io.github.aarifmms/keyblind

MCPcommunity
v0.1.4io.github.aarifmmsUnknownUpdated 1mo agonpmGitHub

Encrypted secrets vault for AI agents — secrets resolved at runtime, never seen by LLMs.

Encrypted secrets vault with MCP for AI agents. Secrets resolved at runtime, never leaked to LLM conversations. Developers regularly leak API keys, passwords, and tokens to AI coding tools. 100,000+ LLM conversations with exposed secrets were found indexed by search engines in 2025. AI agents read your files. They copy-paste secrets into conversations. They commit them accidentally. Keyblind…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
1mo agoLast update
Package
Authorio.github.aarifmms
LicenseUnknown
Version0.1.4
Sourcemcp-registry
Trust Status
B
60/100Good
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · clean+30/30
Static analysis · clean+20/20
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
Dependencies60 resolved · 3 with advisories
Tool surface22 tools · 3 privileged
Security scan⚠ Warnings (0)v0.6.0 · 20d ago
DEPesbuild@0.27.0GHSA-gv7w-rqvm-qjhr (transitive)
DEPsandbox@3.1.2GHSA-fm4j-4xhm-xpwx, GHSA-gc25-3vc5-2jf9 (transitive)
DEPsmol-toml@1.5.2GHSA-v3rj-xjv7-4jmq (transitive)
EvalsNone
IndexedJun 13, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

Encrypted secrets vault with MCP for AI agents. Secrets resolved at runtime, never leaked to LLM conversations. Developers regularly leak API keys, passwords, and tokens to AI coding tools. 100,000+ LLM conversations with exposed secrets were found indexed by search engines in 2025. AI agents read your files. They copy-paste secrets into conversations. They commit them accidentally. Keyblind stops this by keeping secrets encrypted at rest and resolving them at runtime — the plaintext value…

Keywords
mcp