How to Use the Black Duck (Synopsys) MCP in CrewAI

Q: How do I add Black Duck (Synopsys) to a CrewAI agent?

Pass the Vinkius MCP endpoint URL directly into the mcps array when initializing your specialized security agents.

Q: Can multiple CrewAI agents share the Black Duck (Synopsys) tools?

Yes. You can expose tools like getvulnerabilitydetails to your analyst agent while leaving listprojects to your manager agent.

Q: How do I limit which Black Duck (Synopsys) tools a CrewAI agent can use?

Use MCPServerHTTP from crewai.mcp and apply a toolfilter to expose only specific tools like listcodelocations.

Q: Does this integration support complex multi-agent handoffs?

Yes. An auditor agent can run searchprojects and hand the results to a patcher agent to resolve vulnerabilities.

Deploy a crew of specialized CrewAI agents to audit, track, and patch Black Duck security issues autonomously.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect Black Duck (Synopsys) MCP to CrewAI

Create your Vinkius account to connect Black Duck (Synopsys) to CrewAI and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup Black Duck (Synopsys) with CrewAI

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Multi-Agent Security Triage via MCP Server

This MCP Server provides the tools your agent crew needs to coordinate complex security reviews, including `list_projects` to monitor inventory. You can assign one agent to watch your inventory while another assesses risk. When a new project is found, the monitoring agent passes the ID to a security analyst agent. That analyst then runs `list_vulnerabilities` to compile a report without human intervention.

Autonomous Compliance Verification

Your compliance agent can verify policy rules using `list_policy_rules` and compare them against active code scans. This keeps your production builds aligned with security requirements automatically. By calling `get_bom_status`, the agent verifies that the Bill of Materials is fully calculated before starting a release audit. If the status is pending, the crew pauses until it completes.

Targeted Code Location Mapping

Give your developer agent access to `list_code_locations` to find the exact repository paths containing security vulnerabilities. This eliminates the guesswork when fixing deep dependency trees. You configure this by passing the Vinkius MCP URL inside the `mcps` list of your CrewAI agent. For fine-grained control, use `MCPServerHTTP` with a `tool_filter` to limit access to sensitive tools like `list_users`.

Setup guide

Set up Black Duck (Synopsys) MCP in CrewAI

Prerequisites

Python 3.10+ installed
crewai package (pip install crewai)
Active Vinkius subscription with a valid endpoint token

1

Install CrewAI
Run pip install crewai to install the framework. MCP support is built-in via the mcps parameter.
2

Add the MCP URL to your agent
Pass your Vinkius endpoint directly to the mcps list. Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com. CrewAI handles tool discovery and caching automatically.
3

Kick off your crew
Create a Crew with your agent and tasks. Call crew.kickoff() — the agent will automatically invoke Black Duck (Synopsys) tools as needed.

crew.py

from crewai import Agent, Task, Crew

agent = Agent(
    role="Black Duck (Synopsys) Analyst",
    goal="Access and analyze Black Duck (Synopsys) data via MCP.",
    backstory="Expert analyst with direct Black Duck (Synopsys) access.",
    mcps=[
        "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    ],
)

task = Task(
    description="List recent Black Duck (Synopsys) transactions",
    agent=agent,
    expected_output="A summary of recent activity",
)

crew = Crew(agents=[agent], tasks=[task])
result = crew.kickoff()
print(result)

Get your connection token →

Prerequisites

Python 3.10+ installed
crewai + crewai-tools packages
Active Vinkius subscription with a valid endpoint token

1

Install dependencies
Run pip install crewai crewai-tools. The MCPServerAdapter handles lifecycle management and tool conversion.
2

Connect with MCPServerAdapter
Use MCPServerAdapter as a context manager with SseServerParameters pointing to your Vinkius endpoint. The adapter automatically manages connection lifecycle.
3

Assign tools and run
Pass the returned mcp_tools to your agent's tools parameter. The adapter converts MCP tools to native BaseTool objects compatible with all CrewAI agents.

crew.py

from crewai import Agent, Task, Crew
from crewai_tools import MCPServerAdapter
from mcp import SseServerParameters

server_params = SseServerParameters(
    url="https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
)

with MCPServerAdapter(server_params) as mcp_tools:
    agent = Agent(
        role="Black Duck (Synopsys) Analyst",
        goal="Access and analyze Black Duck (Synopsys) data via MCP.",
        backstory="Expert analyst with direct Black Duck (Synopsys) access.",
        tools=mcp_tools,
    )

    task = Task(
        description="List recent Black Duck (Synopsys) transactions",
        agent=agent,
        expected_output="A summary of recent activity",
    )

    crew = Crew(agents=[agent], tasks=[task])
    result = crew.kickoff()
    print(result)

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Black Duck (Synopsys). All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect Black Duck (Synopsys) now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about Black Duck (Synopsys) MCP in CrewAI

Pass the Vinkius MCP endpoint URL directly into the `mcps` array when initializing your specialized security agents.

Yes. You can expose tools like `get_vulnerability_details` to your analyst agent while leaving `list_projects` to your manager agent.

Use `MCPServerHTTP` from `crewai.mcp` and apply a `tool_filter` to expose only specific tools like `list_code_locations`.

Yes. An auditor agent can run `search_projects` and hand the results to a patcher agent to resolve vulnerabilities.

The server accesses policy rules, code locations, and vulnerability lists. Vinkius routes all tool executions through a secure, zero-trust sandbox, preventing external leaks of your internal risk profiles.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript