4,500+ servers built on MCP Fusion
Vinkius
Checkmarx logo
Vinkius
LlamaIndex logo

How to Use the Checkmarx MCP in LlamaIndex

Index your Checkmarx security posture with LlamaIndex. This MCP Server lets you build a searchable knowledge base from live scan data.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

Checkmarx MCP on Cursor AI Code Editor MCP Client Checkmarx MCP on Claude Desktop App MCP Integration Checkmarx MCP on OpenAI Agents SDK MCP Compatible Checkmarx MCP on Visual Studio Code MCP Extension Client Checkmarx MCP on GitHub Copilot AI Agent MCP Integration Checkmarx MCP on Google Gemini AI MCP Integration Checkmarx MCP on Lovable AI Development MCP Client Checkmarx MCP on Mistral AI Agents MCP Compatible Checkmarx MCP on Amazon AWS Bedrock MCP Support
MCP Servers - Free for Subscribers
LlamaIndex

Connect Checkmarx MCP to LlamaIndex

Create your Vinkius account to connect Checkmarx to LlamaIndex and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers
Setup Checkmarx with LlamaIndex
ChatGPT ChatGPT Claude Claude Perplexity Perplexity

Index Every Scan Result

Use the Checkmarx tools to build a queryable index of your security posture. Schedule a process to periodically `list_scans` and then `get_scan_results` for each completed scan. LlamaIndex will automatically ingest and vectorize the vulnerability data—severity, state, and code location. Now you can ask questions in natural language, like "show me all critical vulnerabilities in the checkout service from last week." Your agent will query the index for a grounded answer, not just call a raw API. This is the power of combining LlamaIndex with an MCP Server.

Create a Queryable IaC Index

Don't let your infrastructure security data get lost. Use the `get_kics_results` tool to pull all your Terraform, CloudFormation, and Kubernetes findings. Indexing this data with LlamaIndex creates a specialized knowledge base for your platform engineering team. They can then ask things like "what are our most common Dockerfile misconfigurations?" or "find all K8s issues related to network policies." The answers come straight from your indexed Checkmarx data, pulled via this MCP integration.

Grounded Answers with the LlamaIndex MCP Server

Combine tools for a complete picture. An agent can use `list_projects` and `list_applications` to understand the structure of your codebase. It then uses that context to retrieve targeted scan results with `get_scan_results`. By indexing all of this metadata and vulnerability data together, you build a powerful RAG system. It can answer complex questions like "what's the risk profile for the 'Mobile Banking' application, and which project has the most urgent findings?"

Setup guide

Set up Checkmarx MCP in LlamaIndex

Prerequisites

  • Python 3.10+ installed
  • llama-index-tools-mcp package
  • Active Vinkius subscription with a valid endpoint token
  1. 1

    Install dependencies

    Run pip install llama-index-tools-mcp llama-index-llms-openai. The MCP tools package provides BasicMCPClient and McpToolSpec.

  2. 2

    Connect with BasicMCPClient

    Point BasicMCPClient to your Vinkius endpoint URL. Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com. Supports SSE and Streamable HTTP transports.

  3. 3

    Convert to LlamaIndex tools

    Call mcp_tool_spec.to_tool_list_async() to convert all Checkmarx MCP tools into native FunctionTool objects that any LlamaIndex agent can use.

  4. 4

    Run with any LLM

    Create a FunctionAgent with the tools and your preferred LLM. Swap OpenAI for Anthropic, Gemini, or any LlamaIndex-supported provider.

agent.py 
from llama_index.tools.mcp import BasicMCPClient, McpToolSpec
from llama_index.core.agent.workflow import FunctionAgent
from llama_index.llms.openai import OpenAI

# Connect to the MCP
mcp_client = BasicMCPClient(
    "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
)
mcp_tool_spec = McpToolSpec(client=mcp_client)

# Convert MCP tools to LlamaIndex tools
tools = await mcp_tool_spec.to_tool_list_async()

# Create and run the agent
agent = FunctionAgent(
    tools=tools,
    llm=OpenAI(model="gpt-4o"),
    system_prompt="You have access to Checkmarx tools.",
)
response = await agent.run("List recent Checkmarx data")
Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Checkmarx. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect Checkmarx now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about Checkmarx MCP in LlamaIndex

You can build a RAG agent that calls `list_scans` and `get_scan_results`, then indexes the output into a vector store. This lets you ask natural language questions about your security history, like 'did we have any new SQL injection bugs last month?'
Yes, that's a perfect use case. Have your LlamaIndex agent periodically call `get_kics_results` and index the findings. This creates a knowledge base of all your IaC misconfigurations that you can query anytime.
Your agent can call `list_projects` to get project names and IDs, then use those IDs to fetch specific scans with `list_scans`. By indexing both datasets, you can link vulnerabilities directly to the projects and applications they belong to.
The `list_bfl` tool provides the Best Fix Location. You can index this data alongside the vulnerability itself, so when you query a specific issue, your LlamaIndex agent can also tell you the most effective place to patch it.
This server interacts with your Checkmarx project metadata, scan histories, and vulnerability report data, including code snippets for findings. It operates within the Vinkius ephemeral sandbox, meaning your data is processed for the request and then discarded. All access is governed by your single, revocable endpoint token.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

Claude Desktop ide
Cursor ide
VS Code Copilot ide
Windsurf ide
Cline ide
Claude Code cli
OpenAI Agents SDK sdk-python
Google ADK sdk-python
Pydantic AI sdk-python
Vercel AI SDK sdk-typescript
Mastra AI sdk-typescript
Mastra AI
CrewAI framework
LangChain framework
LlamaIndex framework
LlamaIndex
AutoGen framework
AutoGen

Start using the Checkmarx MCP today

We host it, we monitor it, we maintain it. You just paste one token.

Get started
Built & Managed by Vinkius 30s setup 10 tools

We've already built the connector for Checkmarx. Just plug in your AI agents and start using Vinkius.

No hosting. No infrastructure. No complex setup.
All 10 tools are live and waiting. You're up and running in seconds.

Claude Claude
ChatGPT ChatGPT
Cursor Cursor
Gemini Gemini
Windsurf Windsurf
VS Code VS Code
JetBrains JetBrains
Vercel Vercel
+ other MCP clients

Vinkius gives your AI agents access to the full catalog of app connectors, all fully managed, secure, and enterprise-ready. One subscription, every tool you need.

Zero hosting required Full MCP catalog included Enterprise-grade security Auto-updated by Vinkius

Built, hosted, and secured by Vinkius. You just connect and go.