CertLocker: DevOps control plane for secrets and MCP agent access
CertLocker is a DevOps control plane that manages secrets, tokens, and MCP (Model Context Protocol) agent access. It replaces shared .env files with scoped tokens, enabling secure, role-based access for teams using LLM agents like Claude. The product solves the problem of managing credentials and access for distributed teams working on real client automation tasks.
Entities
Related
CertLocker: DevOps control plane for secrets and MCP agent access
CertLocker is a DevOps control plane that manages secrets, tokens, and MCP (Model Context Protocol) agent access. It replaces .env files with a tokenized MCP approach, enabling secure, role-based access for LLM agents like Claude. The product targets agencies and teams using LLM agents for client work, solving the problem of managing credentials and access across distributed staff and contractors.
AI coding agent creates real cloud infra behind dry-run + confirm
An MCP tool plugin for AI coding agents (Claude Code, Cursor) that provisions real cloud infrastructure (databases, auth, storage, hosting) on the user's cloud account. The agent creates projects, wires keys, and writes integration code, but requires a dry-run preview and explicit confirmation before any paid resource is created. Solves the trust and cost-control problem of letting AI directly manage cloud resources.
AgentPump: MCP server giving Claude a Solana wallet for on-chain transactions
AgentPump is an open-source MCP server that equips Claude with a real Solana wallet, enabling it to find, launch, buy, and sell tokens via plain chat commands. The private key is generated locally and never leaves the machine, ensuring security. It solves the problem of executing on-chain transactions through natural language interaction with an LLM.
agentsweep CLI scans AI coding agent history files for leaked secrets
A new open-source CLI tool called agentsweep scans history files of AI coding agents (Codex, Cursor, Claude Code, Cline, Aider) for plaintext secrets like API keys, DB URLs, and crypto seed phrases. It uses ~191 detection rules from gitleaks plus a dedicated BIP-39 seed phrase detector, addressing a security risk where pasted secrets persist in agent context and can be re-exposed.
MCP's OAuth scoping undermined by static API key proxies
A developer reports that many agent CLIs still store static API keys in environment variables, creating a large blast radius if leaked. The Model Context Protocol (MCP) aims to fix this with scoped OAuth consent per tool, but half of the servers examined simply proxy a static key, defeating the purpose.


