1Password MCP Server (Environments)
Official 1Password MCP server that lets MCP clients manage 1Password Environments without exposing secret values to the agent.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for 1Password MCP Server (Environments), derived from its capabilities.
AIVSS 5.4 ยท Medium
View MAESTRO 7-layer threat model โOverview
1Password's official MCP server (beta) bridges MCP clients like Codex and Kiro to 1Password Environments so agents can manage configuration and secrets references with secure authorization prompts, without ever revealing secret values to the model. It is designed around the principle of keeping secrets out of the agent's context. This is a deliberately hardened design for the credential-exposure risk inherent to secrets MCPs.
Key features
- Manage 1Password Environments from MCP clients
- Secrets never exposed to the agent
- Secure per-action authorization prompts
Use cases
- Provide app config to an agent without leaking secrets
- Manage environment secrets from Codex or Kiro