How to Use the HCL AppScan MCP in Claude Code

Q: How to add HCL AppScan to Claude Code?

Use the command claude mcp add with the server URL in your terminal. Once added, verify the installation with claude mcp list.

Integrate the HCL AppScan MCP Server with Claude Code to automate security audits in your terminal and CI/CD pipelines.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect HCL AppScan MCP to Claude Code

Create your Vinkius account to connect HCL AppScan to Claude Code and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup HCL AppScan with Claude Code

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Headless HCL AppScan execution in Claude Code

Run `start_dast_scan` directly from your shell to audit code before a deployment. This fits perfectly into your existing terminal workflow without needing a GUI. Pipe the output of `list_scans` into other shell commands to generate status reports. It makes security auditing a standard part of your command-line routines.

Automated HCL AppScan triage for Claude Code

Use `list_issues` to grab a list of vulnerabilities and feed them into a text processor. Claude Code then uses `get_issue` to pull detailed mitigation notes for every high-risk finding. This allows you to build custom security gates in your CI/CD pipeline. If the tool returns a critical issue, you can kill the build immediately.

Manage HCL AppScan presence via Claude Code

Run `list_presence` to verify your local agents are active before triggering a scan. It prevents failed tasks caused by offline infrastructure. Combine this with `list_apps` to verify your entire inventory from the terminal. You get a complete view of your environment health without ever leaving your console.

Setup guide

Set up HCL AppScan MCP in Claude Code

Prerequisites

Claude Code CLI installed (npm install -g @anthropic-ai/claude-code)
Active Vinkius subscription with a valid endpoint token

1

Run the add command

Open your terminal and run the command shown on the right. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com. Use --scope user to make it available across all projects.
2

Verify the connection

Start a Claude Code session and type /mcp to list connected servers. You should see hcl-appscan-mcp with a green status indicator.
3

Start using tools

Ask Claude Code something like "Check my latest HCL AppScan transactions." It will automatically discover and invoke the available HCL AppScan tools.

Terminal

claude mcp add --transport http hcl-appscan-mcp https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp

Get your connection token →

Prerequisites

Claude Code CLI installed
Active Vinkius subscription with a valid endpoint token

1

Open the config file

Create or edit .mcp.json in your project root for project-level scope, or ~/.claude.json for user-level scope.
2

Add the HCL AppScan MCP

Paste the JSON snippet shown on the right into the mcpServers object. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com.
3

Restart Claude Code

Start a new Claude Code session. Type /mcp to confirm the server is connected. The tools will be automatically available in your conversation.

.mcp.json

{
  "mcpServers": {
    "hcl-appscan-mcp": {
      "type": "url",
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by HCL AppScan. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect HCL AppScan now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about HCL AppScan MCP in Claude Code

Use the command `claude mcp add` with the server URL in your terminal. Once added, verify the installation with `claude mcp list`.

Absolutely, it is designed for headless execution. You can script the tool calls to run security checks on every pull request.

Yes, the transport supports HTTP and SSE. You can run it over SSH or inside a containerized environment.

Vinkius runs the server in an isolated sandbox. Your data remains ephemeral and is wiped after the session terminates.

It processes vulnerability identifiers and scan status reports. The server does not store your authentication credentials, as Vinkius manages those via the endpoint token.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript