How to Use the HCL AppScan MCP in Mastra AI
Build automated security workflows in Mastra AI using HCL AppScan for reliable threat detection.
Works with every AI agent you already use
…and any MCP-compatible client
Connect HCL AppScan MCP to Mastra AI
Create your Vinkius account to connect HCL AppScan to Mastra AI and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.
Automate scan pipelines in Mastra AI
Chain `list_apps` and `start_dast_scan` into complex agent workflows. Your agents now handle the entire security lifecycle without manual intervention. Define clear failure conditions within your workflows. If a scan fails, the system automatically triggers a retry or notifies your team via internal channels.
Deep issue analysis with Mastra AI
Use `get_issue` to pull specific vulnerability details during a workflow execution. Your agents parse this data to categorize risks automatically. This turns raw findings into actionable tickets. You save hours of manual triage by letting the agent filter the noise from the signal.
Monitor scan status via Mastra AI
Track progress across your entire fleet using `list_scans`. Your agents keep a constant watch on the state of every security task. It keeps your pipeline moving. If a scan hangs, the agent identifies the bottleneck and provides the context needed to clear it.
Set up HCL AppScan MCP in Mastra AI
Prerequisites
- Node.js 18+ and a TypeScript project
-
@mastra/mcp+@mastra/corepackages - Active Vinkius subscription with a valid endpoint token
- 1
Install dependencies
Run
npm install @mastra/mcp @mastra/coreplus your preferred model provider (e.g.@ai-sdk/openai). - 2
Configure the MCPClient
Create an
MCPClientwith your Vinkius endpoint as aURLobject. Replace[YOUR_TOKEN_HERE]with your token from cloud.vinkius.com. - 3
Discover and inject tools
Call
mcpClient.listTools()and spread the result into your agent'stoolsobject. All HCL AppScan tools become native Mastra tools. - 4
Run with any model
Swap
openai("gpt-4o")for any AI SDK-compatible provider. Callagent.generate()and the agent routes tool calls through MCP automatically.
import { MCPClient } from "@mastra/mcp";
import { Agent } from "@mastra/core/agent";
import { openai } from "@ai-sdk/openai";
const mcpClient = new MCPClient({
id: "hcl-appscan-mcp-client",
servers: {
"hcl-appscan-mcp": {
url: new URL(
"https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
),
},
},
});
const agent = new Agent({
name: "HCL AppScan Agent",
model: openai("gpt-4o"),
instructions: "You have access to HCL AppScan tools.",
tools: {
...(await mcpClient.listTools()),
},
});
const result = await agent.generate(
"List recent HCL AppScan transactions"
);
console.log(result.text);Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by HCL AppScan. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
Why Choose Vinkius
Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.
Real-time monitoring
Live
visibility into every interaction
Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.
Built-in savings
60%
lower AI costs
Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.
Single dashboard
One
place for every integration
Every tool your AI connects to, managed from a single screen. One account, complete control.
Common questions about HCL AppScan MCP in Mastra AI
Use it with your favorite AI tools
Connect this server to Cursor, Claude, VS Code, and more.
Start using the HCL AppScan MCP today
We host it, we monitor it, we maintain it. You just paste one token.
