mcp-safe-run

MCP Safe Run acts as a secure launcher that lets you run your existing MCP servers without embedding secrets in their configuration files. It centralizes secret management and retrieves sensitive values at runtime, so your MCP server configurations remain clean and portable. To use it, first install the launcher (via the provided release) and then use the launcher commands to initialize secrets, start the launcher, and run your configured MCP servers. The launcher supports commands to start the service, add secrets, and execute a specific server setup. You can specify server configurations by name and pass the appropriate runtime secrets through environment variables or the launcher’s secret store. This makes it easier to manage multiple MCP servers across environments without duplicating sensitive data.

Prerequisites:

• Node.js and npm (at least v14 or later)
• Access to download the mcp-secure-launcher release

Step-by-step:

1. Download the latest mcp-secure-launcher release ZIP from the repository releases page.
2. Extract the ZIP to a desired directory.
3. Open a terminal and navigate to the extracted folder. If the installer is an executable, run it according to your OS (on Windows/macOS/Linux, as provided by the release).
4. Verify installation by running the launcher version command, for example: mcp-secure-launcher --version
5. If asked, install any required dependencies (npm packages) that come with the release.
6. Configure your servers (see the Configuration section) and start using the launcher: mcp-secure-launcher start

Tips and notes:

• Secrets can be supplied via environment variables or through the launcher’s secret store; avoid placing them directly in MCP server config files.
• Ensure the launcher has access to any resources or endpoints required by your MCP servers in your network environment.
• The configuration example in the README uses a sample structure; adapt server names and secrets to your setup.
• If you encounter issues, check that the launcher binary is in your PATH or invoke it via its local path. Ensure your Node.js/npm versions are compatible with the release.
• Cross-platform compatibility is supported, but installation steps may vary slightly depending on OS and how the provided release is packaged.