1Password MCP
MCP server for 1Password service accounts — vault and credential management via tools, prompts, and resources
Score Breakdown
Server Info
- Package
- @takescake/1password-mcp
- Registry
- npm
- Repository
- CakeRepository/1Password-MCP
- Maintainer
- Community
- Category
- Identity & Auth
- Tags
- secretspasswordsvaults
- Last Scanned
- 7 Apr 2026
Findings
4 issuesAuthentication & Identity
HIGHNo per-request auth - requires instance-per-user
Stdio-only transport. Auth via OP_SERVICE_ACCOUNT_TOKEN env var or --service-account-token CLI arg. Uses 1Password SDK service account model. No HTTP/SSE transport, no MCP OAuth. For multi-tenant deployment, the platform must spawn a separate server instance per user.
Add HTTP/SSE transport to accept per-request Authorization headers, or implement the MCP OAuth spec.
Data Exposure
LOWNo field selection on responses
Responses return full records rather than projected fields.
Implement field selection to return only relevant fields.
Maintenance & Trust
LOWCommunity-maintained by CakeRepository (takescake)
No official vendor backing.
Seek vendor verification.
MEDIUM6 dependency vulnerabilities (5 high)
npm audit found 5 high severity CVEs.
Update vulnerable dependencies.
Tools
8 total| Name | Description | Risk |
|---|---|---|
| vault_list | List all 1Password vaults accessible to the service account. Returns vault IDs, names, descriptions, and types. | read |
| item_lookup | Search for items within a 1Password vault by title substring. Returns item IDs, titles, categories, and vault IDs. | read |
| item_delete | Permanently delete an item from a 1Password vault. This action cannot be undone. | admin |
| password_create | Create a new password/login item in a 1Password vault with optional username, URL, tags, and notes. | write |
| password_read | Retrieve a secret from 1Password using either a secret reference (op://vault/item/field) or vault ID + item ID. Supports field selection and optional value reveal. | read |
| password_update | Update (rotate) a password or concealed field on an existing 1Password item. If the target field does not exist, it will be created. | write |
| password_generate | Generate a cryptographically secure random password with configurable length and character types. Uses rejection sampling for unbiased randomness. | read |
| password_generate_memorable | Generate a memorable passphrase from random dictionary words with optional number and symbol suffixes. Uses a ~500-word curated list for good entropy. | read |
Deploy 1Password MCP securely
CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.
Deploy on CompleteFlow