How to Use the Lacework (Cloud Security & CNAPP) MCP in Claude Code

Q: How do I use Claude Code and the Lacework (Cloud Security & CNAPP) MCP Server to fail a build in my pipeline?

In your CI script, run claude mcp call lacework-mcp listcontainervulnerabilities on your new image. Then, use a tool like jq to check for critical vulnerabilities in the JSON output and exit with a non-zero code if any are found.

Q: Can I create a daily security summary using Claude Code and Lacework (Cloud Security & CNAPP)?

Yes. Set up a cron job to execute claude mcp call lacework-mcp searchalerts --time-filter "-24h". Pipe the output to a script that formats the data and sends it to your team's chat.

Q: How can I quickly check for a specific LQL query from my terminal?

Just run claude mcp call lacework-mcp listlqlqueries grep "My Custom Query". It's a fast way to verify your custom threat hunting queries are available before you execute them.

Automate cloud security checks in your CI/CD pipelines and shell scripts with Lacework and Claude Code.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect Lacework (Cloud Security & CNAPP) MCP to Claude Code

Create your Vinkius account to connect Lacework (Cloud Security & CNAPP) to Claude Code and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup Lacework (Cloud Security & CNAPP) with Claude Code

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Block Vulnerable Images Before They Deploy

This is your new quality gate. In your GitHub Action or Jenkins pipeline, add a step that calls `claude mcp call lacework-mcp list_container_vulnerabilities` with the SHA of the image you just built. It checks the image against Lacework's static analysis before it ever hits a registry. You can then pipe the JSON output to `jq` to count the number of critical vulnerabilities. If the count is greater than zero, you fail the build. No more shipping code with known critical CVEs.

Run On-Demand Security Queries via CLI

A new zero-day just dropped. You need to know your exposure now. Just run `claude mcp call lacework-mcp search_cve_exposure --cve "CVE-2026-0001"` right from your shell. The command returns a clean JSON list of every single machine in your fleet running the vulnerable software. You can pipe this list directly into an Ansible playbook or a bash script to immediately begin patching. It's the fastest way to go from discovery to remediation with an MCP Server.

Schedule Daily Security Audits with Claude Code

Set up a simple cron job to run a daily security check. A command like `claude mcp call lacework-mcp search_alerts --time-filter "-24h"` will pull all new alerts from the last day into a JSON file. Your script can then parse that file, format a summary, and send it to a Slack channel. You get a daily digest of your security posture without ever logging into a UI. It’s perfect for keeping the whole team aware of what's happening.

Setup guide

Set up Lacework (Cloud Security & CNAPP) MCP in Claude Code

Prerequisites

Claude Code CLI installed (npm install -g @anthropic-ai/claude-code)
Active Vinkius subscription with a valid endpoint token

1

Run the add command

Open your terminal and run the command shown on the right. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com. Use --scope user to make it available across all projects.
2

Verify the connection

Start a Claude Code session and type /mcp to list connected servers. You should see lacework-cloud-security-cnapp-mcp with a green status indicator.
3

Start using tools

Ask Claude Code something like "Check my latest Lacework (Cloud Security & CNAPP) transactions." It will automatically discover and invoke the available Lacework (Cloud Security & CNAPP) tools.

Terminal

claude mcp add --transport http lacework-cloud-security-cnapp-mcp https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp

Get your connection token →

Prerequisites

Claude Code CLI installed
Active Vinkius subscription with a valid endpoint token

1

Open the config file

Create or edit .mcp.json in your project root for project-level scope, or ~/.claude.json for user-level scope.
2

Add the Lacework (Cloud Security & CNAPP) MCP

Paste the JSON snippet shown on the right into the mcpServers object. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com.
3

Restart Claude Code

Start a new Claude Code session. Type /mcp to confirm the server is connected. The tools will be automatically available in your conversation.

.mcp.json

{
  "mcpServers": {
    "lacework-cloud-security-cnapp-mcp": {
      "type": "url",
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Lacework. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect Lacework (Cloud Security & CNAPP) now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about Lacework (Cloud Security & CNAPP) MCP in Claude Code

In your CI script, run `claude mcp call lacework-mcp list_container_vulnerabilities` on your new image. Then, use a tool like `jq` to check for critical vulnerabilities in the JSON output and exit with a non-zero code if any are found.

Yes. Set up a cron job to execute `claude mcp call lacework-mcp search_alerts --time-filter "-24h"`. Pipe the output to a script that formats the data and sends it to your team's chat.

It's about simplicity and focus. This MCP server gives you pre-built, high-level actions without messing with OAuth or complex API documentation. You just connect Claude Code once and start running commands.

Just run `claude mcp call lacework-mcp list_lql_queries | grep "My Custom Query"`. It's a fast way to verify your custom threat hunting queries are available before you execute them.

When you run a command, the server fetches specific security data—like alert details or vulnerability lists—from your Lacework account for that single operation. The server is stateless and runs in a sandboxed environment on Vinkius; your data is passed through but never stored.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript