Is Localvault safe to use?

Localvault has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install Localvault?

Localvault can be installed by cloning its GitHub repository and following the setup instructions in the README.

What can Localvault do?

Localvault provides 5 tools: get_secret, list_secrets, set_secret, delete_secret, exec_action. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Localvault?

Localvault is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.

Is Localvault actively maintained?

Localvault is recently maintained — last commit was 45 days ago. It has 6 GitHub stars.

Localvault

Name: Localvault
Author: inventlist

by inventlist

Zero-infrastructure secrets manager with MCP server for AI agents. Free and open source.

6 5 tools GitHub

No known CVEs

MIT license

Maintained

Last commit 45d ago

Works with most clients

Transport: stdio, sse

5 tools · ~428 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "localvault": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/localvault)](https://mcppedia.org/s/localvault)

Read me

What Localvault does

Zero-infrastructure secrets manager with MCP server for AI agents. Free and open source.

Test This Server

This server supports HTTP transport. Be the first to test it — help the community know if it works.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

63/100across 5 weighted dimensions

How we score →

0255075100

−37

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (5)

Click any tool to inspect its schema.

~428 tokens total

Help improve this page

This server is missing a description.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Localvault safe to use?: Localvault has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Localvault?: Localvault can be installed by cloning its GitHub repository and following the setup instructions in the README.
What can Localvault do?: Localvault provides 5 tools: get_secret, list_secrets, set_secret, delete_secret, exec_action. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Localvault?: Localvault is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is Localvault actively maintained?: Localvault is recently maintained — last commit was 45 days ago. It has 6 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

8.9k 3

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for Localvault and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "localvault": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/localvault)](https://mcppedia.org/s/localvault)

Read me

What Localvault does

Zero-infrastructure secrets manager with MCP server for AI agents. Free and open source.

Test This Server

This server supports HTTP transport. Be the first to test it — help the community know if it works.

README

LocalVault

Encrypted local secrets vault with MCP server for AI agents. Zero infrastructure, zero cloud dependency.

Try the interactive demo — explore every command in your browser.

Part of InventList Tools — free, open-source developer utilities for indie builders.

Install

Homebrew (macOS / Linux)

brew install inventlist/tap/localvault

RubyGems

gem install localvault

Requires libsodium:

# macOS
brew install libsodium

# Ubuntu/Debian
sudo apt-get install libsodium-dev

# Fedora
sudo dnf install libsodium-devel

Quick Start

# Create a vault (prompts for passphrase)
localvault init

# Store secrets
localvault set OPENAI_API_KEY "sk-proj-..."
localvault set STRIPE_SECRET_KEY "sk_live_..."
localvault set DATABASE_URL "postgres://localhost/myapp"

# Retrieve a secret (raw, pipeable)
localvault get OPENAI_API_KEY

# View all secrets (masked by default)
localvault show

# Reveal values
localvault show --reveal

# Export as shell variables
eval $(localvault env)

# Run a command with secrets injected
localvault exec -- rails server

Commands

Secrets

Command	Description
`init [NAME]`	Create a vault (Argon2id key derivation)
`set KEY VALUE`	Store a secret (supports dot-notation: `project.KEY`)
`get KEY`	Retrieve a secret (raw, pipeable)
`show`	Display all secrets in a table (masked by default)
`show --reveal`	Display with values visible
`show --group`	Group by dot-notation prefix (one table per project)
`list`	List key names only
`delete KEY`	Remove a secret
`rename OLD NEW`	Rename a secret key
`copy KEY --to VAULT`	Copy a secret to another vault
`import FILE`	Bulk-import from .env / .json / .yml
`env`	Export as `export KEY="value"` lines
`exec -- CMD`	Run a command with secrets injected as env vars

Vault Management

Command	Description
`vaults`	List all vaults with secret counts
`switch [VAULT]`	Switch default vault
`unlock`	Cache passphrase for the session
`lock [NAME]`	Clear cached passphrase
`rekey [NAME]`	Change vault passphrase (re-encrypts all secrets)
`reset [NAME]`	Destroy and reinitialize a vault

Sync & Login

Command	Description
`login [TOKEN]`	Log in to InventList — auto-generates X25519 keypair + publishes public key
`login --status`	Show current login status
`logout`	Clear stored credentials
`sync`	Sync all vaults bidirectionally (push local, pull remote, detect conflicts)
`sync --dry-run`	Preview what sync would do without making changes
`sync push [NAME]`	Push one vault to cloud
`sync pull [NAME]`	Pull one vault from cloud (auto-unlocks if you have a key slot)
`sync status`	Show sync state for all vaults
`config set server URL`	Point at a custom server (default: inventlist.com)

Team Sharing (v1.3.0)

Vault-level operations live under team. Person operations (the @handle already signals a person) are top-level.

Command	Description
`team init`	Convert vault to team vault (sets you as owner, SyncBundle v3)
`team list`	List vault members
`team rotate`	Re-key vault with new passphrase, keep all members
`verify @handle`	Check if a user has a published public key (dry-run)
`add @handle`	Add teammate with full vault access
`add @handle --scope KEY...`	Add teammate with access to specific keys only
`remove @handle`	Remove teammate's access
`remove @handle --scope KEY`	Remove one scoped key (keeps other scopes)
`remove @handle --rotate`	Full revocation + re-encrypt with new passphrase

The team add, team remove, and team verify aliases still work for backward compatibility bu

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

63/100across 5 weighted dimensions

How we score →

0255075100

−37

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (5)

Click any tool to inspect its schema.

~428 tokens total

Help improve this page

This server is missing a description.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Localvault safe to use?: Localvault has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Localvault?: Localvault can be installed by cloning its GitHub repository and following the setup instructions in the README.
What can Localvault do?: Localvault provides 5 tools: get_secret, list_secrets, set_secret, delete_secret, exec_action. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Localvault?: Localvault is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is Localvault actively maintained?: Localvault is recently maintained — last commit was 45 days ago. It has 6 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

8.9k 3

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for Localvault and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?