VaultBase exposes 27 MCP tools for vault reads, writes, decision traces, intelligence, and admin. Agents get the same permission system as humans — scoped to their role, loaded with org context, and able to write back what they learn.
VaultBase implements the Model Context Protocol with a comprehensive tool surface. Agents can read and search the vault, create and query decision traces, run intelligence reports, manage admin tasks, and generate briefings — all through structured MCP calls.
vault_read, vault_search, vault_list, vault_learn, vault_update_doc, vault_read_context, vault_tag, vault_move
trace_create, trace_find_precedent, trace_update_status, trace_list, trace_get, trace_link
intel_knowledge_gaps, intel_stale_refs, intel_pending_outcomes, intel_briefing, intel_consistency_check
admin_users, admin_roles, admin_groups, admin_audit_log, admin_permissions
briefing_generate, briefing_skill_file, briefing_context_stack
Every agent briefing loads context at three levels: organization, team, and individual. The org level defines company-wide standards and preferences. The team level adds domain-specific context. The individual level personalizes for the specific user the agent is acting for.
This means an agent working for an engineer on the platform team gets different context than one working for a product manager on the growth team — automatically, without prompt engineering.
Agents inherit the permissions of the user they represent. The same RBAC rules that control human access — folder scoping, tag restrictions, deny rules, group inheritance — apply to every MCP tool call. An agent with an engineering-read role cannot access sales documents.
API keys use a vk_ prefix and are SHA-256 hashed at rest. You can issue multiple keys per user for different agent roles — one for Claude Code, another for a CI pipeline, each with distinct permissions.
Agents aren't read-only. vault_learn() lets an agent add new knowledge to the vault. vault_update_doc() lets it revise existing documents. Both respect permissions and create proper revision history.
The /skill.md endpoint generates a single-file onboarding packet scoped to the agent's role. It bundles identity context, relevant precedent decisions, and the tool surface into one file that any MCP-compatible client can consume.
Instead of waiting for agents to ask the right questions, VaultBase pushes context to them. A briefing includes: pending decision outcomes that need follow-up, stale references where cited documents have been revised, knowledge gaps identified from failed searches, and recent traces relevant to the agent's domain.
This turns agents from passive responders into proactive participants. They can flag that a decision from last month needs a status update, or that a policy they're citing has been revised since the last trace.
Claude Code
Plugin + MCP
Cursor
MCP integration
Any MCP Client
Standard protocol
Agents that know your org. The identity stack means agents don't start from zero. They know your company's standards, your team's practices, and your personal focus areas. Every response is grounded in real organizational context.
Security by default. Agents get the same RBAC as humans. No separate permission model to maintain, no risk of agents accessing documents their user can't see. Deny rules propagate to every tool call.
Agents that learn. Write-back means agents can capture knowledge as they work. An agent that resolves an incident can document the resolution. An agent that researches a vendor can save its findings. The vault grows with use.
One protocol, many clients. MCP is an open standard. VaultBase works with Claude Code today and any MCP-compatible client tomorrow. No proprietary SDK, no vendor lock-in on the agent side.
Free. Works offline. No account needed.
Open source. AGPL-3.0. Plain markdown files. Export anytime.