1Claw Vault

MCP

by 1clawAI · v0.32.1

HSM-backed vault secrets for AI agents (JIT fetch) plus prompt-injection and threat scanning.

mcplocal

MCP configuration

stdio

Command

npx -y @1claw/mcp@0.32.1

Environment

  • ONECLAW_AGENT_API_KEYsecret

    Agent API key (ocv_...). Exchanged for a short-lived JWT; auto-discovers agent ID and vault. Recommended for stdio.

  • ONECLAW_AGENT_ID

    Optional agent UUID when pinning identity (usually auto-discovered from the API key).

  • ONECLAW_VAULT_ID

    Optional vault UUID when the agent can access multiple vaults.

  • ONECLAW_BASE_URL

    Vault API base URL (default https://api.1claw.xyz).

  • ONECLAW_LOCAL_ONLY

    Set to true for security-only mode (inspect_content only; no vault credentials).

Install in one click with Zurek

Browse here, install from the native macOS app — pick targets, fill env vars, and write configs safely.