Clavis

Gives Claude secure access to credentials without hardcoding them in your config. Exposes three tools: get_credentials to retrieve valid tokens, list_services to see what's stored, and check_credential_status to verify expiry. Handles the annoying stuff like OAuth token refresh automatically and logs every credential access for security auditing. Uses AES-256 encryption for the vault and includes distributed rate limiting to prevent API quota burns. Reach for this when you're building agents that need to authenticate with external services but you don't want API keys sitting in plaintext or tokens expiring mid-conversation.