A secure local MCP server for managing API keys with user approval
SecretButler provides a secure way to manage and share API keys with MCP clients like Claude Desktop and Cursor. It runs as a local server with a native GUI that requires explicit user approval before sharing any secrets.
- π Secure: Stores API keys locally in
~/.secretbutler.toml - π€ User-controlled: GUI popup requires explicit approval for each request
- π MCP compatible: Works with any MCP client
- βοΈ Easy setup: Simple TOML configuration
- π Native macOS: Uses native macOS GUI components
Add to your MCP client configuration:
{
"mcpServers": {
"SecretButler": {
"command": "uvx",
"args": ["secretbutler"],
"env": {
"CLIENT_NAME": "Claude"
}
}
}
}On first run, SecretButler creates ~/.secretbutler.toml:
[secrets]
OPENAI_API_KEY = "sk-..."
ANTHROPIC_API_KEY = "sk-ant-..."
HF_API_KEY = "hf_..."Simply edit this file to add your API keys.
| Tool | Description |
|---|---|
list_secrets() |
Returns available secret names (no approval needed) |
request_secrets(secret_names, client_name) |
Request specific secrets with user approval |
- β Secrets stored locally only
- β No sharing without explicit approval
- β Clear approval dialogs show requested secrets and client
- β Foreground GUI prevents unauthorized access
MIT License