io.github.AIWerk/mcp-server-vault

io.github.AIWerk/mcp-server-vault·v0.2.1·Security

Bitwarden/Vaultwarden for agents: list tagged items, TOTP codes, one-time Sends, save new secrets.

Trust verdict · v1 advisory · method

NOT YET SCREENEDno verdict on file

Verdict not yet evaluated for this tool. The semantic screen takes adversarial cases first; coverage rolls out as the corpus expands (15/150 labels to graduation). The deterministic conformance probe is built but has not yet run on the public corpus, so a recorded verdict here is REVIEW or UNVERIFIED, never a clearing ALLOW. Until a verdict is recorded, an agent should treat this tool as not-yet-cleared and fall back to its own checks. Method: the eval, four-state verdict, honest limits.

Own this server? Screen its description →

Environment variables

VAULT_REGION

required

Bitwarden region or self-hosted mode (e.g. us, eu, or self-hosted).

VAULT_API_BASE

Base URL for self-hosted Vaultwarden, scheme+host only (e.g. https://pass.example.com). Omit for Bitwarden cloud.

VAULT_CLIENT_ID

requiredsecret

Bitwarden API client_id (personal API key).

VAULT_CLIENT_SECRET

requiredsecret

Bitwarden API client_secret (personal API key).

VAULT_MASTER_PASSWORD

requiredsecret

Vault master password, used to unlock and decrypt items.

MCP quality score · maturity, not trust · methodology

freshness

completeness

installability

documentation

stability

Alternatives in Security

ai.dynamicfeed/dynamic-feed

90 keyless tools of live, verifiable data for AI: weather, hazards, space, CVEs. Ed25519-signed.

Helixar Security

ai.helixar/mcp

Security tools for AI agents: scan MCP servers, validate HDP delegation chains, audit releases.

RFP.ai

ai.rfp/rfp-ai

Draft cited RFP and security questionnaire answers from your knowledge base, with human review

Install

Claude Desktop (claude_desktop_config.json)

{
  "mcpServers": {
    "mcp-server-vault": {
      "command": "npx",
      "args": [
        "-y",
        "@aiwerk/mcp-server-vault"
      ],
      "env": {
        "VAULT_REGION": "<vault_region>",
        "VAULT_API_BASE": "<vault_api_base>",
        "VAULT_CLIENT_ID": "<your-vault_client_id>",
        "VAULT_CLIENT_SECRET": "<your-vault_client_secret>",
        "VAULT_MASTER_PASSWORD": "<your-vault_master_password>"
      }
    }
  }
}

Cursor (.cursor/mcp.json)

{
  "mcpServers": {
    "mcp-server-vault": {
      "command": "npx",
      "args": [
        "-y",
        "@aiwerk/mcp-server-vault"
      ],
      "env": {
        "VAULT_REGION": "<vault_region>",
        "VAULT_API_BASE": "<vault_api_base>",
        "VAULT_CLIENT_ID": "<your-vault_client_id>",
        "VAULT_CLIENT_SECRET": "<your-vault_client_secret>",
        "VAULT_MASTER_PASSWORD": "<your-vault_master_password>"
      }
    }
  }
}

Cline (cline_mcp_settings.json)

npx -y @aiwerk/mcp-server-vault

Verdict API

curl -s mcpindex.ai/api/v1/trust/server/io-github-aiwerk-mcp-server-vault

Free-tier verdict as JSON: decision + dimensions + severity. Call it from your agent before it invokes a tool it just discovered.

Details

version: v0.2.1
category: Security
quality: 80 / 100
operator: AIWerk

Provenance

Verdict history is anchored to Bitcoin via OpenTimestamps. The free tier returns the current verdict only; the anchored record is served on the authenticated tier.

Links

Repository →