When we launched 0nMCP v2.0, we had 558 tools across 26 services. Impressive, but every API call still passed raw credentials through the AI conversation context.
Version 2.4 changes everything with the Zero-Knowledge Capability Proxy.
Every API call now routes through a credential-wiping proxy. Your Stripe secret key, CRM PIT tokens, GitHub PATs — the AI never sees them. The proxy maintains credentials in a secure vault, injects them at the HTTP layer, and strips them from responses before they return to the model context.
This matters because MCP servers inherently trust the AI with credential access. Most MCP implementations pass API keys directly in tool call parameters. That means your secrets live in conversation history, training data, and server logs.
0nMCP takes a different approach: capability-based access. The AI has the capability to call Stripe, but never sees the key. Like a valet who can drive your car but never gets a copy of the key.
Along the way, we added 6 new services (Cloudflare, GoDaddy, n8n, Pabbly, Make, Whimsical), bringing the total to 54 services, 870+ tools, and 1,142 total capabilities.
The Zero-Knowledge Proxy is open source. Install 0nmcp, connect your services, and every tool call is credential-safe by default.