Intruder MCP. Automate security audits and vulnerability tracking.
Gemini Works with every AI agent you already use
…and any MCP-compatible client
Just plug in your AI agents and start using Vinkius.
Intruder MCP Server automates vulnerability scanning and security monitoring using the Intruder.io API. Your AI agent can list targets, track scan results, retrieve specific vulnerabilities, and audit cloud integrations across AWS, Azure, and Google Cloud.
Use it to enforce DevSecOps workflows and audit compliance.
What your AI agents can do
Get account
Gets your Intruder account details to verify identity and settings.
Get issue
Retrieves detailed descriptions, remediation advice, and affected targets for a specific security issue.
Get scan
Retrieves details for a specific scan, including its target list and summary of findings.
Retrieves metadata and tags for specific assets, allowing deep dives into an asset's security status using get_target.
Returns a list of all known security issues, including titles, severity levels (Low to Critical), and current status using list_issues.
Retrieves a comprehensive list of all past vulnerability scans, including types, IDs, and timestamps via list_scans.
Lists every configured cloud integration (AWS, Azure, GCP), essential for auditing how new targets are discovered in your cloud environment using list_cloud_integrations.
Checks your account details and license status, confirming identity and subscription capacity using get_account and list_licences.
Ask AI about this MCP
Supported MCP Clients
Gemini Waiting for input…
Intruder MCP Server: 10 Tools for Security Auditing
Manage your entire security lifecycle using these tools. Check targets, list vulnerabilities, and track every scan result directly through your AI agent.
019d75bbget account
Gets your Intruder account details to verify identity and settings.
019d75bbget issue
Retrieves detailed descriptions, remediation advice, and affected targets for a specific security issue.
019d75bbget scan
Retrieves details for a specific scan, including its target list and summary of findings.
019d75bbget target
Retrieves metadata and associated tags to deep-dive into a specific asset's security status.
019d75bblist cloud integrations
Lists all configured cloud integrations (AWS, Azure, Google Cloud) for auditing purposes.
019d75bblist issues
Lists all identified vulnerability issues, showing titles, severity, and status for auditing.
019d75bblist licences
Lists all account licenses to check subscription status and capacity.
019d75bblist scans
Lists all vulnerability scans, providing types, timestamps, and IDs for tracking history.
019d75bblist targets
Lists all infrastructure and application targets being scanned for vulnerabilities.
019d75bblist teams
Lists all organization teams for understanding access controls.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on every call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with Intruder, then connect any of our 4,700+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 4,700+ others, all in one place
- Add new capabilities to your AI anytime you want
- Every connection is secured and compliant automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog every week
What you can do with this MCP connector
Intruder MCP Server lets your AI client manage your security posture. You'll get direct access to core security functions, so you don't have to jump between tools to audit anything. Your agent can list targets, track scans, and pull detailed vulnerability findings right in your environment.
Audit Target Assets: You can deep-dive into an asset's security status by getting its metadata and tags using get_target. You'll also see a full list of all infrastructure and application targets being scanned for vulnerabilities with list_targets.
List Identified Vulnerabilities: To see all known security issues, you can pull a list of all identified vulnerabilities using list_issues. This list shows titles, severity levels from Low to Critical, and the current status for every finding. If you want the nitty-gritty details on one specific flaw, get_issue retrieves the full description, remediation advice, and affected targets for that security issue.
Track Scan History: Your agent can get a comprehensive list of all past vulnerability scans by running list_scans, which gives you the type, ID, and timestamp for every assessment. You can also see what cloud integrations are set up—AWS, Azure, and Google Cloud—by running list_cloud_integrations, which is crucial for auditing how new targets get found in your cloud environment.
For a full picture of your account, you can verify your details and license status using get_account and list_licences.
Inventory and Manage Accounts: You can check out all configured cloud integrations with list_cloud_integrations to know exactly what's connected. You can also list all organization teams with list_teams to understand access controls. Finally, you can check out all account licenses with list_licences to confirm your subscription capacity.
How Intruder MCP Works
- 1 Your AI client sends a request to the MCP Server, specifying a tool and required parameters (e.g.,
list_issues). - 2 The Intruder MCP Server validates the request, executes the corresponding API call to Intruder, and handles authentication.
