Secr MCP server — gives AI coding agents (Claude Code, Cursor, Copilot) direct access to secrets via the Model Context Protocol.
npm install @secr/mcpclaude mcp add secr -e SECR_TOKEN=secr_agent_xxx -- npx @secr/mcpAdd to ~/.cursor/mcp.json:
{
"mcpServers": {
"secr": {
"command": "npx",
"args": ["@secr/mcp"],
"env": { "SECR_TOKEN": "secr_agent_xxx" }
}
}
}Add to .vscode/mcp.json:
{
"servers": {
"secr": {
"command": "npx",
"args": ["@secr/mcp"],
"env": { "SECR_TOKEN": "secr_agent_xxx" }
}
}
}The server exposes 5 tools to AI agents:
| Tool | Description |
|---|---|
get_secret |
Get a single secret value by key |
list_secrets |
List secret key names (no values) with optional search |
set_secret |
Create or update a secret |
delete_secret |
Delete a secret |
list_environments |
List environments for a project |
All tools accept optional org, project, and environment parameters. When omitted, they resolve from environment variables or .secr.json.
| Variable | Required | Default | Description |
|---|---|---|---|
SECR_TOKEN |
Yes | -- | Agent token (secr_agent_...) |
SECR_ORG |
No | .secr.json |
Organization slug |
SECR_PROJECT |
No | .secr.json |
Project slug |
SECR_ENVIRONMENT |
No | .secr.json |
Default environment slug |
SECR_API_URL |
No | https://api.secr.dev |
API base URL |
secr agents create --name "claude-code" --scope "read:secrets,write:secrets"Agent tokens use scoped permissions — the server only has access to what the token allows.
Full docs at secr.dev/docs.
MIT