Vaulty
A cloud vault for your sensitive data (WhatsApp, iMessage, Contacts...) accessible by agents via a REST API. Encrypted E2E.
What is Vaulty?
Vaulty is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to cloud vault for your sensitive data (whatsapp, imessage, contacts...) accessible by agents via a rest api. encrypted e2e.
A cloud vault for your sensitive data (WhatsApp, iMessage, Contacts...) accessible by agents via a REST API. Encrypted E2E.
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- A cloud vault for your sensitive data (WhatsApp, iMessage, C
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx vaultyConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Vaulty
Vaulty is an end-to-end encrypted cloud vault that makes personal data from Apple Messages, WhatsApp, Contacts, Notes, Reminders, Screenshots, and GPS locations accessible to AI agents through a REST API. Data is encrypted client-side before it leaves your device, and access is controlled by scoped bearer tokens with a prefix of 'vault_' so you can grant an agent access to contacts without exposing your message history. The system consists of a self-hosted or Vercel-deployed Next.js server, a macOS desktop app for data ingestion, and an MCP bridge that Claude and other agents call through standard HTTP.
Prerequisites
- macOS for the desktop ingestion app (downloads available on GitHub Releases)
- A server deployment: Vercel account for hosted deployment, or Docker for self-hosting
- Node.js 18 or later if running the server locally from source
- Claude Desktop or another MCP-compatible client for agent access
Deploy the Vaulty server
Deploy the Next.js backend to Vercel with one click, or self-host with Docker. The server handles encrypted storage and the REST API that agents query.
# Self-hosted with Docker:
git clone https://github.com/felipap/vaulty.git
cd vaulty/server
docker build -t vaulty-server .
docker run -p 3000:3000 vaulty-server
# Or consult server/README.md for environment variablesDownload and configure the macOS desktop app
Download the latest macOS release from the GitHub Releases page. On first launch, enter your server URL. The app syncs your Apple Messages, WhatsApp, Contacts, and other data sources to the vault on a schedule.
Set your encryption passphrase
During initial setup in the desktop app, configure your encryption passphrase. This key encrypts all data before it leaves your machine. Store it securely — it cannot be recovered if lost.
Create a scoped access token
In the Vaulty dashboard, create a bearer token for your AI agent. Tokens begin with 'vault_' and can be scoped to specific data types (e.g., contacts only, messages only).
Configure Claude Desktop to call the Vaulty API
Add the Vaulty MCP server configuration to claude_desktop_config.json, passing your server URL and the scoped access token.
{
"mcpServers": {
"vaulty": {
"command": "npx",
"args": ["vaulty"],
"env": {
"VAULTY_SERVER_URL": "https://your-vaulty-server.vercel.app",
"VAULTY_TOKEN": "vault_your_token_here"
}
}
}
}Vaulty Examples
Client configuration
Claude Desktop configuration connecting to a self-hosted Vaulty instance with a scoped bearer token.
{
"mcpServers": {
"vaulty": {
"command": "npx",
"args": ["vaulty"],
"env": {
"VAULTY_SERVER_URL": "https://your-vaulty-instance.example.com",
"VAULTY_TOKEN": "vault_YOUR_SCOPED_TOKEN"
}
}
}
}Prompts to try
Once Vaulty is connected, these prompts demonstrate how agents can securely access personal data.
- "Look up John Smith in my contacts and give me his phone number and email."
- "Summarize my last 20 iMessages with my partner from the past week."
- "Show me the screenshot I took in the last hour and describe what's on screen."Troubleshooting Vaulty
API returns 401 Unauthorized
Check that VAULTY_TOKEN starts with 'vault_' and matches a token created in the Vaulty dashboard. Tokens may have scope restrictions — ensure the token has permission for the data type you are querying.
No data returned from messages or contacts endpoints
The macOS desktop app must be running and have completed at least one sync cycle. Open the app and check the sync status indicator. Grant the app Full Disk Access and Contacts permissions in macOS System Settings > Privacy & Security if prompted.
Self-hosted server fails to start with missing environment variables
Review server/README.md for the complete list of required environment variables. At minimum the server needs database connection details and an encryption configuration. Copy .env.example to .env in the server directory and populate all required fields.
Frequently Asked Questions about Vaulty
What is Vaulty?
Vaulty is a Model Context Protocol (MCP) server that cloud vault for your sensitive data (whatsapp, imessage, contacts...) accessible by agents via a rest api. encrypted e2e. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Vaulty?
Follow the installation instructions on the Vaulty GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Vaulty?
Vaulty works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Vaulty free to use?
Yes, Vaulty is open source and available under the MIT license. You can use it freely in both personal and commercial projects.
Vaulty Alternatives — Similar Security Servers
Looking for alternatives to Vaulty? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Vaulty in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Vaulty?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.