Holster MCP
FreeNot checkedLocal-first secret scanning, rotation, vault, and audit-log tools for AI agents.
About
Local-first secret scanning, rotation, vault, and audit-log tools for AI agents.
README
Local-first API key manager for AI developers.
Install
macOS Apple Silicon (M-series)
- Download
holster-cli-macos-arm64.tar.gz+.sha256from the latest release: https://github.com/nauta-ai/holster/releases/latest - Extract:
tar xzf holster-cli-macos-arm64.tar.gz - Verify:
shasum -a 256 -c holster-cli-macos-arm64.tar.gz.sha256 - Install:
sudo mv holster-cli /usr/local/bin/ - If macOS blocks first run:
xattr -d com.apple.quarantine /usr/local/bin/holster-cli - Verify:
holster-cli --version
macOS Intel (x86_64, since v0.7.0)
- Download
holster-cli-macos-x86_64.tar.gz+.sha256from the latest release. - Same extract / verify / install steps as above.
Linux x86_64
- Download
holster-cli-linux-x86_64.tar.gz+.sha256from the latest release. - Extract:
tar xzf holster-cli-linux-x86_64.tar.gz - Verify:
shasum -a 256 -c holster-cli-linux-x86_64.tar.gz.sha256 - Install:
sudo mv holster-cli /usr/local/bin/ - Verify:
holster-cli --version
Password handling on Linux: macOS Keychain is not available. Use --password-env <ENV_NAME> to read the vault password from an environment variable, or --password-stdin to pipe it via stdin.
Windows x86_64 (since v0.7.0)
- Download
holster-cli-windows-x86_64.zip+.sha256from the latest release. - Verify: in PowerShell,
(Get-FileHash -Algorithm SHA256 holster-cli-windows-x86_64.zip).Hashshould match the value in the.sha256file. - Extract:
Expand-Archive holster-cli-windows-x86_64.zip -DestinationPath . - Move
holster-cli.exesomewhere on$env:Path(e.g.C:\Users\<you>\bin\after adding that folder to PATH). - Verify:
holster-cli.exe --version
Password handling on Windows: macOS Keychain is not available. Use --password-env <ENV_NAME> or --password-stdin.
Rotating the master password (since v0.7.0)
Holster lets you change the vault's master password without re-creating the vault or losing entries:
holster-cli rotate-master /path/to/vault
# Prompts for OLD master, then NEW master twice (confirm)
This re-encrypts every entry under the new master and regenerates the vault salt under a single SQLite transaction. If the rotation fails or is interrupted, the vault remains intact under the old master.
If you cache the master password in macOS Keychain (common for daemon usage), pass --keychain-update SERVICE,ACCOUNT to update the cached entry in the same command:
holster-cli rotate-master /path/to/vault \
--keychain-update holster-personas-vault,admin
For unattended / scripted rotation:
# OLD pw from Keychain, NEW pw from env
holster-cli rotate-master /path/to/vault \
--old-password-keychain-service holster-personas-vault \
--old-password-keychain-account admin \
--new-password-env NEW_HOLSTER_MASTER
# Both from stdin (one line each, OLD first then NEW)
printf '%s\n%s\n' "$OLD_PW" "$NEW_PW" | \
holster-cli rotate-master /path/to/vault \
--old-password-stdin --new-password-stdin
Rotate the master password:
- After any suspected credential exposure
- After a team member who knew the master leaves
- Quarterly as routine hygiene
- Whenever the master appears in plaintext somewhere (logs, configs, transcripts)
Password sources (since v0.7.0)
get, add, rotate-master, and exec-env now accept the master password from multiple sources. Precedence (first non-None wins):
--password-env <NAME>— read from an environment variable--password-stdin— read first line of stdin--password-keychain-service <SVC> [--password-keychain-account <ACCT>]— macOS Keychain- Interactive TTY prompt (fallback)
This makes Holster scriptable from CI, launchd, systemd, and daemon contexts without requiring an interactive TTY.
Documentation
Read docs/framework/00_README.md to start.
holster guard
holster guard . preflights a repo before you run an AI agent against it or share/commit it. It prints a local RUN verdict, a SHARE verdict, and a ranked fix list without exposing raw secret values.
RUN VERDICT: CAUTION
SHARE VERDICT: RISKY
Why:
1. [SHARE/RISK] OPENAI_API_KEY in .env.local:3
2. [SHARE/RISK] .env.local not gitignored — will be committed
3. [RUN/CAUTION] MCP server "cursor" inherits full shell environment
Fix order:
1. Add .env.local and *.pem to .gitignore
2. Move live keys into the Holster vault (holster add ...)
3. Pin or approve the MCP wrapper command
For a redacted report that is safe to paste into a review thread:
holster guard . --share-report holster-guard-report.md
Status
v0.7.0 — early access. Holster includes the local vault CLI, rotate-master, scriptable password sources, Windows/macOS-x86_64 builds, and early holster guard preflight checks. Vault crate stable since M1.
Install Holster MCP in Claude Desktop, Claude Code & Cursor
unyly install holster-mcpInstalls into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.
First time? Get the CLI: curl -fsSL https://unyly.org/install | sh
Or configure manually
Run in your terminal:
claude mcp add holster-mcp -- uvx holster-mcpFAQ
Is Holster MCP MCP free?
Yes, Holster MCP MCP is free — one-click install via Unyly at no cost.
Does Holster MCP need an API key?
No, Holster MCP runs without API keys or environment variables.
Is Holster MCP hosted or self-hosted?
Self-hosted: the server runs locally on your machine via the install command above.
How do I install Holster MCP in Claude Desktop, Claude Code or Cursor?
Open Holster MCP on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
by modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
by xuzexin-hzCompare Holster MCP with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All ai MCPs
