Aegis

Name: Aegis
Author: getaegis

by getaegiscommunityv1.0.1

Aegis is a local-first credential isolation proxy for AI agents that injects secrets at the network boundary, preventing agents from seeing or transmitting real credentials.

From the registry: Credential isolation for AI agents. Inject secrets at the network boundary.

GitHub Repository

Install & configure

Prerequisites

required
Install Node.js 20+
Required for the @getaegis/cli package.
https://nodejs.org
required
Initialize the Aegis vault
Run `aegis init` once to create the encrypted vault and store the master key in the OS keychain.
```
$ npx -y @getaegis/cli init
```
https://github.com/getaegis/aegis
required
Add credentials and agent grants
Use `aegis vault add` and `aegis agent add/grant` to enroll services before the MCP server can inject them.
https://github.com/getaegis/aegis

Install in your client

Paste into the AI you're chatting with — it will figure out the rest

Please install the `aegis-getaegis` MCP server into my current AI client (that's you).

Required prerequisites (do these first if not already done):
- **Install Node.js 20+** — Required for the @getaegis/cli package. (https://nodejs.org)
- **Initialize the Aegis vault** — Run `aegis init` once to create the encrypted vault and store the master key in the OS keychain. Run: `npx -y @getaegis/cli init` (https://github.com/getaegis/aegis)
- **Add credentials and agent grants** — Use `aegis vault add` and `aegis agent add/grant` to enroll services before the MCP server can inject them. (https://github.com/getaegis/aegis)

Canonical MCP server config (stdio transport):
- command: `npx`
- args: ["-y","@getaegis/cli","mcp","serve"]

Note: Aegis injects credentials at the network boundary so the agent never sees raw API keys. Exposes `aegis_proxy_request`, `aegis_list_services`, and `aegis_health` tools.

Add this MCP server to my current client's config in the correct format for you. If you need secrets or credentials I haven't provided, ASK me — do not invent values or leave raw placeholders. After adding it, tell me how to verify the server is connected.

Note: Aegis injects credentials at the network boundary so the agent never sees raw API keys. Exposes `aegis_proxy_request`, `aegis_list_services`, and `aegis_health` tools.