1Claw Vault
Verified · yesterdayHSM-backed vault secrets for AI agents (JIT fetch) plus prompt-injection and threat scanning.
Install
claude mcp add 1claw-mcp -- npx -y @1claw/[email protected]
Our take
1Claw is a security and vault MCP server for agents: secret retrieval, vault sharing, content inspection, signing-key and transaction-intent tools, plus a local-only inspection mode. The package is large and functional, with no installer tricks, and it reads vault credentials from environment or per-request headers. The risk is power, not evidence of bad faith: agents can fetch secrets or initiate signing flows if you grant the platform enough authority, and the registry version is currently behind npm latest.
Verification record
- yesterday
- 2
- 2 days ago
- no
- MIT
- 0.37.0
- 2026-07-03