I would like to use a script that I've written for interactive use in a noninteractive context, where I would prefer aws-vault exec to bail with an error message if I haven't got the key store unlocked, instead of hanging forever. Is there existing functionality that would allow that, or would you be interested in a PR implementing something like --prompt=exit?

You could specify --mfa-token=000000 for a fast failure?

That doesn't work for SSO at least:

$ aws-vault exec myprofile --mfa-token=000000000 -- echo foo
Opening the SSO authorization page in your default browser (use Ctrl-C to abort)
https://device.sso.us-west-2.amazonaws.com/?user_code=CODE