- 3 The server streams the structured data (e.g., list of Critical vulnerabilities) back to your AI client, letting your agent continue the workflow.
The bottom line is your AI client gets structured security data directly from the Intruder platform, so you don't have to copy-paste from web dashboards.
Who Is Intruder MCP For?
The DevSecOps engineer who needs to run continuous security audits without manual clicks. The security auditor who needs to prove compliance by gathering evidence from multiple sources. The platform engineer tasked with monitoring cloud asset drift. This is for anyone who treats security posture as code, not a checklist.
Runs vulnerability scans and automates the remediation workflow by chaining list_targets, list_issues, and get_issue calls.
Periodically runs checks to verify license capacity (list_licences) and gather evidence of compliance across all cloud integrations (list_cloud_integrations).
Uses the server to inventory all assets (list_targets) and track which cloud services (AWS, Azure, GCP) are connected to the monitoring system.
What Changes When You Connect
- Audit cloud assets and connections using
list_cloud_integrations. You see exactly which cloud services (AWS, Azure, GCP) are feeding data into Intruder, eliminating guesswork about data sources. - Get immediate visibility into known flaws by running
list_issues. The output includes severity (Critical, High, Medium, Low) and status, allowing your agent to prioritize remediation efforts instantly. - Track the full history of your security assessments with
list_scans. You get timestamps and IDs for every scan, proving continuous monitoring and compliance adherence. - Deep-dive into any single asset's status by calling
get_target. You retrieve metadata and associated tags, going beyond a simple name to understand the asset's full context. - Confirm account capacity and subscription health by using
list_licences. You know exactly if your scanning volume is hitting a limit before a critical failure occurs. - Identify every infrastructure and application asset using
list_targets. This list forms the foundation for any remediation plan, ensuring no asset is missed in the audit.
Real-World Use Cases
Post-Breach Audit Trail
A security team needs to prove the scope of a recent breach. They ask their agent to first run list_scans to define the time window. Then, they use list_issues to pull every vulnerability found during that period. Finally, they call get_issue for each critical finding to get remediation advice, building a perfect, auditable report.
Onboarding a New Cloud Service
A cloud architect adds a new Kubernetes cluster to the monitored environment. They use list_cloud_integrations to verify the connection works. Then, they call list_targets to pull the new asset list, confirming the cluster is included and ready for scanning.
Compliance Check for PCI DSS
The compliance officer needs to confirm all in-scope targets are monitored. They first call list_targets to get all assets. They then check list_teams to ensure the correct teams have access. This sequence verifies both asset existence and necessary organizational permissions.
Investigating a Single Critical Flaw
A developer receives an alert about a specific vulnerability. Instead of manually checking the dashboard, they ask their agent to call get_issue with the issue ID. This immediately returns the full description, the affected target, and the exact steps needed to fix it.
The Tradeoffs
Checking for issues manually
A user logs into the Intruder dashboard, clicks 'Issues,' filters by 'Critical,' copies the name, and then searches for the remediation steps on a separate wiki page. This is slow and prone to missing context.
→
Instead, run list_issues to get the list, then use get_issue for the specific ID. This gets the full description and remediation advice in one structured API call.
Ignoring asset scope
A user only lists targets in one department's silo, missing assets managed by the cloud team. They think they've covered everything, but the scan results are incomplete.
→
Always start by running list_targets to get the full list of all infrastructure and application assets. Then, use list_cloud_integrations to verify every data source is connected.
Assuming license capacity
Running a massive, multi-day scan without knowing the account's current license status, leading to the scan failing mid-run due to hitting a rate limit or capacity cap.
→
Check list_licences before starting any major scan. This confirms your account's capacity and prevents wasted time or incomplete reports.
When It Fits, When It Doesn't
Use this server if your workflow requires structured, repeatable data access to security findings. Specifically, if you need to chain calls like list_targets -> get_target -> get_issue. Don't use it if you only need to view a single, static report page—that's a UI problem, not an API one. If you only need to check if a target exists, list_targets works, but if you need its full metadata and tags, you must call get_target. Never use list_issues alone; always follow up with get_issue to get the actionable remediation steps. This server is for actionable data, not just reports.
