4,500+ servers built on MCP Fusion
Vinkius
Have I Been Pwned logo
Vinkius
LangChain logo

How to Use the Have I Been Pwned MCP in LangChain

Build credential auditing pipelines in LangChain. Check hashes and emails against global breaches without exposing raw passwords.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

Have I Been Pwned MCP on Cursor AI Code Editor MCP Client Have I Been Pwned MCP on Claude Desktop App MCP Integration Have I Been Pwned MCP on OpenAI Agents SDK MCP Compatible Have I Been Pwned MCP on Visual Studio Code MCP Extension Client Have I Been Pwned MCP on GitHub Copilot AI Agent MCP Integration Have I Been Pwned MCP on Google Gemini AI MCP Integration Have I Been Pwned MCP on Lovable AI Development MCP Client Have I Been Pwned MCP on Mistral AI Agents MCP Compatible Have I Been Pwned MCP on Amazon AWS Bedrock MCP Support
MCP Servers - Free for Subscribers
LangChain

Connect Have I Been Pwned MCP to LangChain

Create your Vinkius account to connect Have I Been Pwned to LangChain and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers
Setup Have I Been Pwned with LangChain
ChatGPT ChatGPT Claude Claude Perplexity Perplexity

Chain credential checks in LangChain

The `search_account_breaches` tool feeds directly into your LangChain ReAct agents. You build a pipeline that takes a user email, checks it against the database, and parses the output for immediate action. Output from one node becomes input for the next. If an email flags positive, your chain automatically triggers `get_breach_details` to pull the exact dates and exposed data types. LangSmith traces the entire flow so you see exactly how long the API call took.

Audit passwords with k-anonymity

The `check_password_safety` tool verifies if a hash exists in known leaks. Your agent never sends the full password to the remote endpoint. It hashes the string, sends the first five characters, and checks the returned list locally. This means you can build automated password rotators without burning your security model. Your LangGraph nodes handle the logic while the MCP Server manages the API transport. You get hard data on credential exposure with zero guesswork involved.

Track raw text dumps via MCP Server

The `search_account_pastes` tool hunts for your target emails in public text dumps like Pastebin. Attackers often drop lists there before they hit formal databases. Catching these early indicators gives you a massive head start on defense. Combine this with `list_all_breaches` to keep your internal threat intel updated. You script a daily check, and the agent flags any new dumps matching your domains. It's a simple, effective way to stay ahead of credential stuffing.

Setup guide

Set up Have I Been Pwned MCP in LangChain

Prerequisites

  • Python 3.10+ installed
  • langchain-mcp-adapters + langgraph packages
  • Active Vinkius subscription with a valid endpoint token
  1. 1

    Install dependencies

    Run pip install langchain-mcp-adapters langgraph langchain-openai. The MCP adapters package converts MCP tools into native LangChain BaseTool objects.

  2. 2

    Connect via HTTP transport

    Use MultiServerMCPClient with "transport": "http" pointing to your Vinkius endpoint. Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com.

  3. 3

    Create a ReAct agent

    Pass the discovered tools to create_react_agent() from LangGraph. The agent automatically routes Have I Been Pwned tool calls through the MCP protocol.

  4. 4

    Run with any LLM

    Swap ChatOpenAI for ChatAnthropic, ChatGoogleGenerativeAI, or any LangChain-compatible model. The MCP tools work identically across all providers.

agent.py 
from langchain_mcp_adapters.client import MultiServerMCPClient
from langgraph.prebuilt import create_react_agent
from langchain_openai import ChatOpenAI

async with MultiServerMCPClient({
    "have-i-been-pwned-mcp": {
        "transport": "http",
        "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp",
    }
}) as client:
    tools = client.get_tools()

    agent = create_react_agent(
        ChatOpenAI(model="gpt-4o"),
        tools,
    )
    result = await agent.ainvoke({
        "messages": "List recent Have I Been Pwned transactions"
    })
    print(result["messages"][-1].content)
Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Have I Been Pwned. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect Have I Been Pwned now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about Have I Been Pwned MCP in LangChain

Run `pip install langchain-mcp-adapters langgraph`. Then initialize a `MultiServerMCPClient` pointing to the server URL. Call `client.get_tools()` and pass them to your agent.
Yes. You write custom retry logic into your LangGraph nodes. The server returns the raw HTTP status codes from the API, letting your chain back off when it hits the ceiling.
The tools return structured JSON. Your ReAct agent parses this natively to decide its next step.
You need a commercial-tier key from the provider. Set it as an environment variable before starting the application. Free tiers usually choke on automated agent traffic.
The system uses k-anonymity for password checks. Your LangChain application hashes the password locally and only transmits the first five characters of the SHA-1 hash over the wire. The remote database returns a list of matching hashes, and the final comparison happens on your machine.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

Claude Desktop ide
Cursor ide
VS Code Copilot ide
Windsurf ide
Cline ide
Claude Code cli
OpenAI Agents SDK sdk-python
Google ADK sdk-python
Pydantic AI sdk-python
Vercel AI SDK sdk-typescript
Mastra AI sdk-typescript
Mastra AI
CrewAI framework
LangChain framework
LlamaIndex framework
LlamaIndex
AutoGen framework
AutoGen

Start using the Have I Been Pwned MCP today

We host it, we monitor it, we maintain it. You just paste one token.

Get started
Built & Managed by Vinkius 30s setup 5 tools

We've already built the connector for Have I Been Pwned. Just plug in your AI agents and start using Vinkius.

No hosting. No infrastructure. No complex setup.
All 5 tools are live and waiting. You're up and running in seconds.

Claude Claude
ChatGPT ChatGPT
Cursor Cursor
Gemini Gemini
Windsurf Windsurf
VS Code VS Code
JetBrains JetBrains
Vercel Vercel
+ other MCP clients

Vinkius gives your AI agents access to the full catalog of app connectors, all fully managed, secure, and enterprise-ready. One subscription, every tool you need.

Zero hosting required Full MCP catalog included Enterprise-grade security Auto-updated by Vinkius

Built, hosted, and secured by Vinkius. You just connect and go.