How do I find my HackEDU API Key?

Log in to your HackEDU Admin Dashboard and navigate to the API section. You will be able to generate and copy your unique X-API-Key from there.

Can I track the training progress of a specific team?

Yes! Use the `get_team_progress` tool by providing the unique team ID. The agent will return the completion percentage and status for that team.

What is 'Adaptive Training' in this integration?

Adaptive Training allows you to push real-world vulnerability findings (via `create_issue`) to HackEDU. The platform then automatically assigns relevant security lessons to developers to help them fix and prevent similar issues.

Is HackEDU now part of Security Journey?

Yes, HackEDU was acquired by Security Journey. This integration works with accounts from both brands using the same API infrastructure.

HackEDU (Security Journey) MCP Server for Windsurf 10 tools — connect in under 2 minutes

Name: HackEDU (Security Journey)
Availability: InStock
Author: Vinkius

docs.windsurf.com/windsurf/mcp

Built by Vinkius GDPR 10 Tools IDE

Windsurf brings agentic AI coding to a purpose-built IDE. Connect HackEDU (Security Journey) through Vinkius and Cascade will auto-discover every tool. ask questions, generate code, and act on live data without leaving your editor.

Get MCP Server for AI Agents

ASK AI ABOUT THIS MCP SERVER

Open in ChatGPT Open in Claude Open in Perplexity

Vinkius supports streamable HTTP and SSE.

RecommendedModern Approach — Zero Configuration

Vinkius Desktop App

The modern way to manage MCP Servers — no config files, no terminal commands. Install HackEDU (Security Journey) and 2,500+ MCP Servers from a single visual interface.

Download Free Open SourceNo signup required

Classic Setup·json

{
  "mcpServers": {
    "hackedu-security-journey": {
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Fully ManagedVinkius Servers

60%Token savings

High SecurityEnterprise-grade

IAMAccess control

EU AI ActCompliant

DLPData protection

V8 IsolateSandboxed

Ed25519Audit chain

<40msKill switch

Stream every event to Splunk, Datadog, or your own webhook in real-time

* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure

About HackEDU (Security Journey) MCP Server

Connect your HackEDU (now part of Security Journey) platform to any AI agent and take full control of your secure coding training workflows through natural conversation.

Windsurf's Cascade agent chains multiple HackEDU (Security Journey) tool calls autonomously. query data, analyze results, and generate code in a single agentic session. Paste Vinkius Edge URL, reload, and all 10 tools are immediately available. Real-time tool feedback appears inline, so you see API responses directly in your editor.

What you can do

User & Team Management — List all users and teams, retrieve detailed profiles, and check UUIDs for assignments.
Progress Tracking — Monitor individual and team training progress to ensure security compliance across your organization.
Content Insights — Browse the full catalog of available security training modules and lessons.
Vulnerability Integration — Access HackEDU’s vulnerability taxonomy mapped to CWE, CVE, and CAPEC standards.
Adaptive Training — Push issues from bug bounty programs or scanners to trigger personalized training plans for developers.
Reporting — Instantly retrieve summaries of security training health and identifying gaps in developer knowledge.

The HackEDU (Security Journey) MCP Server exposes 10 tools through the Vinkius. Connect it to Windsurf in under two minutes — no API keys to rotate, no infrastructure to provision, no vendor lock-in. Your configuration, your data, your control.

How to Connect HackEDU (Security Journey) to Windsurf via MCP

Follow these steps to integrate the HackEDU (Security Journey) MCP Server with Windsurf.

Open MCP Settings

Go to Settings → MCP Configuration or press Cmd+Shift+P and search "MCP"

Add the server

Paste the JSON configuration above into mcp_config.json

Save and reload

Windsurf will detect the new server automatically

Start using HackEDU (Security Journey)

Open Cascade and ask: "Using HackEDU (Security Journey), help me...". 10 tools available

Why Use Windsurf with the HackEDU (Security Journey) MCP Server

Windsurf provides unique advantages when paired with HackEDU (Security Journey) through the Model Context Protocol.

Windsurf's Cascade agent autonomously chains multiple tool calls in sequence, solving complex multi-step tasks without manual intervention

Purpose-built for agentic workflows. Cascade understands context across your entire codebase and integrates MCP tools natively

JSON-based configuration means zero code changes: paste a URL, reload, and all 10 tools are immediately available

Real-time tool feedback is displayed inline, so you see API responses directly in your editor without switching contexts

HackEDU (Security Journey) + Windsurf Use Cases

Practical scenarios where Windsurf combined with the HackEDU (Security Journey) MCP Server delivers measurable value.

Automated code generation: ask Cascade to fetch data from HackEDU (Security Journey) and generate models, types, or handlers based on real API responses

Live debugging: query HackEDU (Security Journey) tools mid-session to inspect production data while debugging without leaving the editor

Documentation generation: pull schema information from HackEDU (Security Journey) and have Cascade generate comprehensive API docs automatically

Rapid prototyping: combine HackEDU (Security Journey) data with Cascade's code generation to scaffold entire features in minutes

HackEDU (Security Journey) MCP Tools for Windsurf (10)

These 10 tools become available when you connect HackEDU (Security Journey) to Windsurf via MCP:

create_issue

Create/Push a new vulnerability issue to trigger adaptive training

get_team_progress

Get the training progress for a specific team

get_user

Get detailed information about a specific user

get_user_progress

Get the training progress for a specific user

list_adaptive_training_plans

List adaptive training plans created based on vulnerability findings

list_content

List all available training modules and lessons

list_issues

List vulnerability issues synced from external sources (e.g., Bugcrowd, HackerOne)

list_teams

List all teams configured in HackEDU

list_users

List all users in your HackEDU account

list_vulnerabilities

List HackEDU vulnerability taxonomy (CWE/CVE/CAPEC mapping)

Example Prompts for HackEDU (Security Journey) in Windsurf

Ready-to-use prompts you can give your Windsurf agent to start working with HackEDU (Security Journey) immediately.

"Show me the training progress for Team Alpha."

"List all security lessons related to SQL Injection."

"Create a new security issue for 'BOLA vulnerability found in API' with vulnerability ID 502."

Troubleshooting HackEDU (Security Journey) MCP Server with Windsurf

Common issues when connecting HackEDU (Security Journey) to Windsurf through the Vinkius, and how to resolve them.

Server not connecting

Check Settings → MCP for the server status. Try toggling it off and on.

HackEDU (Security Journey) + Windsurf FAQ

Common questions about integrating HackEDU (Security Journey) MCP Server with Windsurf.

How does Windsurf discover MCP tools?

Windsurf reads the mcp_config.json file on startup and connects to each configured server via Streamable HTTP. Tools are listed in the MCP panel and available to Cascade automatically.

Can Cascade chain multiple MCP tool calls?

Yes. Cascade is an agentic system. it can plan and execute multi-step workflows, calling several tools in sequence to accomplish complex tasks without manual prompting between steps.

Does Windsurf support multiple MCP servers?

Yes. Add as many servers as needed in mcp_config.json. Each server's tools appear in the MCP panel and Cascade can use tools from different servers in a single flow.