Is it safe to check my password using this tool?

Yes. This agent uses the K-Anonymity model. Only the first 5 characters of your password's SHA-1 hash are sent to the HIBP server. The full password or full hash never leaves your local environment, making it cryptographically safe.

Where can I get an API Key?

You can purchase an API key directly from the [HIBP website](https://haveibeenpwned.com/API/Key). It requires a small monthly subscription to prevent mass scraping and abuse.

Have I Been Pwned MCP Server for Cline 5 tools — connect in under 2 minutes

Name: Have I Been Pwned
Availability: InStock
Author: Vinkius

cline.bot/docs/mcp

Built by Vinkius GDPR 5 Tools IDE

Cline is an autonomous AI coding agent inside VS Code that plans, executes, and iterates on tasks. Wire Have I Been Pwned through the Vinkius and Cline gains direct access to every tool — from data retrieval to workflow automation — without leaving the terminal.

Get MCP Server for AI Agents

ASK AI ABOUT THIS MCP SERVER

Open in ChatGPT Open in Claude Open in Perplexity

Vinkius supports streamable HTTP and SSE.

RecommendedModern Approach — Zero Configuration

Vinkius Desktop App

The modern way to manage MCP Servers — no config files, no terminal commands. Install Have I Been Pwned and 2,500+ MCP Servers from a single visual interface.

Download Free Open SourceNo signup required

Classic Setup·json

{
  "mcpServers": {
    "have-i-been-pwned": {
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Fully ManagedVinkius Servers

60%Token savings

High SecurityEnterprise-grade

IAMAccess control

EU AI ActCompliant

DLPData protection

V8 IsolateSandboxed

Ed25519Audit chain

<40msKill switch

Stream every event to Splunk, Datadog, or your own webhook in real-time

* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure

About Have I Been Pwned MCP Server

Connect your AI agent to Have I Been Pwned, the internet's most trusted resource for tracking data breaches. Protect yourself by staying informed about where your sensitive information may have been leaked.

Cline operates autonomously inside VS Code — it reads your codebase, plans a strategy, and executes multi-step tasks including Have I Been Pwned tool calls without waiting for prompts between steps. Connect 5 tools through the Vinkius and Cline can fetch data, generate code, and commit changes in a single autonomous run.

What you can do

Account Search — Instantly check if an email or username has been involved in any of the thousands of tracked data breaches
Paste Search — Discover if your information is circulating on public paste sites (like Pastebin)
Password Safety — Safely verify if a password has ever appeared in a breach using the secure K-Anonymity model (your full password is never sent to the server)
Breach Catalog — Explore the full history of major internet data breaches, including what types of data were stolen (passwords, emails, phone numbers, etc.)

The Have I Been Pwned MCP Server exposes 5 tools through the Vinkius. Connect it to Cline in under two minutes — no API keys to rotate, no infrastructure to provision, no vendor lock-in. Your configuration, your data, your control.

How to Connect Have I Been Pwned to Cline via MCP

Follow these steps to integrate the Have I Been Pwned MCP Server with Cline.

Open Cline MCP Settings

Click the MCP Servers icon in the Cline sidebar panel

Add remote server

Click "Add MCP Server" and paste the configuration above

Enable the server

Toggle the server switch to ON

Start using Have I Been Pwned

Ask Cline: "Using Have I Been Pwned, help me..." — 5 tools available

Why Use Cline with the Have I Been Pwned MCP Server

Cline provides unique advantages when paired with Have I Been Pwned through the Model Context Protocol.

Cline operates autonomously — it reads your codebase, plans a strategy, and executes multi-step tasks including MCP tool calls without step-by-step prompts

Runs inside VS Code, so you get MCP tool access alongside your existing extensions, terminal, and version control in a single window

Cline can create, edit, and delete files based on MCP tool responses, enabling end-to-end automation from data retrieval to code generation

Transparent execution: every tool call and file change is shown in Cline's activity log for full visibility and approval before committing

Have I Been Pwned + Cline Use Cases

Practical scenarios where Cline combined with the Have I Been Pwned MCP Server delivers measurable value.

Autonomous feature building: tell Cline to fetch data from Have I Been Pwned and scaffold a complete module with types, handlers, and tests

Codebase refactoring: use Have I Been Pwned tools to validate live data while Cline restructures your code to match updated schemas

Automated testing: Cline fetches real responses from Have I Been Pwned and generates snapshot tests or mocks based on actual payloads

Incident response: query Have I Been Pwned for real-time status and let Cline generate hotfix patches based on the findings

Have I Been Pwned MCP Tools for Cline (5)

These 5 tools become available when you connect Have I Been Pwned to Cline via MCP:

check_password_safety

Uses k-anonymity; your full password is never sent to the server. Check if a password has ever appeared in a data breach (safe, k-anonymity search)

get_breach_details

Get details for a specific data breach by name

list_all_breaches

List all data breaches currently recorded in the system

search_account_breaches

Search for all data breaches an email or account has been involved in

search_account_pastes

Search for all public pastes (like Pastebin) containing the email or account

Example Prompts for Have I Been Pwned in Cline

Ready-to-use prompts you can give your Cline agent to start working with Have I Been Pwned immediately.

"Has my email 'test@example.com' been involved in any breaches?"

"Is the password 'P@ssword123' safe to use?"

Troubleshooting Have I Been Pwned MCP Server with Cline

Common issues when connecting Have I Been Pwned to Cline through the Vinkius, and how to resolve them.

Server shows error in sidebar

Click the server name to see logs. Verify the URL and token are correct.

Have I Been Pwned + Cline FAQ

Common questions about integrating Have I Been Pwned MCP Server with Cline.

How does Cline connect to MCP servers?

Cline reads MCP server configurations from its settings panel in VS Code. Add the server URL and Cline discovers all available tools on initialization.