How to Use the FOSSA (License Compliance) MCP in Google ADK

Q: How do I connect the FOSSA (License Compliance) server to my Google ADK agent?

After you pip install google-adk, you create an McpToolset and pass it your Vinkius server URL. Then you just add that toolset to your agent's tools list when you initialize it.

Q: Can I filter which FOSSA tools are available to my Gemini agent?

Yes, the McpToolset in the Google ADK has a toolnames parameter. You can pass it a list like 'checkvulnerabilities', 'listprojects' to restrict the agent to only those specific actions.

Q: Does this FOSSA (License Compliance) MCP server work with long-context Gemini models?

Absolutely. You can pull massive dependency lists with getrevisiondependencies and feed the entire result into the model's context. This lets the agent reason about the complete dependency graph of a complex project in a single turn.

Q: What about the security of my FOSSA dependency data?

When your agent calls a tool like getrevisiondependencies, the request and response data only exist within a zero-trust, ephemeral Vinkius environment for that single transaction. Your auth token secures the connection, and no dependency information is ever written to disk on our end.

Connect Gemini to your FOSSA data. Run enterprise-scale license compliance checks with the Google ADK.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect FOSSA (License Compliance) MCP to Google ADK

Create your Vinkius account to connect FOSSA (License Compliance) to Google ADK and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup FOSSA (License Compliance) with Google ADK

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Map Dependencies at Scale

First, get a complete picture of your software assets. Use `list_projects` to pull your entire FOSSA project catalog. An agent powered by a long-context Gemini model can hold this entire list in its working memory to reason about your whole organization at once. From there, you can have the agent iterate through each project, call `list_revisions`, and then run `get_revision_dependencies` for the latest commit. It's a direct path to building a complete, up-to-date dependency graph of your entire company.

Integrate FOSSA Scans with BigQuery

The real power comes when you combine this MCP Server with other Google Cloud tools. Your agent can run `check_vulnerabilities` on a set of dependencies from a project revision. Then, using the Google ADK's native integrations, the agent can write those vulnerability reports directly into a BigQuery table. Now you can build dashboards, run historical analysis, and track compliance trends across all your teams from one place.

Trace Impact with the Google ADK

A critical vulnerability is announced. You need to know your exposure, fast. Just give your agent the vulnerable package name. The agent uses `get_parent_projects` to find every repository that depends on it. Because you're in the Google ecosystem, the agent can then cross-reference this list with your Google Cloud project ownership data to automatically create and assign tickets.

Setup guide

Set up FOSSA (License Compliance) MCP in Google ADK

Prerequisites

Python 3.10+ installed
google-adk package (pip install google-adk)
Active Vinkius subscription with a valid endpoint token

1

Install Google ADK

Run pip install google-adk to install the Agent Development Kit. MCP support is included via the McpToolset class.
2

Connect via SSE transport

Use McpToolset.from_server() with SseServerParams pointing to your Vinkius endpoint. Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com.
3

Create an LlmAgent

Pass the returned mcp_tools list directly to LlmAgent(tools=mcp_tools). The ADK maps each MCP tool to a native Gemini function call — no manual schema definitions required.
4

Run with any Gemini model

The agent works with any Gemini model (gemini-2.0-flash, gemini-2.5-pro, etc.). Copy the full example on the right to get started with FOSSA (License Compliance) tools in your ADK agent.

agent.py

from google.adk.agents import LlmAgent
from google.adk.tools.mcp_tool.mcp_toolset import McpToolset
from google.adk.tools.mcp_tool.mcp_session_manager import SseServerParams

# Connect to the MCP via SSE
mcp_tools, exit_stack = await McpToolset.from_server(
    connection_params=SseServerParams(
        url="https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    )
)

# Create your agent with auto-discovered tools
agent = LlmAgent(
    name="FOSSA (License Compliance)_agent",
    model="gemini-2.0-flash",
    instruction="You have access to FOSSA (License Compliance) tools via MCP.",
    tools=mcp_tools,
)

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by FOSSA. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect FOSSA (License Compliance) now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about FOSSA (License Compliance) MCP in Google ADK

After you `pip install google-adk`, you create an `McpToolset` and pass it your Vinkius server URL. Then you just add that toolset to your agent's `tools` list when you initialize it.

Yes, the `McpToolset` in the Google ADK has a `tool_names` parameter. You can pass it a list like `['check_vulnerabilities', 'list_projects']` to restrict the agent to only those specific actions.

It's the native cloud integration. Your Gemini agent can pull data from FOSSA with `get_revision_dependencies`, then pivot to query BigQuery or trigger a Cloud Function. It keeps your compliance workflow inside your existing GCP environment.

Absolutely. You can pull massive dependency lists with `get_revision_dependencies` and feed the entire result into the model's context. This lets the agent reason about the complete dependency graph of a complex project in a single turn.

When your agent calls a tool like `get_revision_dependencies`, the request and response data only exist within a zero-trust, ephemeral Vinkius environment for that single transaction. Your auth token secures the connection, and no dependency information is ever written to disk on our end.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript