Skip to main content
Generaldvcrn

mema-vault

Secure credential manager using AES-256 (Fernet) encryption. Stores, retrieves, and rotates secrets using a mandatory Master Key. Use for managing API keys, database credentials, and other sensitive tokens.

Stars
15
Source
dvcrn/openclaw-skills-marketplace
Updated
2026-05-29
Slug
dvcrn--openclaw-skills-marketplace--mema-vault
View on GitHubRaw SKILL.md

// install — copy + paste into any project

mkdir -p .claude/skills && curl -fsSL https://raw.githubusercontent.com/dvcrn/openclaw-skills-marketplace/HEAD/plugins/1999azzar--mema-vault/skills/mema-vault/SKILL.md -o .claude/skills/mema-vault.md

Drops the SKILL.md into .claude/skills/mema-vault.md. Works with Claude Code, Cursor, and any agent that loads SKILL.md files from .claude/skills/.

Mema Vault

Prerequisites

  • Master Key: Must be set as an environment variable MEMA_VAULT_MASTER_KEY.
  • Dependencies: Requires cryptography Python package.

Core Workflows

1. Store a Secret

Encrypt and save a new credential.

  • Usage: python3 $WORKSPACE/skills/mema-vault/scripts/vault.py set <service> <user> <password> [--meta "info"]

2. Retrieve a Secret

Fetch a credential. By default, the password is masked in output.

  • Usage: python3 $WORKSPACE/skills/mema-vault/scripts/vault.py get <service>
  • Show Raw: Use --show flag only when required for secure injection.

3. List Credentials

  • Usage: python3 $WORKSPACE/skills/mema-vault/scripts/vault.py list

Security Standards

  • Encryption: AES-256 CBC via PBKDF2HMAC (480,000 iterations).
  • Masking: Secrets are masked in standard logs/output unless explicitly requested.
  • Isolation: The Master Key should never be stored in plaintext on disk.