Stillerman/secret-butler
3.1
If you are the rightful owner of secret-butler and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
SecretButler is a secure local MCP server designed to manage API keys with user approval.
Tools
2
Resources
0
Prompts
0
SecretButler 🗝️
A secure local MCP server for managing API keys with user approval
Overview
SecretButler provides a secure way to manage and share API keys with MCP clients like Claude Desktop and Cursor. It runs as a local server with a native GUI that requires explicit user approval before sharing any secrets.
✨ Features
- 🔒 Secure: Stores API keys locally in
~/.secretbutler.toml - 👤 User-controlled: GUI popup requires explicit approval for each request
- 🔌 MCP compatible: Works with any MCP client
- ⚙️ Easy setup: Simple TOML configuration
- 🍎 Native macOS: Uses native macOS GUI components
🚀 Installation
Add to your MCP client configuration:
{
"mcpServers": {
"SecretButler": {
"command": "uvx",
"args": ["secretbutler"],
"env": {
"CLIENT_NAME": "Claude"
}
}
}
}
⚙️ Configuration
On first run, SecretButler creates ~/.secretbutler.toml:
[secrets]
OPENAI_API_KEY = "sk-..."
ANTHROPIC_API_KEY = "sk-ant-..."
HF_API_KEY = "hf_..."
Simply edit this file to add your API keys.
🛠️ MCP Tools
| Tool | Description |
|---|---|
list_secrets() | Returns available secret names (no approval needed) |
request_secrets(secret_names, client_name) | Request specific secrets with user approval |
🔐 Security
- ✅ Secrets stored locally only
- ✅ No sharing without explicit approval
- ✅ Clear approval dialogs show requested secrets and client
- ✅ Foreground GUI prevents unauthorized access
📄 License
MIT License