Phantom Secrets Mcp
by ashlraicommunityv0.6.0
9
4
Phantom is an MCP-enabled secret management tool that replaces real API keys in .env files with local phantom tokens and injects the real keys at the network proxy layer. It also provides MCP tools for managing vault secrets, diagnostics, syncing, and team vault operations without exposing plaintext secrets to AI agents.
From the registry: Stop AI coding agents from leaking API keys. Local proxy swaps real secrets for phm_ tokens.
Install & configure
Prerequisites
- optionalInstall Phantom MCP packageInstall the MCP server package globally, or rely on npx to run it without a prior install. The README notes Phantom setup falls back to `npx -y phantom-secrets-mcp` if `phantom-mcp` is not on PATH.
https://www.npmjs.com/package/phantom-secrets-mcp$ npm install -g phantom-secrets-mcp - requiredInstall Node.js and npmNode.js/npm are required for the recommended npm/npx installation path.https://nodejs.org/'} } }
Install in your client
Paste into the AI you're chatting with — it will figure out the rest
Please install the `phantom-secrets-mcp` MCP server into my current AI client (that's you).
Required prerequisites (do these first if not already done):
- **Install Node.js and npm** — Node.js/npm are required for the recommended npm/npx installation path. (https://nodejs.org/'} } })
Optional prerequisites:
- Install Phantom MCP package — Install the MCP server package globally, or rely on npx to run it without a prior install. The README notes Phantom setup falls back to `npx -y phantom-secrets-mcp` if `phantom-mcp` is not on PATH. Run: `npm install -g phantom-secrets-mcp` (https://www.npmjs.com/package/phantom-secrets-mcp)
Canonical MCP server config (stdio transport):
- command: `npx`
- args: ["-y","phantom-secrets-mcp"]
Note: The README explicitly says the MCP server uses stdio transport. It also shows a Claude Code command `claude mcp add phantom-secrets-mcp -- npx phantom-secrets-mcp`; the canonical inner shape is `command: npx`, `args: ['-y','phantom-secrets-mcp']`. No MCP-specific environment variables are documented as required.
Add this MCP server to my current client's config in the correct format for you. If you need secrets or credentials I haven't provided, ASK me — do not invent values or leave raw placeholders. After adding it, tell me how to verify the server is connected.Note: The README explicitly says the MCP server uses stdio transport. It also shows a Claude Code command `claude mcp add phantom-secrets-mcp -- npx phantom-secrets-mcp`; the canonical inner shape is `command: npx`, `args: ['-y','phantom-secrets-mcp']`. No MCP-specific environment variables are documented as required.
Tools (24)
phantom_list_secrets
List secret names stored in the vault
phantom_status
Show proxy state, vault info, and mapped services
phantom_init
Import .env secrets into the vault and rewrite files with phantom tokens
phantom_add_secret_interactive
Add a secret interactively without exposing the value as an MCP argument
phantom_remove_secret
Remove a secret from the vault
phantom_rotate
Regenerate all phantom tokens
phantom_copy_secret
Copy a secret value to clipboard or similar
phantom_doctor
Check configuration and vault health and optionally auto-repair
phantom_why
Explain why a key is or is not protected or handled a certain way
phantom_check
Scan for unprotected secrets
phantom_env
Generate a .env.example file for onboarding
phantom_wrap
Wrap package.json scripts with phantom exec automatically
phantom_unwrap
Restore original package.json scripts
Environment variables
OPENAI_BASE_URLrequiredSet to the local Phantom proxy URL so AI tools send requests through the proxyPHANTOM_PROXY_PORTrequiredPort used by the local Phantom proxyPHANTOM_PROXY_TOKENrequiredToken used to authenticate to the Phantom proxyPHANTOM_AUDITrequiredEnables audit log features such as audit show/verifyPackages
phantom-secrets-mcp
npmv0.6.0transport: stdio
Details
- Language
- Rust
- License
- MIT
- Released
- May 10, 2026
- Last commit
- May 10, 2026
- Registry name
- io.github.ashlrai/phantom-secrets-mcp