path/to/my.vault.json"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Local encrypted vault MCP server. Your LLM types {{OPENAI_KEY}}. The real value never reaches the model — not in prompts, not in logs, not in conversation history.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'enigmagent-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked enigmagent-mcp against OSV.dev.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in security
AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.
Model Context Protocol for WinDBG
Security scanner for GitHub repos, Agent Skills, Plugins, and MCP servers. 18 scanners. Zero dependencies.
MCP Security Weekly
Get CVE alerts and security updates for io.github.Agnuxo1/enigmagent-mcp and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Local encrypted vault MCP server. Your LLM types
{{OPENAI_KEY}}. The real value never reaches the model — not in prompts, not in logs, not in conversation history.
npx enigmagent-mcp --vault ./my.vault.json
That's the entire install. Works with Claude Desktop, Cursor, Continue.dev, Cline, Open WebUI, AnythingLLM, LM Studio, Zed, and anything else that speaks MCP.
⭐ Star this repo if you've ever pasted a token you regretted.
You ask Claude to call your GitHub API. Claude needs GITHUB_TOKEN. Three options that all suck:
.env while debuggingOption 4: type {{GITHUB_TOKEN}} in the prompt. EnigmAgent intercepts at the MCP boundary, decrypts locally with AES-256-GCM, and returns the real token only when the requesting origin matches the secret's bound domain. The model literally never has the value.
~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):
{
"mcpServers": {
"enigmagent": {
"command": "npx",
"args": ["-y", "enigmagent-mcp", "--vault", "/absolute/path/to/my.vault.json"]
}
}
}
Restart Claude. Two new tools appear: enigmagent_resolve and enigmagent_list.
~/.cursor/mcp.json:
{
"mcpServers": {
"enigmagent": {
"command": "npx",
"args": ["-y", "enigmagent-mcp", "--vault", "/abs/path/my.vault.json"]
}
}
}
~/.continue/config.yaml:
mcpServers:
- name: enigmagent
command: npx
args: ["-y", "enigmagent-mcp", "--vault", "/abs/path/my.vault.json"]
cline_mcp_settings.json:
{
"mcpServers": {
"enigmagent": {
"command": "npx",
"args": ["-y", "enigmagent-mcp", "--vault", "/abs/path/my.vault.json"]
}
}
}
# uses mcpo (https://github.com/open-webui/mcpo) as bridge
mcpo --port 8000 -- npx enigmagent-mcp --vault /abs/path/my.vault.json
npx enigmagent-mcp --mode rest --port 3737 --vault /abs/path/my.vault.json
Then POST /resolve with {"placeholder": "OPENAI_KEY", "origin": "https://api.openai.com"} returns the decrypted value (only when the origin matches the secret's bound domain).
Skip the interactive password prompt with env vars (only do this in trusted environments):
ENIGMAGENT_USER=alice ENIGMAGENT_PASS=… npx enigmagent-mcp --vault ./my.vault.json
Without these, the server starts in locked mode if there's no TTY — useful behind mcp-proxy and similar wrappers.
| Tool | Description |
|---|---|
enigmagent_resolve | Resolve a placeholder to its vault value. Domain binding enforced — the requesting origin must match the secret's bound domain |
enigmagent_list | List secret names + their bound domains. Never returns values |