keywaysh/keyway-mcp
If you are the rightful owner of keyway-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.
Keyway MCP Server is a secure secrets management server for LLMs like Claude, enabling access to secrets without exposing them in conversation context.
Keyway MCP Server
Let AI manage your secrets securely
Keyway is a GitHub-native secrets manager. This MCP server lets AI assistants like Claude securely access your secrets without ever exposing them in conversation.
Installation · Tools · Security · Development
Why Keyway MCP?
Traditional secret management with AI is risky: copying secrets into chat exposes them in logs and context. Keyway MCP solves this:
| Without Keyway | With Keyway MCP |
|---|---|
| Copy secrets into chat | Secrets stay in vault |
| Visible in conversation history | Never exposed to AI |
| Manual secret creation | Generate securely, never exposed |
| Hope AI doesn't leak them | Cryptographically protected |
Key features:
- Zero exposure — Generate, validate, and use secrets without the AI ever seeing them
- Pre-deployment validation — Check all required secrets exist before shipping
- Secret scanning — Detect leaked credentials in your codebase
- Environment diffing — Compare secrets across dev/staging/prod
Quick Install
Prerequisites
First, authenticate with Keyway CLI:
npx @keywaysh/cli login
Claude Code
claude mcp add keyway -- npx @keywaysh/mcp
VS Code / Cursor
code --add-mcp '{"name":"keyway","command":"npx","args":["-y","@keywaysh/mcp"]}'
Or click: Install in VS Code
Other IDEs
Windsurf
Add to your MCP config:
{
"mcpServers": {
"keyway": {
"command": "npx",
"args": ["-y", "@keywaysh/mcp"]
}
}
}
Warp
Settings → AI → Manage MCP Servers → Add:
{
"mcpServers": {
"keyway": {
"command": "npx",
"args": ["-y", "@keywaysh/mcp"]
}
}
}
GitHub Copilot
/mcp add
Then enter npx -y @keywaysh/mcp when prompted.
Goose
Advanced settings → Extensions → Add custom extension
Select STDIO type, command: npx -y @keywaysh/mcp
Available Tools
keyway_generate
Generate secure secrets and store them directly in the vault. The value is never exposed to the AI.
"Generate a new JWT secret for production"
{
"name": "JWT_SECRET",
"type": "jwt-secret",
"environment": "production"
}
Types: password | uuid | api-key | jwt-secret | hex | base64
Response:
{
"success": true,
"action": "created",
"name": "JWT_SECRET",
"type": "jwt-secret",
"length": 43,
"preview": "eyJh**********************************MDkz",
"message": "Secret created. The actual value was never exposed in this conversation."
}
keyway_validate
Validate required secrets exist before deployment. Supports auto-detection from code.
"Check if production has all required secrets"
{
"environment": "production",
"required": ["DATABASE_URL", "STRIPE_SECRET_KEY", "JWT_SECRET"]
}
Or auto-detect from your codebase:
{
"environment": "production",
"autoDetect": true
}
Response:
{
"valid": false,
"missing": ["STRIPE_SECRET_KEY"],
"present": ["DATABASE_URL", "JWT_SECRET"],
"stats": {
"requiredCount": 3,
"presentCount": 2,
"coverage": "66.7%"
},
"message": "✗ Missing 1 required secret in production: STRIPE_SECRET_KEY"
}
keyway_scan
Scan your codebase for leaked secrets. Detects 18+ secret types.
"Scan the codebase for leaked credentials"
{
"path": "./src"
}
Detects: AWS keys, GitHub tokens, Stripe keys, Slack webhooks, private keys, and more.
Response:
{
"filesScanned": 142,
"findingsCount": 2,
"findings": [
{
"file": "src/config.ts",
"line": 23,
"type": "GitHub PAT",
"preview": "ghp_********************************xyz"
}
]
}
keyway_diff
Compare secrets between environments.
"What's different between staging and production?"
{
"env1": "staging",
"env2": "production"
}
Response:
{
"onlyInEnv1": ["DEBUG_MODE"],
"onlyInEnv2": ["REDIS_CLUSTER_URL"],
"different": [
{
"key": "DATABASE_URL",
"preview1": "**st (45 chars)",
"preview2": "**db (52 chars)"
}
],
"same": ["API_KEY", "JWT_SECRET"],
"stats": {
"totalEnv1": 10,
"totalEnv2": 11,
"different": 1
}
}
keyway_inject_run
Run commands with secrets injected as environment variables.
"Run the test suite with production secrets"
{
"command": "npm",
"args": ["test"],
"environment": "production"
}
Secrets are injected into the command's environment and masked in any output.
keyway_list_secrets
List secret names (not values) in an environment.
{
"environment": "production"
}
keyway_set_secret
Create or update a secret manually.
{
"name": "WEBHOOK_URL",
"value": "https://hooks.example.com/abc123",
"environment": "production"
}
keyway_list_environments
List available environments for the repository.
Security
Keyway MCP is designed with security as the primary concern:
| Feature | How it works |
|---|---|
| Token encryption | Uses AES-256-GCM, same as Keyway CLI |
| No secret logging | Values never appear in logs or output |
| Output masking | inject_run redacts secrets from stdout/stderr |
| Shell injection prevention | Commands run with shell: false |
| File permissions | Validates ~/.keyway/.key is 0600 |
| Generate, don't expose | keyway_generate creates secrets without revealing them |
What the AI can see
| Tool | AI sees value? |
|---|---|
keyway_generate | No — only masked preview |
keyway_validate | No — only key names |
keyway_scan | No — only masked previews |
keyway_diff | No — only masked previews |
keyway_inject_run | No — values masked in output |
keyway_list_secrets | No — only key names |
keyway_set_secret | Yes — value provided by user |
Development
# Install dependencies
pnpm install
# Run in development
pnpm dev
# Build
pnpm build
# Run tests
pnpm test
# Lint & format
pnpm lint
pnpm format
Environment Variables
| Variable | Description |
|---|---|
KEYWAY_API_URL | Override API URL (default: https://api.keyway.sh) |
License
MIT — see
keyway.sh · Built for developers who care about security