Summary
This is a secrets management server that gives Claude secure access to credentials without exposing them directly. It stores sensitive data encrypted at rest and uses time-limited leases so credentials automatically expire after use. The CRP (Credential Rotation Protocol) support means it can handle rotating secrets, which is critical for production environments. You'd reach for this when your AI workflows need to authenticate against APIs or databases but you don't want to hardcode credentials in prompts or configuration files. Think of it as a vault layer between Claude and your actual secrets, similar to how you might use HashiCorp Vault in a traditional application stack.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Configuration
SANCTUM_VAULT_PATHPath to the SanctumAI vault directory. Defaults to ~/.sanctum
SANCTUM_PASSPHRASEsecretVault passphrase for automated/headless operation. If not set, the vault must be unlocked interactively or via the web UI.
Registryactive
Package@sanctumai/mcp-server
TransportSTDIO
AuthRequired
UpdatedFeb 14, 2026