4,500+ servers built on MCP Fusion
Vinkius
NIST NVD logo
Vinkius
Mastra AI logo

How to Use the NIST NVD MCP in Mastra AI

Build resilient security workflows that query the NIST NVD, handle failures, and automate responses using Mastra AI.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

NIST NVD MCP on Cursor AI Code Editor MCP Client NIST NVD MCP on Claude Desktop App MCP Integration NIST NVD MCP on OpenAI Agents SDK MCP Compatible NIST NVD MCP on Visual Studio Code MCP Extension Client NIST NVD MCP on GitHub Copilot AI Agent MCP Integration NIST NVD MCP on Google Gemini AI MCP Integration NIST NVD MCP on Lovable AI Development MCP Client NIST NVD MCP on Mistral AI Agents MCP Compatible NIST NVD MCP on Amazon AWS Bedrock MCP Support
MCP Servers - Free for Subscribers
Mastra AI

Connect NIST NVD MCP to Mastra AI

Create your Vinkius account to connect NIST NVD to Mastra AI and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers
Setup NIST NVD with Mastra AI
ChatGPT ChatGPT Claude Claude Perplexity Perplexity

Automate Dependency Scanning

Stop checking dependencies for vulnerabilities by hand. Build a Mastra AI workflow that triggers on every new pull request. The workflow can use `search_cpe_by_keyword` to identify components and `search_cve_by_cpe` to check them against the NIST NVD. If a critical vulnerability is found, your workflow can automatically fail the build, open a ticket, and page the on-call developer. Mastra's built-in retry logic handles any temporary NVD API hiccups, so your security checks are reliable.

Create Conditional Alerting Logic

Don't just find CVEs—act on them intelligently. Use `search_cve_by_severity` to create branching logic in your agent. If a 'CRITICAL' vulnerability is found, escalate to your incident response tool. If it's 'MEDIUM', just create a Jira ticket for the next sprint. This lets you build a triage system that runs on its own. Your Mastra AI agent becomes a frontline security analyst, filtering noise and only bubbling up the issues that require immediate human attention. This is what makes this MCP Server so effective.

Audit Vulnerability Fixes

Confirm that a vulnerability has actually been addressed. A workflow can periodically use `get_cve_by_id` to check a CVE's status. You can even use `get_cve_change_history` to see if the official record has been updated or disputed. Set up a Mastra AI agent to monitor a list of patched CVEs. If the NIST NVD record changes unexpectedly, the agent can trigger an alert. It’s a simple way to build a reliable, automated audit trail.

Setup guide

Set up NIST NVD MCP in Mastra AI

Prerequisites

  • Node.js 18+ and a TypeScript project
  • @mastra/mcp + @mastra/core packages
  • Active Vinkius subscription with a valid endpoint token
  1. 1

    Install dependencies

    Run npm install @mastra/mcp @mastra/core plus your preferred model provider (e.g. @ai-sdk/openai).

  2. 2

    Configure the MCPClient

    Create an MCPClient with your Vinkius endpoint as a URL object. Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com.

  3. 3

    Discover and inject tools

    Call mcpClient.listTools() and spread the result into your agent's tools object. All NIST NVD tools become native Mastra tools.

  4. 4

    Run with any model

    Swap openai("gpt-4o") for any AI SDK-compatible provider. Call agent.generate() and the agent routes tool calls through MCP automatically.

agent.ts 
import { MCPClient } from "@mastra/mcp";
import { Agent } from "@mastra/core/agent";
import { openai } from "@ai-sdk/openai";

const mcpClient = new MCPClient({
  id: "nist-nvd-mcp-client",
  servers: {
    "nist-nvd-mcp": {
      url: new URL(
        "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
      ),
    },
  },
});

const agent = new Agent({
  name: "NIST NVD Agent",
  model: openai("gpt-4o"),
  instructions: "You have access to NIST NVD tools.",
  tools: {
    ...(await mcpClient.listTools()),
  },
});

const result = await agent.generate(
  "List recent NIST NVD transactions"
);
console.log(result.text);
Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by NIST NVD. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect NIST NVD now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about NIST NVD MCP in Mastra AI

Schedule a Mastra AI agent to run once a day and call `search_cve_by_date` with the current date. The agent can then process the results and trigger other actions based on what it finds.
Yes, the `search_cve_by_cwe` tool is perfect for this. Your agent can look for specific bug classes, like 'CWE-79' for cross-site scripting, to support targeted security initiatives.
Mastra AI's workflow engine has automatic retries with exponential backoff. It will attempt to connect again, ensuring your security process doesn't fail due to temporary network issues with the NVD.
Yes. You can configure your agent to use `requireToolApproval`. For example, before acting on a critical CVE found via `get_cve_by_id`, the agent will pause and wait for a human to confirm the action.
There are none. The server processes public CVE and CPE identifiers from the NIST database. Your Mastra AI agent sends only these public identifiers; no private code, infrastructure details, or business data is ever transmitted.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

Claude Desktop ide
Cursor ide
VS Code Copilot ide
Windsurf ide
Cline ide
Claude Code cli
OpenAI Agents SDK sdk-python
Google ADK sdk-python
Pydantic AI sdk-python
Vercel AI SDK sdk-typescript
Mastra AI sdk-typescript
Mastra AI
CrewAI framework
LangChain framework
LlamaIndex framework
LlamaIndex
AutoGen framework
AutoGen

Start using the NIST NVD MCP today

We host it, we monitor it, we maintain it. You just paste one token.

Get started
Built & Managed by Vinkius 30s setup 10 tools

We've already built the connector for NIST NVD. Just plug in your AI agents and start using Vinkius.

No hosting. No infrastructure. No complex setup.
All 10 tools are live and waiting. You're up and running in seconds.

Claude Claude
ChatGPT ChatGPT
Cursor Cursor
Gemini Gemini
Windsurf Windsurf
VS Code VS Code
JetBrains JetBrains
Vercel Vercel
+ other MCP clients

Vinkius gives your AI agents access to the full catalog of app connectors, all fully managed, secure, and enterprise-ready. One subscription, every tool you need.

Zero hosting required Full MCP catalog included Enterprise-grade security Auto-updated by Vinkius

Built, hosted, and secured by Vinkius. You just connect and go.