What problem does envcp solve?

envcp prevents AI agents from accidentally leaking or misusing sensitive environment variables by encrypting secrets and enforcing granular access policies. Only authorized AI agents can read specific secrets based on your configured rules.

How do I install and start using envcp?

Install via `npx @fentz26/envcp@1.1.0` and connect it as an MCP server to your AI chat tool. The server runs over stdio and manages encrypted secrets locally with policy-based access control.

Can I control which AI models access which secrets?

Yes—envcp's core feature is AI access policies. You define which agents or models can read specific environment variables, preventing overly permissive secret exposure.

Are my secrets actually encrypted?

Yes, envcp stores environment variables in an encrypted vault. Secrets are not exposed in plaintext to AI agents; access is mediated through the policy engine.

What if I need to rotate a secret?

You can update secrets in the vault and modify their access policies without restarting your application. The MCP server reflects policy changes immediately.

MCP ServerSTDIOOfficialv1.1.0

Envcp MCP Server

Manage encrypted environment variables with AI-safe access policies, preventing unauthorized secret exposure to language models. Developers can vault sensitive credentials and control which AI agents access which secrets.

dev.fentz.envcp/envcp

Try MCP with AI models View source

Hosted URL

Local install

Transport

STDIO

Auth

No auth required

What the Envcp MCP server does

How models use it and what it is built for.

Connect to Envcp

Local install — runs as a subprocess.

npx @fentz26/envcp@1.1.0

Resources

Where to find authoritative docs and source for Envcp.

Source repository

Example prompts for Envcp

Paste any of these into Agent Studio after connecting Envcp.

Set up an encrypted vault for my database credentials with read-only AI access
Create an access policy that prevents Claude from reading my API keys
List all secrets currently stored in the encrypted vault
Rotate a secret and update its access policy for specific AI agents

Envcp MCP server — FAQ

Common questions about connecting and running Envcp.

What problem does envcp solve?
envcp prevents AI agents from accidentally leaking or misusing sensitive environment variables by encrypting secrets and enforcing granular access policies. Only authorized AI agents can read specific secrets based on your configured rules.
How do I install and start using envcp?
Install via `npx @fentz26/envcp@1.1.0` and connect it as an MCP server to your AI chat tool. The server runs over stdio and manages encrypted secrets locally with policy-based access control.
Can I control which AI models access which secrets?
Yes—envcp's core feature is AI access policies. You define which agents or models can read specific environment variables, preventing overly permissive secret exposure.
Are my secrets actually encrypted?
Yes, envcp stores environment variables in an encrypted vault. Secrets are not exposed in plaintext to AI agents; access is mediated through the policy engine.
What if I need to rotate a secret?
You can update secrets in the vault and modify their access policies without restarting your application. The MCP server reflects policy changes immediately.

Skip the local setup — run MCP in your browser

MCP Playground runs 10,000+ hosted MCP servers — GitHub, Linear, Notion, Stripe, Sentry and more — across Claude, GPT, Gemini, DeepSeek and 30+ AI models. Compare model answers side-by-side, save agent presets, share runs. Zero install.

Open Agent Studio

Related servers

Stackbilt MCP Gateway

Stackbilt platform MCP gateway — wireframe generation and stack scaffolding tools

Svelte

The official Svelte MCP server providing docs and autofixing tools for Svelte development

Oh My Posh Validator

Validate oh-my-posh configurations and segment snippets against the official schema.

Augments

Augments MCP Server - A comprehensive framework documentation provider for Claude Code