Commands

The vaulted binary ships 14 commands. Every command defaults to the project and environment pinned by the vaulted.toml discovered by walking up from the current directory, like git. The vault itself lives under VAULTED_CONFIG_DIR, default ~/.config/vaulted.

CommandDescription
vaulted initCreate the vault, a project, default environments, and vaulted.toml
vaulted unlockVerify the master password and save it for later commands
vaulted lockClear the stored master password
vaulted setAdd or update a secret
vaulted getPrint a secret value to stdout, pipeable
vaulted listList secret names, scopes, and value types
vaulted rmRemove a secret with a soft delete
vaulted importImport secrets from a dotenv file
vaulted exportReconstruct a dotenv file from an environment
vaulted runRun a command with decrypted secrets injected
vaulted projectsManage projects
vaulted envsManage environments for the current project
vaulted rotateRotate the project key and re-encrypt every secret
vaulted mcpStart the MCP stdio server

vaulted init

vaulted init [--name <project>]

Creates the encrypted SQLite vault at ~/.config/vaulted/vaulted.db if it does not exist yet, a project with development, staging, and production environments, and a vaulted.toml that pins the project and default environment for the current directory.

Prompts for a master password and saves it to the OS keychain. There is no password recovery of any kind, a lost master password means an unreadable vault.

FlagDescription
--name <project>Project name, defaults to the current directory name
cd my-app
vaulted init

vaulted unlock

vaulted unlock

Verifies the master password and saves it for later commands. The OS keychain is tried first and the password file fallback is deleted on success. Run this once before agent use, the MCP server never prompts.

No flags.

vaulted unlock

vaulted lock

vaulted lock

Clears the stored master password, both the keychain entry and the password file. Later commands fall back to VAULTED_PASSWORD or prompt again.

No flags.

vaulted lock

vaulted set

vaulted set KEY [value] [-e env] [--scope s] [--folder f]

Adds or updates a secret. When the value is omitted the CLI reads it from a hidden prompt or from stdin, so the value never lands in your shell history. Key names are letters, digits, and underscores, not starting with a digit.

FlagDescription
-e, --env <environment>Environment, defaults to the vaulted.toml default environment
--scope <scope>client, server, or shared, defaults to shared for new secrets and stays unchanged on update
--folder <folder>Folder name, created if missing
vaulted set STRIPE_KEY
vaulted set DEBUG false

vaulted get

vaulted get KEY [-e env] [--folder f]

Prints the decrypted value to stdout with nothing else on stdout, so the output is safe to pipe or capture.

FlagDescription
-e, --env <environment>Environment, defaults to the vaulted.toml default environment
--folder <folder>Folder name
vaulted get STRIPE_KEY | pbcopy

vaulted list

vaulted list [-e env] [--folder f] [--reveal]

Lists secret names, scopes, and value types, never values. With --reveal the decrypted values are included and the reveal is written to the audit log.

FlagDescription
-e, --env <environment>Environment, defaults to the vaulted.toml default environment
--folder <folder>Only secrets in this folder
--revealInclude decrypted values, audited
vaulted list --reveal

vaulted rm

vaulted rm KEY [-e env] [--folder f]

Removes a secret with a soft delete. Setting the same key again revives the deleted row.

FlagDescription
-e, --env <environment>Environment, defaults to the vaulted.toml default environment
--folder <folder>Folder name
vaulted rm OLD_API_KEY

vaulted import

vaulted import <file> [-e env] [--overwrite|--skip]

Imports secrets from a dotenv file into the vault. When a key already exists the command fails and names the collisions, unless you pick a strategy with --overwrite or --skip. Once imported, the .env file can be deleted.

FlagDescription
-e, --env <environment>Environment, defaults to the vaulted.toml default environment
--overwriteReplace secrets that already exist
--skipSkip secrets that already exist
vaulted import .env

vaulted export

vaulted export [-e env] [-o file] [--force]

Reconstructs a dotenv file from an environment. Every export is audited, and the audit entry is written before any plaintext is emitted.

FlagDescription
-e, --env <environment>Environment, defaults to the vaulted.toml default environment
-o, --output <file>Write to a file instead of stdout
--forceOverwrite an existing output file
vaulted export -e development -o .env.development

vaulted run

vaulted run [-e env] [--folder f] -- <cmd> [args...]

Runs a command with decrypted secrets injected through the hardened Rust runner. The child environment is cleared down to a 10 variable allowlist plus the injected secrets, so nothing from the parent environment leaks.

Injects server and shared scoped secrets from the root of the environment, or from one folder with --folder. The full hardening list is on the Security page.

FlagDescription
-e, --env <environment>Environment, defaults to the vaulted.toml default environment
--folder <folder>Inject secrets from this folder instead of the root
vaulted run -- npm run dev
vaulted run -e production -- ./deploy.sh

vaulted projects

vaulted projects list|create <name>

Manages projects in the vault.

SubcommandDescription
listList all projects
create <name>Create a project with the default environments
vaulted projects create api

vaulted envs

vaulted envs list|create <name>

Manages environments for the project pinned by the current directory's vaulted.toml.

SubcommandDescription
listList environments, the vaulted.toml default is marked with *
create <name>Create an environment in the current project
vaulted envs create preview

vaulted rotate

vaulted rotate

Rotates the project key and re-encrypts every secret. The swap happens in a single transaction, partial failure rolls back completely, and the rotation lands in the audit trail.

No flags.

vaulted rotate

vaulted mcp

vaulted mcp

Starts the MCP stdio server for Claude Code, Cursor, Codex, Zed, OpenCode, and Claude Desktop. Five tools, four read-only and one destructive, all documented on the MCP page. Run vaulted unlock once beforehand, the server never prompts for a password.

No flags.

claude mcp add vaulted -- vaulted mcp
PreviousQuickstart
NextMCP