How to Use the Contrast Security MCP in Claude Code

Q: How do I add Contrast Security to Claude Code?

Run the claude mcp add command in your terminal, specifying the MCP transport protocol and your Vinkius credentials.

Q: Can I use Claude Code to script Contrast Security alerts?

Yes. You can run headless commands that use listvulnerabilitytraces to feed security events into your deployment pipelines.

Q: Does Claude Code require a browser to view Contrast Security details?

No. The agent fetches full technical findings using getvulnerabilitydetails and displays them as clean terminal text.

Q: How do I find specific applications from the command line?

Your agent runs searchapplicationsbyname using your query parameter to instantly locate the target application ID.

Pipe Contrast Security vulnerability data directly into Claude Code for headless terminal triage and automated CI/CD checks.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect Contrast Security MCP to Claude Code

Create your Vinkius account to connect Contrast Security to Claude Code and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup Contrast Security with Claude Code

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Audit CLI environments with an MCP Server

This Contrast Security MCP Server feeds live AppSec telemetry directly into your Claude Code terminal session. The agent runs `list_monitored_servers` to audit which active hosts run the Contrast agent. You can pipe this Claude Code output straight into standard Unix utilities or shell scripts. SREs can automate Contrast Security host verification tasks without opening a browser.

Triage critical vulnerabilities via shell

Speed matters when production is exposed, and this terminal integration delivers raw Contrast Security findings directly to Claude Code. The agent calls `list_critical_vulnerabilities` to dump high-priority security issues directly to stdout. It then uses `get_vulnerability_details` to pull the precise payload and stack trace. You get raw technical details instantly, optimized for keyboard-only navigation.

Query organization metadata on the fly

Inspecting your Contrast Security posture takes one command with this server integration inside Claude Code. Our terminal agent uses `get_organization_info` to retrieve your current account limits, license status, and active applications. If you need to check access control, Claude Code runs `list_organization_users` to list team members. You manage your Contrast Security footprint entirely from the CLI.

Setup guide

Set up Contrast Security MCP in Claude Code

Prerequisites

Claude Code CLI installed (npm install -g @anthropic-ai/claude-code)
Active Vinkius subscription with a valid endpoint token

1

Run the add command

Open your terminal and run the command shown on the right. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com. Use --scope user to make it available across all projects.
2

Verify the connection

Start a Claude Code session and type /mcp to list connected servers. You should see contrast-security-mcp with a green status indicator.
3

Start using tools

Ask Claude Code something like "Check my latest Contrast Security transactions." It will automatically discover and invoke the available Contrast Security tools.

Terminal

claude mcp add --transport http contrast-security-mcp https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp

Get your connection token →

Prerequisites

Claude Code CLI installed
Active Vinkius subscription with a valid endpoint token

1

Open the config file

Create or edit .mcp.json in your project root for project-level scope, or ~/.claude.json for user-level scope.
2

Add the Contrast Security MCP

Paste the JSON snippet shown on the right into the mcpServers object. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com.
3

Restart Claude Code

Start a new Claude Code session. Type /mcp to confirm the server is connected. The tools will be automatically available in your conversation.

.mcp.json

{
  "mcpServers": {
    "contrast-security-mcp": {
      "type": "url",
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Contrast Security. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect Contrast Security now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about Contrast Security MCP in Claude Code

Run the `claude mcp add` command in your terminal, specifying the MCP transport protocol and your Vinkius credentials.

Yes. You can run headless commands that use `list_vulnerability_traces` to feed security events into your deployment pipelines.

No. The agent fetches full technical findings using `get_vulnerability_details` and displays them as clean terminal text.

Your agent runs `search_applications_by_name` using your query parameter to instantly locate the target application ID.

Yes. All queries to your vulnerability traces and server lists run through end-to-end encrypted tunnels. Your sensitive security telemetry is never logged.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript