How to Use the Aikido Security MCP in VS Code Copilot

Q: Can VS Code Copilot show me open vulnerabilities from Aikido Security?

Yes, Copilot can call listopenissues to list all vulnerabilities, filtering them by team or repository. You can then ask Copilot to explain the risks and suggest fixes.

Q: How do I verify my webhooks using Aikido Security and VS Code Copilot?

Run listwebhooks in the Copilot chat to check your active notification integrations. This lets you troubleshoot why security alerts aren't reaching your Slack or Jira channels.

Track security issues and compliance frameworks directly inside VS Code Copilot for team-wide security workflows.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect Aikido Security MCP to VS Code Copilot

Create your Vinkius account to connect Aikido Security to VS Code Copilot and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup Aikido Security with VS Code Copilot

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Share security tools across teams with this MCP Server

`list_teams` and `list_users` allow VS Code Copilot to map your organization's security responsibilities directly within your shared workspace. The tools show who owns which repositories and who has access to specific security workflows. By committing the server configuration to your project's .vscode folder, every developer on your team gets instant access to these tools. This coordinates your security efforts without individual setup headaches.

Monitor compliance frameworks inside VS Code Copilot

`get_soc2_compliance` and `get_iso_compliance` fetch your real-time audit status directly into the Copilot chat window. The tools show which trust criteria are passing and which require immediate developer attention. Your engineering team can quickly identify failing controls and ask Copilot to generate the necessary configuration files or code changes to pass the audit. This keeps your compliance efforts integrated with your daily coding.

Audit your cloud attack surface in the editor

`list_cloud_assets` and `list_connected_clouds` query your active infrastructure environments directly from VS Code Copilot. The tools list your cloud accounts, virtual machines, and potential misconfigurations. Developers can use `list_virtual_machines` to verify if newly provisioned instances are properly monitored by your security suite. This prevents shadow IT and unmonitored cloud resources from slipping into production.

Setup guide

Set up Aikido Security MCP in VS Code Copilot

Prerequisites

VS Code 1.99 or later with GitHub Copilot extension
Active Vinkius subscription with a valid endpoint token

1

Open MCP configuration

Open the Command Palette (Cmd+Shift+P / Ctrl+Shift+P) and run "MCP: Add Server". Select HTTP (Streamable) as the server type. VS Code will create .vscode/mcp.json in your workspace.
2

Add the Aikido Security MCP

Paste the JSON snippet shown on the right into your .vscode/mcp.json. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com.
3

Switch to Agent mode

Open Copilot Chat (Cmd+Shift+I / Ctrl+Shift+I) and switch to Agent mode using the dropdown. MCP tools are only available in Agent mode — they do not appear in Edit or Ask modes.
4

Verify the connection

In the Copilot Chat input, type # to list available tools. You should see the Aikido Security tools listed. Try asking: "List my recent Aikido Security transactions" and Copilot will invoke them automatically.

.vscode/mcp.json

{
  "mcpServers": {
    "aikido-security-mcp": {
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Aikido Security. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect Aikido Security now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about Aikido Security MCP in VS Code Copilot

Create a project's MCP configuration file in your repository root and add the server configuration. When team members open the project in VS Code, Copilot automatically loads the security tools.

Yes, Copilot can call `list_open_issues` to list all vulnerabilities, filtering them by team or repository. You can then ask Copilot to explain the risks and suggest fixes.

Run `list_webhooks` in the Copilot chat to check your active notification integrations. This lets you troubleshoot why security alerts aren't reaching your Slack or Jira channels.

Yes, team-wide configuration and advanced agent tools require VS Code version 1.96 or higher along with the GitHub Copilot MCP setup.

Your API tokens and vulnerability records are kept safe by storing your keys in your local environment variables or secure user settings. They are never committed to your repository or shared with external servers during MCP execution.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript