Getting Started with secretctl

secretctl is the simplest AI-ready secrets manager. It provides secure, local-first credential management with native support for AI agent integration via MCP (Model Context Protocol).

Choose Your Path

For Developers

Integrate with Claude Code, automate CI/CD, use MCP for AI-safe secret access.

• MCP server setup
• Claude Code integration
• Environment injection
• API automation

Developer Guide →

For General Users

Simple, secure password management with the Desktop App or basic CLI.

• Desktop App setup
• Password organization
• Backup and restore
• No technical knowledge required

User Guide →

Why secretctl?

• Local-first: Your secrets never leave your machine
• AI-ready: Built-in MCP server with AI-Safe Access (AI agents never see plaintext)
• Simple: Single binary, no server required
• Secure: AES-256-GCM encryption with Argon2id key derivation

Quick Links

• Installation - Install secretctl on your system
• Quick Start - Create your first secret in 5 minutes
• Core Concepts - Understand vaults, secrets, and encryption

Quick Start (5 minutes)

Option 1: Desktop App

1. Download from GitHub Releases
2. Open the app and create your vault
3. Start managing secrets visually

Continue with Desktop Guide →

Option 2: CLI

# Download and install
curl -LO https://github.com/forest6511/secretctl/releases/latest/download/secretctl-darwin-arm64
chmod +x secretctl-darwin-arm64
sudo mv secretctl-darwin-arm64 /usr/local/bin/secretctl

# Initialize vault
secretctl init

# Add your first secret
echo "sk-..." | secretctl set OPENAI_API_KEY

Continue with CLI Guide →

Option 3: AI/MCP Integration

{
  "mcpServers": {
    "secretctl": {
      "command": "secretctl",
      "args": ["mcp-server"],
      "env": {
        "SECRETCTL_PASSWORD": "your-master-password"
      }
    }
  }
}

Continue with MCP Guide →