io.github.1clawAI/1claw-mcpdev-tools

1Claw Vault

Verified · yesterday

HSM-backed vault secrets for AI agents (JIT fetch) plus prompt-injection and threat scanning.

Install

claude mcp add 1claw-mcp -- npx -y @1claw/[email protected]

Requires: ONECLAW_AGENT_API_KEY, ONECLAW_AGENT_ID, ONECLAW_VAULT_ID, ONECLAW_BASE_URL, ONECLAW_LOCAL_ONLY

Our take

1Claw is a security and vault MCP server for agents: secret retrieval, vault sharing, content inspection, signing-key and transaction-intent tools, plus a local-only inspection mode. The package is large and functional, with no installer tricks, and it reads vault credentials from environment or per-request headers. The risk is power, not evidence of bad faith: agents can fetch secrets or initiate signing flows if you grant the platform enough authority, and the registry version is currently behind npm latest.

reviewed by hand · 2026-07-05

Something wrong or dead here? Report it

Verification record

last verified
yesterday
github stars
2
last commit
2 days ago
archived
no
license
MIT
latest version
0.37.0
in registry since
2026-07-03

github.com/1clawAI/1claw-mcp