Vault MCP Server (mschuchard)
UnverifiedREPOmschuchard/vault-mcp-server
F
Catalogue entry updated 3 days ago
Auth postureNot probedno remote endpoint probed yet
Tools13824 Destructive · 17 Execute · 39 Write · 58 Read
Worst categoryDestructivegrade tracks the peak, not the average
Capability mix
Destructive 24Execute 17Write 39Read 58
What it can reach
Ingests untrusted inputTouches secretsReaches networkRuns codeTouches filesChanges permissionsSends external commsPersistsDeletes dataMoves money
Tools 138
database-connection-deletedatabase-role-deletedatabase-static-role-deleteidentity-entity-alias-deleteidentity-entity-delete
View all 138 tools
identity-entity-delete-by-nameidentity-group-alias-deleteidentity-group-deleteidentity-group-delete-by-nameidentity-oidc-key-deleteidentity-oidc-role-deletekv2-deletekv2-delete-latest-versionkv2-delete-specific-versionskv2-destroy-versionspki-delete-rolepki-delete-root-capki-revoke-certificatepki-revoke-issuerpolicy-deleteraft-auto-snapshot-config-deleteraft-node-removeraft-snapshot-restoretransit-engine-encryption-key-deletedatabase-connection-resetdatabase-connection-rotate-rootdatabase-static-credentials-rotateidentity-oidc-key-rotateidentity-oidc-token-generatepki-generate-certificatepki-generate-intermediatepki-generate-root-capki-rotate-crlpki-sign-certificatepki-sign-intermediate-certificatepki-sign-self-issuedpki-tidy-certificatesraft-cluster-jointransit-engine-decrypt-ciphertexttransit-engine-encrypt-plaintexttransit-engine-encryption-key-rotateaudit-device-disableaudit-device-enableauthentication-engine-disableauthentication-engine-enableauthentication-engine-tunedatabase-credentials-generatedatabase-role-createdatabase-static-role-createidentity-entities-mergeidentity-entity-alias-create-or-updateidentity-entity-alias-updateidentity-entity-create-or-updateidentity-entity-updateidentity-group-alias-create-or-updateidentity-group-alias-updateidentity-group-create-or-updateidentity-group-updateidentity-oidc-configureidentity-oidc-key-create-or-updateidentity-oidc-role-create-or-updatekv2-configure-backendkv2-create-or-updatekv2-patchkv2-update-metadatapki-create-update-rolepki-set-crl-configurationpki-set-signed-intermediatepki-set-urlspki-submit-ca-informationpki-update-issuerpolicy-create-or-updateraft-auto-snapshot-config-create-or-updatesecret-engine-disablesecret-engine-enablesecret-engine-movesecret-engine-tune-configurationtransit-engine-encryption-key-createtransit-engine-encryption-key-update-configtransit-engine-generate-random-bytesaudit-devices-listauthentication-engine-readauthentication-engines-listdatabase-connection-readdatabase-connections-listdatabase-role-readdatabase-roles-listdatabase-static-credentials-getdatabase-static-role-readdatabase-static-roles-listidentity-entities-listidentity-entity-alias-readidentity-entity-aliases-listidentity-entity-lookupidentity-entity-readidentity-entity-read-by-nameidentity-group-alias-readidentity-group-aliases-listidentity-group-lookupidentity-group-readidentity-group-read-by-nameidentity-groups-listidentity-oidc-configuration-readidentity-oidc-key-readidentity-oidc-keys-listidentity-oidc-public-keys-readidentity-oidc-role-readidentity-oidc-roles-listidentity-oidc-token-introspectidentity-oidc-well-known-readkv2-listkv2-metadata-and-versionskv2-readkv2-read-backend-configurationkv2-undeletepki-list-certificatespki-list-issuerspki-list-rolespki-read-certificatepki-read-crlpki-read-crl-configurationpki-read-issuerpki-read-rolepki-read-root-capki-read-root-ca-chainpki-read-urlspolicies-listpolicy-readraft-auto-snapshot-config-readraft-auto-snapshot-configs-listraft-auto-snapshot-status-readraft-config-readraft-snapshot-takesecret-engine-read-configurationsecret-engine-retrieve-optionsecret-engines-listtransit-engine-encryption-key-readtransit-engine-encryption-keys-list
Change history
No changes recorded since first scan. Watched servers surface a diff within the hour.
Recommended policy
database-connection-deletedeny
database-connection-resetrequire approval
audit-device-disablerate limit
Read-only toolsallow
Full policy breakdown with enforcement rules →