io.github.1clawAI/1claw-mcp

MCPcommunity
v0.32.1io.github.1clawAIUnknownUpdated 28d agonpmGitHub

HSM-backed vault secrets for AI agents (JIT fetch) plus prompt-injection and threat scanning.

An MCP (Model Context Protocol) server that gives AI agents secure, just-in-time access to secrets stored in the 1claw vault — and a standalone security inspection pipeline for detecting malicious LLM content. Secrets are fetched at runtime via the 1claw Agent API and never persisted in the LLM context window beyond the moment they are used. Local-only mode: Run without vault credentials for…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
28d agoLast update
Package
Authorio.github.1clawAI
LicenseUnknown
Version0.32.1
Sourcemcp-registry
Trust Status
B
60/100Good
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · clean+30/30
Static analysis · clean+20/20
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
Dependencies60 resolved+ · none vulnerable
Tool surface36 tools · 1 privileged
Security scan✓ Cleanv0.34.0 · 20d ago
EvalsNone
IndexedJun 13, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

An MCP (Model Context Protocol) server that gives AI agents secure, just-in-time access to secrets stored in the 1claw vault — and a standalone security inspection pipeline for detecting malicious LLM content. Secrets are fetched at runtime via the 1claw Agent API and never persisted in the LLM context window beyond the moment they are used. Local-only mode: Run without vault credentials for security-only tools (e.g., ). Ideal for users running local models (Ollama, LM Studio, llama.cpp) who…

Keywords
mcp