The plaintext storage problem is real, but migrating to a secrets manager still leaves agents carrying long-lived tokens they don't need. Even if the key isn't in a config file, the agent has it in memory for the duration of the session.
The pattern that actually closes the gap: issue short-lived scoped tokens at request time, never hand the real key to the agent at all. The agent gets a proxy credential that expires after the session. If it leaks, it's already stale. We wrote up the full implementation here: https://apistronghold.com/blog/phantom-token-pattern-product...
53% of MCP servers store API keys as plaintext in config files.
They get committed to git, shared across machines, exposed in breaches.
MCPGuard is a local-first CLI that:
- Scans your MCP configs for plaintext credentials
- Migrates them to your OS keychain (macOS/Linux/Windows)
- Replaces values with mcpguard:// references
- Injects credentials at runtime — never on disk
One command to audit, one to migrate. No cloud, no account, free and open source.
The plaintext storage problem is real, but migrating to a secrets manager still leaves agents carrying long-lived tokens they don't need. Even if the key isn't in a config file, the agent has it in memory for the duration of the session.
The pattern that actually closes the gap: issue short-lived scoped tokens at request time, never hand the real key to the agent at all. The agent gets a proxy credential that expires after the session. If it leaks, it's already stale. We wrote up the full implementation here: https://apistronghold.com/blog/phantom-token-pattern-product...
53% of MCP servers store API keys as plaintext in config files. They get committed to git, shared across machines, exposed in breaches.
MCPGuard is a local-first CLI that: - Scans your MCP configs for plaintext credentials - Migrates them to your OS keychain (macOS/Linux/Windows) - Replaces values with mcpguard:// references - Injects credentials at runtime — never on disk
One command to audit, one to migrate. No cloud, no account, free and open source.