Can I use HashiCorp Vault as a CLI?

Yes. KosmoKrator exposes a HashiCorp Vault CLI through kosmo integrations:call and the provider shortcut command. Commands can return JSON for scripts, CI, and coding agents.

Can I expose HashiCorp Vault through MCP?

Yes. The KosmoKrator MCP gateway can expose selected HashiCorp Vault tools to clients such as Claude Code, Cursor, Codex, and other MCP-compatible tools.

Where are HashiCorp Vault credentials stored?

HashiCorp Vault credentials are configured in KosmoKrator's local integration settings and reused by CLI, Lua, and MCP gateway surfaces.

Can I deny write access for HashiCorp Vault MCP tools?

Yes. Start the gateway with --write=deny for read-only clients, or use ask/allow only for trusted workspaces.

productivity

HashiCorp Vault MCP Gateway for AI Agents

Expose HashiCorp Vault tools to Claude Code, Cursor, Codex, and other MCP clients through the local KosmoKrator MCP gateway.

7 functions 5 read 2 write API token auth

Submit HashiCorp Vault feedback View package source

HashiCorp Vault MCP Gateway

Expose HashiCorp Vault to MCP clients with `kosmokrator mcp:serve --integration=vault`.

If the client has never used KosmoKrator before, install it first, then register this integration as a stdio MCP server. The gateway exposes only the selected integration in the example below.

curl -fsSL https://raw.githubusercontent.com/OpenCompanyApp/kosmokrator/main/install.sh | bash

kosmokrator mcp:gateway:install --integration=vault --write=deny --json

{
  "mcpServers": {
    "kosmokrator-vault": {
      "type": "stdio",
      "command": "kosmo",
      "args": [
        "mcp:serve",
        "--integration=vault",
        "--write=deny"
      ]
    }
  }
}

Serve Manually

kosmokrator mcp:serve --integration=vault --write=deny

MCP Tool Names

KosmoKrator exposes integration tools through the gateway with stable names:

MCP tool	Source function	Type
`integration__vault__vault_list_secrets`	`vault.vault_list_secrets`	Read `read`
`integration__vault__vault_get_secret`	`vault.vault_get_secret`	Read `read`
`integration__vault__vault_create_secret`	`vault.vault_create_secret`	Write `write`
`integration__vault__vault_delete_secret`	`vault.vault_delete_secret`	Write `write`
`integration__vault__vault_list_policies`	`vault.vault_list_policies`	Read `read`
`integration__vault__vault_get_policy`	`vault.vault_get_policy`	Read `read`
`integration__vault__vault_get_current_user`	`vault.vault_get_current_user`	Read `read`

Write Access

Start with --write=deny for read-only MCP clients. Use --write=ask or --write=allow only when the client and workspace are trusted.