secenv-mcp
MCP (Model Context Protocol) server for centralized secrets management.
Expose secrets.json to Cursor, Claude Desktop, Windsurf, Cline, GitHub
Copilot, Codex, and any MCP-compatible editor. Your AI agent can generate
.env files on demand, rotate shared keys across projects, and sync secrets
to GitHub Actions — without ever exposing plaintext to the model.
Built on top of secenv-cli.
Available on
The server.json in .well-known/mcp/ is the source of truth for the official
MCP registry. PulseMCP and MCP.Directory auto-crawl from it; Glama requires a
one-time GitHub OAuth login.
Why?
| Tool | Limit / cost |
|---|
| Doppler free | 10 projects — too few for 100+ repos |
| Infisical Cloud free | 3 projects |
| 1Password | $36/year minimum |
| dotenvx / SOPS / git-crypt | per-repo, no shared references |
| GitHub Secrets | no local .env generation for AI agents |
SecEnv: $0, unlimited projects, shared references, one-line rotation, local
AI agent integration, no SaaS dependency.
Install
npm install -g secenv-mcp
Or use npx (no install):
npx -y secenv-mcp
Prerequisites
- Private Git repo with
secrets.json (see secenv-cli)
- Run
npx secenv-cli --init <repo-url> once to clone the vault locally
- GitHub CLI (
gh) — only required for the sync_github tool
Use with Cursor / Claude Desktop / Windsurf / Cline
Add to your MCP client config:
{
"mcpServers": {
"secenv": {
"command": "npx",
"args": ["-y", "secenv-mcp"]
}
}
}
Config file locations:
- Cursor:
~/.cursor/mcp.json (or Settings → MCP → Add new global MCP server)
- Claude Desktop (macOS):
~/Library/Application Support/Claude/claude_desktop_config.json
- Claude Desktop (Windows):
%APPDATA%\Claude\claude_desktop_config.json
- Windsurf:
~/.codeium/windsurf/mcp_config.json
- Cline (VS Code): VS Code
settings.json under "cline.mcpServers"
- Continue.dev:
~/.continue/config.json under "experimental.mcpServers"
Per-project config (recommended)
You can scope secenv to a single project by adding the same JSON to
<project>/.cursor/mcp.json or <project>/.vscode/mcp.json. This keeps
~/.secenv/secrets/ isolated to one repo at a time.
Use with Claude Code
Claude Code has built-in MCP support via the claude CLI:
claude mcp add secenv -- npx -y secenv-mcp
Verify with claude mcp list. The server will be available in all
claude sessions.
Use with Smithery
The official installer for MCP servers. One-line install:
npx -y @smithery/cli install secenv-mcp --client claude
# or
npx -y @smithery/cli install secenv-mcp --client cursor
When prompted, paste your private secrets repo URL.
Use with GitHub Copilot CLI / VS Code
GitHub Copilot supports MCP via the official
@github/copilot-cli wrapper and
VS Code's MCP extension.
# .github/copilot/mcp.json or VS Code user settings
{
"mcpServers": {
"secenv": {
"command": "npx",
"args": ["-y", "secenv-mcp"]
}
}
}
For VS Code, install the Copilot MCP extension
and add the same config under mcp.servers in your user settings.json.
Use with OpenAI Codex / ChatGPT
OpenAI's Codex CLI supports MCP since v0.46+:
# ~/.codex/config.toml
[mcp_servers.secenv]
command = "npx"
args = ["-y", "secenv-mcp"]
For ChatGPT (Developer Mode → Apps SDK), see the official
Apps SDK docs for connecting remote
MCP servers — point it at the HTTP endpoint described below.
Tools
| Tool | Description |
|---|
generate_env | Generate .env from .env.example + central secrets |
list_projects | List all projects in secrets.json |
list_shared | List shared secret key names (values redacted) |
add_secret | Add or update a project secret |
rotate_secret | Rotate a shared secret, reports affected projects |
sync_github | Sync secrets to GitHub Actions via gh CLI |
clean_stale_projects | Remove projects whose local directory no longer exists |
delete_project | Remove a project entry from secrets.json |
remove_secret | Remove a single secret key (project or shared) |
The list_shared tool never returns plaintext — only masked values
(e.g., sk-p••••mnop) so the AI cannot exfiltrate your secrets.
Transports
| Mode | Command | Use case |
|---|
| stdio (default) | npx secenv-mcp | Local AI clients (Cursor, Claude Desktop, Windsurf, Cline, Codex) |
| Streamable HTTP | npx secenv-mcp --http | Remote / hosted / Vercel / Cloudflare / Render |
The MCP server is designed for local stdio as the primary mode. The
secrets vault is read from ~/.secenv/secrets/ which only exists on your
machine.
Remote hosting (free tier)
If you want to expose the server over HTTP (e.g., for a remote LLM or
team access), the bundled server supports any Node.js host.
Vercel (Hobby, 1M invocations/month)
npm run build
vercel link
vercel env add SECENV_REPO_URL production
# paste your private repo URL
vercel --prod
Endpoint: https://<your-deployment>.vercel.app/mcp
Health: https://<your-deployment>.vercel.app/health
Cloudflare Workers (100K requests/day)
wrangler secret put SECENV_REPO_URL
# paste your private repo URL
wrangler deploy
Render (750 free hours/month)
Click "New Web Service" on Render, import this repo. The included
render.yaml configures everything automatically.
Build a Smithery MCPB bundle
npm run build # produces dist/index.js (768KB single file)
npm run pack # produces dist/secenv-mcp.mcpb
npx -y @anthropic-ai/mcpb validate dist/secenv-mcp.mcpb
Security
- Secret values are never returned by
list_shared — only key names with masked values
- All git operations use your local SSH keys
gh secret set uses stdin — values never appear in process args or shell history- The MCP server runs locally — your secrets never leave your machine
- For remote deployments, set
MCP_API_KEY to require Bearer auth
Requirements
- Node.js >= 18
- Git
secenv-cli (installed automatically as a dependency)- GitHub CLI (
gh) — only for the sync_github tool
Development
npm install
npm test # run unit tests
npm run test:tools # MCP tool tests only
npm run build # bundle to dist/index.js
npm run pack # bundle + zip to .mcpb
License
MIT
