1Claw Vault
MCPby 1clawAI · v0.32.1
HSM-backed vault secrets for AI agents (JIT fetch) plus prompt-injection and threat scanning.
mcplocal
MCP configuration
stdio
Command
npx -y @1claw/mcp@0.32.1
Environment
ONECLAW_AGENT_API_KEYsecretAgent API key (ocv_...). Exchanged for a short-lived JWT; auto-discovers agent ID and vault. Recommended for stdio.
ONECLAW_AGENT_IDOptional agent UUID when pinning identity (usually auto-discovered from the API key).
ONECLAW_VAULT_IDOptional vault UUID when the agent can access multiple vaults.
ONECLAW_BASE_URLVault API base URL (default https://api.1claw.xyz).
ONECLAW_LOCAL_ONLYSet to true for security-only mode (inspect_content only; no vault credentials).
Install in one click with Zurek
Browse here, install from the native macOS app — pick targets, fill env vars, and write configs safely.