Aegis

Name: Aegis
Author: getaegis

getaegis/aegis

Keep API keys and tokens out of agent prompts by injecting credentials at a network gate proxy your MCP stack can target.

Overview

Aegis is an MCP server for the Ship phase that isolates agent credentials and injects secrets at the network boundary via a gate proxy.

What is this MCP server?

Credential vault with AEGIS_MASTER_KEY and AEGIS_SALT (required secrets)
Gate proxy injects secrets at the network boundary (default port 3100)
npm @getaegis/cli with stdio MCP transport (v1.0.3)
Configurable AEGIS_DATA_DIR, log level, and log format
Designed so agents never need raw secrets in context
Package version 1.0.3 (@getaegis/cli)
Default gate proxy port 3100 (AEGIS_PORT)
Required env: AEGIS_MASTER_KEY and AEGIS_SALT

Compatible agents: Claude Code, Cursor, Codex, Windsurf

What problem does it solve?

Agents and MCP tools often force you to expose API keys in prompts, env files, or logs—creating an easy secret leak path for solo builders.

Who is it for?

Indie developers shipping MCP-heavy agents who integrate many third-party APIs and need local secret vaulting before go-live.

Skip if: Builders with a single static public API and no secrets, or teams that already enforce a managed enterprise secrets platform end to end.

What do I get? / Deliverables

After setup, agents call outbound APIs through Aegis so credentials stay vaulted and injected only at the proxy, shrinking leak surface area.

Local encrypted credential vault under configurable AEGIS_DATA_DIR
Network-boundary secret injection for agent and MCP outbound calls
Reduced exposure of API keys in prompts and repository env files

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

HSM-backed vault secrets for AI agents (JIT fetch) plus prompt-injection and threat scanning.2 stars

1passwordCakeRepository/1Password-MCP

MCP server for 1Password service accounts — tools and resources for vaults and credentials16 stars

402sentinel Mcpkaditang/402sentinel-mcp

Assess an x402 counterparty's risk BEFORE paying: allow/review/block, scored on-chain (Base).1 stars

A2a Governance Bridge Mcp

A2A Governance Bridge MCP server. Tools: verify agent compliance, authorize a2a transaction, get tru

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

Remote MCP for A2A dependency inspector MCP, structured receipts, audit logs, and reviewer-ready evi

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

Remote MCP for A2A caller identity, scope policy, verdict receipts, and audit history.

Journey fit

Primary fit

Ship is the canonical shelf because credential isolation is a launch-readiness control before customers touch agent features that call third-party APIs. Security subphase covers secret handling and blast-radius reduction—not generic backend CRUD implementation.

How it compares

Secrets gate and vault MCP infra, not a vulnerability scanner or code-review skill.

Common Questions / FAQ

Who is io.github.getaegis/aegis for?

Solo builders and small teams running AI agents with MCP who need to keep third-party credentials out of model context and inject them safely at request time.

When should I use io.github.getaegis/aegis?

Use it while integrating external APIs and before shipping agent features to production, especially when multiple secrets and outbound calls are involved.

How do I add io.github.getaegis/aegis to my agent?

Install @getaegis/cli, run aegis init, set AEGIS_MASTER_KEY and AEGIS_SALT, start the gate (default port 3100), register the stdio MCP server in your client, and route agent HTTP through the proxy per getaegis docs.

What is this MCP server?