Are scans executed locally or in the cloud?

Scans run on the StackHawk cloud infrastructure. The MCP integration only triggers and monitors them — no heavy processing happens in your AI context.

Why is the `login` step required?

The StackHawk API uses short-lived Bearer tokens. The `login` tool exchanges your API key for a session token that authenticates all subsequent requests.

Can the agent triage alerts automatically?

Yes. Use `triage_alert` to mark specific vulnerabilities as false positives, accepted risks, or confirmed issues. Each triage action targets a single alert by ID.

StackHawk MCP Server for Cline 10 tools — connect in under 2 minutes

Name: StackHawk
Availability: InStock
Author: Vinkius

cline.bot/docs/mcp

Built by Vinkius GDPR 10 Tools IDE

Cline is an autonomous AI coding agent inside VS Code that plans, executes, and iterates on tasks. Wire StackHawk through Vinkius and Cline gains direct access to every tool. from data retrieval to workflow automation. without leaving the terminal.

Get MCP Server for AI Agents

ASK AI ABOUT THIS MCP SERVER

Open in ChatGPT Open in Claude Open in Perplexity

Vinkius supports streamable HTTP and SSE.

RecommendedModern Approach — Zero Configuration

Vinkius Desktop App

The modern way to manage MCP Servers — no config files, no terminal commands. Install StackHawk and 2,500+ MCP Servers from a single visual interface.

Download Free Open SourceNo signup required

Classic Setup·json

{
  "mcpServers": {
    "stackhawk": {
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Fully ManagedVinkius Servers

60%Token savings

High SecurityEnterprise-grade

IAMAccess control

EU AI ActCompliant

DLPData protection

V8 IsolateSandboxed

Ed25519Audit chain

<40msKill switch

Stream every event to Splunk, Datadog, or your own webhook in real-time

* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure

About StackHawk MCP Server

Integrate the robust dynamic application security testing (DAST) capabilities of StackHawk directly into your conversational AI. Empower your engineering team to monitor system vulnerabilities, initiate complex scans, and orchestrate proactive security protocols without relying heavily on static dashboards. Connect securely to your workspaces, instruct your AI to assess ongoing security threats, and automatically classify alerts through a natural language interface designed to accelerate risk remediation across modern CI/CD pipelines.

Cline operates autonomously inside VS Code. it reads your codebase, plans a strategy, and executes multi-step tasks including StackHawk tool calls without waiting for prompts between steps. Connect 10 tools through Vinkius and Cline can fetch data, generate code, and commit changes in a single autonomous run.

What you can do

Automated Scanning — Programmatically initiate comprehensive security evaluations across your environments utilizing run_scan, and halt operations securely targeting specific execution UUIDs via stop_scan.
Risk Assessment — Effectively audit environments by listing operational scans with list_scans, or retrieve deep vulnerability reports invoking get_alerts targeting specific scan iterations.
Application Management — Catalog active software deployments monitored by StackHawk utilizing list_applications, and manage organizational parameters inspecting environments directly via list_environments.
Triage & Operations — Authenticate securely establishing a valid operational bearer token with login, and instruct the AI to accurately qualify, dismiss, or assign statuses prioritizing critical mitigation efforts using triage_alert.

The StackHawk MCP Server exposes 10 tools through the Vinkius. Connect it to Cline in under two minutes — no API keys to rotate, no infrastructure to provision, no vendor lock-in. Your configuration, your data, your control.

How to Connect StackHawk to Cline via MCP

Follow these steps to integrate the StackHawk MCP Server with Cline.

Open Cline MCP Settings

Click the MCP Servers icon in the Cline sidebar panel

Add remote server

Click "Add MCP Server" and paste the configuration above

Enable the server

Toggle the server switch to ON

Start using StackHawk

Ask Cline: "Using StackHawk, help me...". 10 tools available

Why Use Cline with the StackHawk MCP Server

Cline provides unique advantages when paired with StackHawk through the Model Context Protocol.

Cline operates autonomously. it reads your codebase, plans a strategy, and executes multi-step tasks including MCP tool calls without step-by-step prompts

Runs inside VS Code, so you get MCP tool access alongside your existing extensions, terminal, and version control in a single window

Cline can create, edit, and delete files based on MCP tool responses, enabling end-to-end automation from data retrieval to code generation

Transparent execution: every tool call and file change is shown in Cline's activity log for full visibility and approval before committing

StackHawk + Cline Use Cases

Practical scenarios where Cline combined with the StackHawk MCP Server delivers measurable value.

Autonomous feature building: tell Cline to fetch data from StackHawk and scaffold a complete module with types, handlers, and tests

Codebase refactoring: use StackHawk tools to validate live data while Cline restructures your code to match updated schemas

Automated testing: Cline fetches real responses from StackHawk and generates snapshot tests or mocks based on actual payloads

Incident response: query StackHawk for real-time status and let Cline generate hotfix patches based on the findings

StackHawk MCP Tools for Cline (10)

These 10 tools become available when you connect StackHawk to Cline via MCP:

get_application_details

Get detailed configuration for a specific StackHawk application

get_organization_details

Get StackHawk organization details and subscription tier

get_scan_alerts

Download individual security alerts discovered by a DAST scan

get_scan_results

Get detailed results and metadata for a specific DAST scan

list_api_keys

Useful for auditing and hygiene. List API keys configured for a StackHawk organization

list_applications

Requires a Bearer token and organization ID. List all registered DAST applications in a StackHawk organization

list_environments

g., Development, Staging, Production) configured on the application. List configured scan environments for a StackHawk application

list_scans

Includes scan IDs and high-level alert counts. List all DAST scan executions for a StackHawk application

login

This token is required for all subsequent StackHawk tool calls. Authenticate and obtain a Bearer access token from StackHawk

triage_alert

Valid statuses: RISK_ACCEPTED, FALSE_POSITIVE, IN_PROGRESS. Triage a DAST security alert (accept risk, false positive, etc.)

Example Prompts for StackHawk in Cline

Ready-to-use prompts you can give your Cline agent to start working with StackHawk immediately.

"Log in with my API token, list my projects and environments, then show the critical vulnerabilities from the latest scan."

"Run a new scan against the Production application."

Troubleshooting StackHawk MCP Server with Cline

Common issues when connecting StackHawk to Cline through the Vinkius, and how to resolve them.

Server shows error in sidebar

Click the server name to see logs. Verify the URL and token are correct.

StackHawk + Cline FAQ

Common questions about integrating StackHawk MCP Server with Cline.

How does Cline connect to MCP servers?

Cline reads MCP server configurations from its settings panel in VS Code. Add the server URL and Cline discovers all available tools on initialization.