Integrate HCL AppScan with Claude, Cursor, Chatbots & AI Agents MCP Server

Q: How do I get my AppScan API Key ID and Secret?

Log in to the AppScan on Cloud console, go to your User Profile (top right), and select API Keys. You can generate a new Key ID and Key Secret there.

Manage security scans and vulnerabilities with HCL AppScan — track issues and audit applications via AI.

GDPR Free for Subscribers

Compatible with every major AI agent and IDE

Claude

ChatGPT

Cursor

Gemini

Windsurf

VS Code

JetBrains

Vercel

+ other MCP clients

get

Get account check on HCL AppScan

Verify AppScan account connection

get

Get account info on HCL AppScan

Retrieve authenticated user information

get

Get app on HCL AppScan

Get details for a specific application

get

Get issue on HCL AppScan

Get detailed information about a specific vulnerability

get

Get scan on HCL AppScan

Get details and status for a specific scan

list

List apps on HCL AppScan

List all applications in your AppScan inventory

list

List issues on HCL AppScan

List vulnerabilities found for a specific application

list

List presence on HCL AppScan

List AppScan Presences (local agents)

list

List scans on HCL AppScan

List all scans performed in the account

start

Start dast scan on HCL AppScan

Start a new Dynamic Analysis (DAST) scan

Security & Code Integrity Audit

Every tool in the HCL AppScan MCP Server is continuously audited by the Vinkius Security Engine. We guarantee zero-trust payload isolation, strict data boundaries, and deterministic execution for enterprise-grade AI agents.

A+Score: 100

How Vinkius protects your data

Is there a risk of the AI "going crazy" and deleting important company data?

No. With Vinkius, the AI operates on "rails". It can only make the exact moves you authorized in the tool's settings. It cannot invent routes, access other networks in your company, or decide to delete random files. If the action isn't in the approved catalog, the attempt is blocked instantly.

What happens if the underlying API rate limits my agent?

Our edge infrastructure automatically handles backoffs, queueing, and throttling. If an AI agent sends too many erratic requests, Vinkius manages the rate limits gracefully, ensuring your backend doesn't crash.

Does the AI train on my tools or API data?

No. Vinkius enforces a strict Zero-Retention policy. Your data simply passes through our secure servers to complete the requested action and is instantly forgotten. Nothing you do here is ever stored, logged, or used to train any artificial intelligence.

How do I get my AppScan API Key ID and Secret?

Log in to the AppScan on Cloud console, go to your User Profile (top right), and select API Keys. You can generate a new Key ID and Key Secret there.

How Chatbots Interact with HCL AppScan

The HCL AppScan integration provides comprehensive execution endpoints, allowing AI models to orchestrate tasks reliably.

Automating application security with AI

Connect your AI agent to HCL AppScan for comprehensive application security coverage. The integration features standard schemas for reliable fort knox tool execution.

Intelligent security testing Management

The HCL AppScan toolkit enables AI agents to execute security testing commands. It handles protocol translation for fort knox integrations natively.