A community-driven registry for the Claude Code ecosystem. Not affiliated with Anthropic.
Are you the author? Sign in to claim
MCP Server for SecureCodeHQ. Lets Claude Code access your secrets securely.
MCP Server for SecureCodeHQ. Lets Claude Code access your secrets securely without ever seeing them.
claude mcp add securecode -- npx -y @securecode/mcp-server
Then tell Claude Code:
Set up SecureCode in this project
The onboard tool walks you through account creation, secret import, and configuration. Takes about 2 minutes.
Your secrets (API keys, tokens, passwords) are encrypted with AES-256 and stored in SecureCode. Claude Code accesses them via MCP, but the actual values never appear in the chat.
When Claude reads a secret, the value is written to a local file on your machine. The AI gets the file path but never sees the raw value. This is inject mode, the default.
| Tool | What it does |
|---|---|
onboard | Guided setup: signup, import, API key, config, SDK |
get-secret | Get a secret (injected to file by default, reveal: true to show to AI) |
list-secrets | List all secrets with tags and expiry status |
create-secret | Create a new secret |
update-secret | Update value, description, or tags |
delete-secret | Delete a secret |
renew-secret | Renew expired secrets or change TTL |
import-env | Import .env via secure web window (values never pass through AI) |
export-env | Export secrets as .env or CSV |
get-status | Check plan, usage, and MCP server version |
wake-session | Unlock session with optional scope and auto-sleep timer |
sleep-session | Lock session and clean injected files |
session-status | Check session state and time remaining |
byebye | Lock session + clean all secrets from disk |
get-active-rules | List active MCP access rules (read-only) |
security-check | Post-setup security hardening checks |
help | Docs: tools, SDK, sessions, rules, troubleshooting |
Control how AI agents access your secrets with tag-based policies. Created from the dashboard, enforced server-side.
| Action | Effect |
|---|---|
| Block Always | Secret only accessible from the dashboard |
| Require Confirmation | Agent must acknowledge before accessing |
| Require Session | Requires active session (wake-session) |
| Block Models | Only allows specific AI models |
| Notify | Sends email on access (non-blocking) |
You: "Wake my session for acme staging"
Claude: Session unlocked. Only acme/staging secrets accessible.
You: "byebye"
Claude: Session locked & secrets cleaned from disk.
Sessions auto-sleep after configurable inactivity (default: 2 hours).
reveal: true returns value to AI (audited)The companion SDK lets your app load secrets at runtime:
npm install @securecode/sdk
import { loadEnv } from '@securecode/sdk';
await loadEnv(); // all secrets loaded into process.env
MIT
Run Claude Code as an MCP server so any agent can delegate coding tasks to it
Browser automation using accessibility snapshots instead of screenshots
English-first Korean equity intelligence MCP — DART filings, foreign-holder 5%-rule flows, activist filings, KRX news. F
Unity MCP acts as a bridge between AI assistants and your Unity Editor. Give your LLM tools to manage assets, control sc
0
via CLI
