MCP Protocol

Stop pasting secrets into AI chats.

We've all done it. Copied a database URL from 1Password into a Claude prompt. It works. It's also terrible. FyVault gives your AI tools direct vault access so secrets never touch the chat window.

Before

1Password

→ copy →

paste into Claude

→

⚠ secret in chat logs

After

Claude

→ calls fyvault_get_secret →

FyVault

→

✓ secret never in chat

The copy-paste problem

What if your editor just... knew?

You're working in Cursor. You need a database URL. So you open 1Password, copy it, paste it into the chat. That secret is now in your AI provider's context window, their logs, and possibly their training data. FyVault fixes this with five MCP tools your AI discovers automatically.

fyvault_get_secret

Pull a secret directly into your AI's context — no clipboard involved

fyvault_list_secrets

Let your AI see what's available without exposing values

fyvault_list_environments

Switch between dev, staging, and prod in a single prompt

fyvault_rotate_secret

Tell your AI to rotate a key. It handles the rest.

fyvault_scan_text

Your AI checks its own output for leaked credentials before you ship

Works where you already work

Your AI tools become vault-aware

Any editor that speaks MCP connects to FyVault in minutes. No plugins, no extensions. Your AI just calls fyvault_get_secret when it needs a credential.

Claude Desktop

I need the database connection string.

→ Calling fyvault_get_secret("DATABASE_URL")

✓ Secret injected. Never touched the chat window.

Cursor

Checking what secrets this project needs...

→ Calling fyvault_list_secrets()

✓ Found 14 secrets across 3 environments

Windsurf

That Stripe key is 90 days old. Rotating now.

→ Calling fyvault_rotate_secret("STRIPE_KEY")

✓ Rotated: v5 → v6. Zero downtime.

5 minutes to never copy-paste a secret again

One JSON block in your editor config. That's the entire setup. Works identically in Claude Desktop, Cursor, and Windsurf.

claude_desktop_config.json

{

"mcpServers": {

"fyvault": {

"command": "npx",

"args": ["@fyvault/mcp-server"],

"env": {

"FYVAULT_API_KEY": "fvag_..."

}

Python SDK (alternative)

from fyvault import FyVault

fv = FyVault(api_key="fvag_...")
secret = fv.secrets.get("DATABASE_URL")
# Same secure access, same audit trail.

Run npx @fyvault/mcp-server to install

Paste the config into your editor settings

Ask your AI for a secret. It just works.

Why this matters

Your AI tools are leaking secrets

Secrets never hit the chat

Your AI fetches what it needs through a secure channel. The actual value never appears in the conversation or logs.

Scoped to least privilege

Agent credentials limit exactly which secrets your AI can access. No blanket read permissions.

Full audit trail

Every fetch, rotation, and scan is logged with timestamp, caller identity, and environment. Know exactly what your AI touched.

Environment-aware by default

Your AI knows the difference between dev and production. No more accidentally using prod credentials in a test.

Rotate without context-switching

Tell your AI to rotate a stale key. It calls the vault, swaps the value, and keeps working. You never leave the editor.

Catch leaks before they ship

Built-in scanning means your AI can check its own generated code for accidentally hardcoded secrets.

Every secret you paste into an AI chat is a secret you've lost control of.

Give your AI tools vault access instead. Five minutes. One config. No more copy-paste.