Secenv Mcp

Name: Secenv Mcp
Author: chirag127

chirag127/secenv-mcp

Centralize secrets in a private vault repo and let your agent generate .env files, rotate keys, and sync values to GitHub Actions without scattering credentials across laptops.

Overview

secenv-mcp is a MCP server for the Ship phase that manages centralized secrets, generates .env files, rotates keys, and syncs them to GitHub Actions from a private vault repo.

What is this MCP server?

Centralized secrets manager exposed as MCP tools for coding agents
Generate .env files from a private vault referenced by SECENV_REPO_URL
Rotate keys and sync secrets to GitHub Actions from one workflow
Distributed as mcpb release v1.1.0 with sha256-pinned artifact
Server manifest version 1.1.4 with stdio transport
Server manifest version 1.1.4; bundled mcpb release v1.1.0
Transport: stdio via mcpb identifier
Required secret env: SECENV_REPO_URL (private vault Git URL)

Compatible agents: Claude Code, Cursor, Codex, Windsurf

What problem does it solve?

Indie devs shipping to GitHub Actions repeatedly leak or stale-copy .env secrets across repos because there is no agent-accessible vault workflow.

Who is it for?

Solo builders using Claude Code or Cursor who already rely on GitHub Actions and want git-backed secret rotation without a separate enterprise vault SKU.

Skip if: Teams forbidden from storing secrets in git-backed repos, or builders with no CI/CD who only need a local .env.example template.

What do I get? / Deliverables

After SECENV_REPO_URL is configured and the mcpb server is registered, your agent can pull consistent env files, rotate keys, and push CI secrets from one vault.

Generated .env files aligned with the centralized vault
Rotated keys propagated through documented MCP tools
GitHub Actions secret sync without manual dashboard pasting

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Secrets hygiene peaks at Ship when you move from local dev to CI, previews, and production deploys. Security subphase covers secret rotation, env parity, and CI leakage prevention—exactly what secenv-mcp advertises.

How it compares

Secrets-and-CI MCP integration, not a generic environment-variable linter skill.

Common Questions / FAQ

Who is secenv-mcp for?

Developers shipping side projects and SaaS with GitHub Actions who want MCP-driven .env generation and secret sync from a private vault repository.

When should I use secenv-mcp?

Use it in Ship when you harden deployments—rotating keys, aligning local and CI env vars, and reducing copy-paste secret drift.

How do I add secenv-mcp to my agent?

Install the mcpb bundle from the GitHub release (v1.1.0), set SECENV_REPO_URL to your private secrets vault Git URL on first run, and add the stdio server to your MCP client.

Secenv Mcp

chirag127/secenv-mcp

Centralize secrets in a private vault repo and let your agent generate .env files, rotate keys, and sync values to GitHub Actions without scattering credentials across laptops.

Overview

secenv-mcp is a MCP server for the Ship phase that manages centralized secrets, generates .env files, rotates keys, and syncs them to GitHub Actions from a private vault repo.

What is this MCP server?

Centralized secrets manager exposed as MCP tools for coding agents
Generate .env files from a private vault referenced by SECENV_REPO_URL
Rotate keys and sync secrets to GitHub Actions from one workflow
Distributed as mcpb release v1.1.0 with sha256-pinned artifact
Server manifest version 1.1.4 with stdio transport
Server manifest version 1.1.4; bundled mcpb release v1.1.0
Transport: stdio via mcpb identifier
Required secret env: SECENV_REPO_URL (private vault Git URL)

Compatible agents: Claude Code, Cursor, Codex, Windsurf

What problem does it solve?

Indie devs shipping to GitHub Actions repeatedly leak or stale-copy .env secrets across repos because there is no agent-accessible vault workflow.

Who is it for?

Solo builders using Claude Code or Cursor who already rely on GitHub Actions and want git-backed secret rotation without a separate enterprise vault SKU.

Skip if: Teams forbidden from storing secrets in git-backed repos, or builders with no CI/CD who only need a local .env.example template.

What do I get? / Deliverables

After SECENV_REPO_URL is configured and the mcpb server is registered, your agent can pull consistent env files, rotate keys, and push CI secrets from one vault.

Generated .env files aligned with the centralized vault
Rotated keys propagated through documented MCP tools
GitHub Actions secret sync without manual dashboard pasting

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Secrets-and-CI MCP integration, not a generic environment-variable linter skill.

Common Questions / FAQ

Who is secenv-mcp for?

Developers shipping side projects and SaaS with GitHub Actions who want MCP-driven .env generation and secret sync from a private vault repository.

When should I use secenv-mcp?

Use it in Ship when you harden deployments—rotating keys, aligning local and CI env vars, and reducing copy-paste secret drift.

How do I add secenv-mcp to my agent?

Install the mcpb bundle from the GitHub release (v1.1.0), set SECENV_REPO_URL to your private secrets vault Git URL on first run, and add the stdio server to your MCP client.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is secenv-mcp for?

When should I use secenv-mcp?

How do I add secenv-mcp to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is secenv-mcp for?

When should I use secenv-mcp?

How do I add secenv-mcp to my agent?