How to Use the Lacework (Cloud Security & CNAPP) MCP in OpenAI Agents SDK

Q: Can I use OpenAI Agents SDK guardrails with the Lacework (Cloud Security & CNAPP) server?

Yes. You can intercept tool calls like executequery or searchalerts before execution to ensure the agent doesn't run unauthorized queries or exceed token limits.

Q: How do I trace Lacework (Cloud Security & CNAPP) tool calls within my OpenAI Agents SDK dashboard?

Every tool execution, such as fetching alert payloads with getalert, is recorded in the OpenAI tracing dashboard. You see the exact input parameters, tool outputs, and the model's reasoning steps.

Q: How does agent handoff work when a high-severity alert is detected?

When an agent calls searchalerts and finds an active threat, it can hand off the task to a specialized remediation agent. That secondary agent then queries listresourcegroups to determine if the target is in production.

Build production OpenAI Agents SDK workflows that auto-discover Lacework tools to quarantine vulnerable infrastructure instantly.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect Lacework (Cloud Security & CNAPP) MCP to OpenAI Agents SDK

Create your Vinkius account to connect Lacework (Cloud Security & CNAPP) to OpenAI Agents SDK and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup Lacework (Cloud Security & CNAPP) with OpenAI Agents SDK

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Track active host CVEs with OpenAI Agents SDK

Let your agent inspect raw container and VM footprints directly. By exposing `list_host_vulnerabilities` and `search_cve_exposure` through the MCP Server, your Python code lets specialized agents locate systems running processes compromised by critical vulnerabilities like Log4j. The agent uses native guardrails to verify the machine's state before taking action. If a host is running an active exploit, the agent triggers a handoff to a containment agent to isolate the instance, tracing the entire sequence in your OpenAI dashboard.

Automate threat hunting using LQL queries

Stop writing custom glue code to fetch security telemetry. This MCP integration exposes `execute_query` and `list_lql_queries` directly to your OpenAI Agents SDK runtime, allowing agents to pull exact payloads of API keys bypassing IAM logic. The agent parses the raw JSON output to detect anomalous login patterns. It then passes these findings to a reporting agent, ensuring your security team gets structured alerts without manual parsing.

Audit container registries before production deployment

Prevent vulnerable images from reaching your Kubernetes clusters. Your agent calls `list_container_vulnerabilities` to scan ECR or DockerHub registries for high-severity CVEs at the filesystem level. When a vulnerability is found, the agent queries `list_security_policies` to see if the image violates your deployment rules. It can then block the CI/CD pipeline and log the decision to your tracing dashboard.

Setup guide

Set up Lacework (Cloud Security & CNAPP) MCP in OpenAI Agents SDK

Prerequisites

Python 3.10+ installed
openai-agents package (pip install openai-agents)
Active Vinkius subscription with a valid endpoint token

1

Install the SDK

Run pip install openai-agents to install the OpenAI Agents SDK. The MCP integration is built-in — no extra dependencies needed.
2

Connect via SSE transport

Use MCPServerSse with your Vinkius endpoint URL. Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com. The SDK auto-discovers all Lacework (Cloud Security & CNAPP) tools at runtime.
3

Create your Agent

Pass the MCP to Agent(mcp_servers=[server]). The agent receives Lacework (Cloud Security & CNAPP) tools as native definitions — JSON schemas resolve automatically.
4

Run the agent

Call Runner.run(agent, prompt) to execute. The agent invokes the appropriate Lacework (Cloud Security & CNAPP) tools and returns structured results. Copy the full example on the right to get started.

agent.py

import asyncio
from agents import Agent, Runner
from agents.mcp import MCPServerSse

async def main():
    async with MCPServerSse(
        url="https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    ) as server:
        agent = Agent(
            name="Lacework (Cloud Security & CNAPP) Agent",
            instructions="You have access to Lacework (Cloud Security & CNAPP) tools.",
            mcp_servers=[server],
        )
        result = await Runner.run(agent, "List recent transactions")
        print(result.final_output)

asyncio.run(main())

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Lacework. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect Lacework (Cloud Security & CNAPP) now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about Lacework (Cloud Security & CNAPP) MCP in OpenAI Agents SDK

You pass the MCPServerStreamableHttp instance directly to the Agent constructor. The SDK automatically queries the MCP Server to register all ten tools, making them instantly available for your agent to call.

Yes. You can intercept tool calls like `execute_query` or `search_alerts` before execution to ensure the agent doesn't run unauthorized queries or exceed token limits.

Every tool execution, such as fetching alert payloads with `get_alert`, is recorded in the OpenAI tracing dashboard. You see the exact input parameters, tool outputs, and the model's reasoning steps.

When an agent calls `search_alerts` and finds an active threat, it can hand off the task to a specialized remediation agent. That secondary agent then queries `list_resource_groups` to determine if the target is in production.

The server accesses cloud configuration data, vulnerability lists, and security alert telemetry. Vinkius runs this MCP Server in an isolated V8 sandbox, ensuring your Lacework API keys and cloud telemetry remain private.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript