Is Vault Mcp Server safe to use?

Vault Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MPL-2.0.

How do I install Vault Mcp Server?

Vault Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.

What can Vault Mcp Server do?

Vault Mcp Server provides 7 tools: create_mount, list_mounts, delete_mount, write_secret, read_secret and 2 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Vault Mcp Server?

Vault Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is Vault Mcp Server actively maintained?

Vault Mcp Server is actively maintained — last commit was 4 days ago. It has 48 GitHub stars.

Vault Mcp Server

Name: Vault Mcp Server
Author: hashicorp

Official

by hashicorp

48 7 tools GitHub

No known CVEs

MPL-2.0 license

Actively maintained

Last commit 4d ago

Works with most clients

Transport: stdio, http

7 tools · ~268 tok

Grade A · 0.1% of 200K ctx

Edit this pageView history

Security DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "vault-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/vault-mcp-server)](https://mcppedia.org/s/vault-mcp-server)

Read me

What Vault Mcp Server does

The Vault MCP Server is a Model Context Protocol (MCP) server implementation that provides integration with HashiCorp Vault for managing secrets and mounts. This server uses both stdio and StreamableHTTP transports for MCP communication, making it compatible with Claude for Desktop

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

75/100across 5 weighted dimensions

How we score →

0255075100

−25

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (7)

Click any tool to inspect its schema.

~268 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Vault Mcp Server safe to use?: Vault Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MPL-2.0.
How do I install Vault Mcp Server?: Vault Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.
What can Vault Mcp Server do?: Vault Mcp Server provides 7 tools: create_mount, list_mounts, delete_mount, write_secret, read_secret and 2 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Vault Mcp Server?: Vault Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Vault Mcp Server actively maintained?: Vault Mcp Server is actively maintained — last commit was 4 days ago. It has 48 GitHub stars.

Similar servers

Others in security / devops

View all →

Mcp Gitlab96

MCP server for using the GitLab API

1.6k 12

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Mcp Gitlab Server92

Enhanced MCP server for GitLab: group projects listing and activity tracking

51 2

MCP Security Weekly

Get CVE alerts and security updates for Vault Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "vault-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/vault-mcp-server)](https://mcppedia.org/s/vault-mcp-server)

Read me

What Vault Mcp Server does

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

Vault MCP Server

Security Note: At this stage, the MCP server is intended for local use only. If using the StreamableHTTP transport, always configure the MCP_ALLOWED_ORIGINS environment variable to restrict access to trusted origins only. This helps prevent DNS rebinding attacks and other cross-origin vulnerabilities.

Security Note: Depending on the query, the MCP server may expose certain Vault data, including Vault secrets, to the MCP client and LLM. Do not use the MCP server with untrusted MCP clients or LLMs.

Legal Note: Your use of a third party MCP Client/LLM is subject solely to the terms of use for such MCP/LLM, and IBM is not responsible for the performance of such third party tools. IBM expressly disclaims any and all warranties and liability for third party MCP Clients/LLMs, and may not be able to provide support to resolve issues which are caused by the third party tools.

Caution: The outputs and recommendations provided by the MCP server are generated dynamically and may vary based on the query, model, and the connected MCP client. Users should thoroughly review all outputs/recommendations to ensure they align with their organization’s security best practices, cost-efficiency goals, and compliance requirements before implementation.

Features

Create new mounts in Vault (KV v1, KV v2)
List all available mounts
Delete a mount
Write secrets to KV mounts
Read secrets from KV mounts
List all secrets under a path
Delete a complete secret or a key of a secret
Comprehensive HTTP middleware stack (CORS, logging, Vault context)
Session-based Vault client management
Structured logging with configurable output

Prerequisites

Go 1.24 or later (if building from source)
Docker
HashiCorp Vault server running locally or remotely
A valid Vault token with appropriate permissions

Setup

Clone the repository:

git clone https://github.com/hashicorp/vault-mcp-server.git
cd vault-mcp-server

Build the binary:
```
make build
```

Run the server:

Stdio mode (default):

./vault-mcp-server
# or explicitly
./vault-mcp-server stdio

HTTP mode:

./vault-mcp-server http --transport-port 8080
# or using make
make run-http

Environment Variables

The server can be configured using environment variables:

VAULT_ADDR: Vault server address (default: http://127.0.0.1:8200)
VAULT_TOKEN: Vault authentication token (required)
VAULT_NAMESPACE: Vault namespace (optional)
TRANSPORT_MODE: Set to http to enable HTTP mode
TRANSPORT_HOST: Host to bind to for HTTP mode (default: 127.0.0.1)
TRANSPORT_PORT: Port for HTTP mode (default: 8080)
MCP_ENDPOINT: HTTP server endpoint path (default: /mcp)
MCP_ALLOWED_ORIGINS: Comma-separated list of allowed origins for CORS (default: "")
MCP_CORS_MODE: CORS mode: strict, development, or disabled (default: strict)
MCP_TLS_CERT_FILE: Location of the TLS certificate file (e.g. /path/to/cert.pem) (default: "")
MCP_TLS_KEY_FILE: Location of the TLS key file (e.g. /path/to/key.pem)(default: "")
MCP_RATE_LIMIT_GLOBAL: Global rate limit (format: rps:burst) (default: 10:20)
MCP_RATE_LIMIT_SESSION: Per-session rate limit (format: rps:burst) (default: 5:10)

HTTP Mode Configuration

In HTTP mode, Vault configuration can be provided through multiple methods (in order of precedence):

**HT

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

75/100across 5 weighted dimensions

How we score →

0255075100

−25

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (7)

Click any tool to inspect its schema.

~268 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Vault Mcp Server safe to use?: Vault Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MPL-2.0.
How do I install Vault Mcp Server?: Vault Mcp Server can be installed by cloning its GitHub repository and following the setup instructions in the README.
What can Vault Mcp Server do?: Vault Mcp Server provides 7 tools: create_mount, list_mounts, delete_mount, write_secret, read_secret and 2 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Vault Mcp Server?: Vault Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Vault Mcp Server actively maintained?: Vault Mcp Server is actively maintained — last commit was 4 days ago. It has 48 GitHub stars.