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Intruder. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS INFRASTRUCTURE
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on every call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Works with Claude, ChatGPT, Cursor, and more
The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.
This server provides 10 capabilities that interface natively with Claude, ChatGPT, Cursor, and any MCP client. No middleware. No custom integration required.
Available Capabilities
Security audits shouldn't require logging into three different dashboards.
Today, auditing a cloud environment is a mess of tabs. You log into the cloud provider portal to check targets, then jump to the security tool to list issues, and finally open a third system to verify the credentials or integrations. You spend time copying IDs and pasting them into spreadsheets just to build a single report.
With the Intruder MCP Server, your agent handles the whole sequence. You tell it, 'List all critical issues and tell me how to fix them.' It calls `list_issues`, then immediately calls `get_issue` for the findings, giving you a single, structured output. No context switching required.
Intruder MCP Server: Get the full security picture with `list_targets`.
Manually, you might only look at the most obvious assets—the web servers or databases. You miss the supporting infrastructure, the networking gear, or the identity services that are just as vulnerable. You have to run multiple, separate reports to cover the scope.
The `list_targets` tool gives you a comprehensive inventory of *every* asset being scanned. This ensures your agent doesn't skip anything, providing a complete, auditable list of all infrastructure and applications under review.
Common Questions About Intruder MCP
How do I use the `list_targets` tool to see all assets? +
Run list_targets. This tool returns a list of all infrastructure and application targets currently included in the scan scope. You can then pass these IDs to get_target for deeper metadata.
What is the difference between `list_issues` and `get_issue`? +
list_issues gives you a summary list of all vulnerabilities and their severity. get_issue requires a specific issue ID and returns the full description, remediation advice, and affected targets.
Can I use `list_cloud_integrations` to find new assets? +
Yes. list_cloud_integrations inventories your connected cloud services (AWS, Azure, GCP). This tells your agent where to look for new targets before running list_targets.
How do I check if my account has enough license capacity? +
Call list_licences. This tool reads your account's license data, letting your agent know your current capacity and status before starting a resource-intensive scan.
What does `get_scan` return? +
get_scan returns details for a specific scan run, including the list of targets covered and a summary of findings. This helps you audit the scope and results of a past assessment.
How do I check my account details using the `get_account` tool? +
The get_account tool returns your current Intruder account details. This lets you verify your identity and see your overall account settings.
If I need to find all active vulnerability issues, which tool should I use? Is it `list_issues` or `get_issue`? +
Use list_issues to get a summary list of all identified vulnerabilities. get_issue then takes one of those results and provides the deep details, including remediation steps.
What information does the `list_scans` tool provide about my security assessments? +
The list_scans tool gives you a history of all your vulnerability scans. You get the scan types, timestamps, and unique IDs, which helps you track how often you're running checks.
How do I get Intruder API credentials? +
Log in to your Intruder portal, navigate to Settings > API, and click 'Create Access Token'.
Can I start scans with this MCP? +
This initial version focuses on listing and retrieving security data. Support for triggering new scans may be added in future updates.
What cloud integrations are supported? +
Intruder supports AWS, Azure, and Google Cloud Platform for automated asset discovery.
Use it with your favorite AI tools
Connect this server to Cursor, Claude, VS Code, and more.
More in this category
Shodan
Search for internet-connected devices, analyze open ports, discover vulnerabilities and explore the IoT landscape.
JumpCloud
Manage users, systems, and directories via JumpCloud API.
OneTrust
Manage privacy requests, assessments, vendors, consent, and incidents via OneTrust — automate GDPR, CCPA, and data governance from any AI agent.
You might also like
NVIDIA Vision
Generate images, analyze visuals, detect objects, and caption images via NVIDIA Vision APIs.
Dynamic (Web3 Auth)
Manage Web3 authentication and user data via Dynamic — fetch user profiles, check wallet sanctions, and manage sessions directly from any AI agent.
Mercado Livre Catalog
Create, update, and manage product listings, stock, and prices on Mercado Livre.