How to Use the Wallarm MCP in VS Code Copilot

Q: How do I check my Wallarm account status using VS Code Copilot?

You use getclientinfo to fetch immediate client details. This gives your team visibility into the Wallarm account, subscription level, and feature availability.

Q: What data types does this MCP Server handle for privacy concerns?

The server handles network metadata from searchsecurityhits. Specifically, it provides full request headers and payloads for blocked traffic, which is highly sensitive to your operations.

Q: Can I view all discovered vulnerabilities with Wallarm and VS Code Copilot?

Yes. Run searchvulnerabilities to get a complete list of every open security vulnerability found in the live API traffic, helping your team prioritize fixes.

Q: How do I search attack logs using VS Code Copilot?

Use searchsecurityattacks to find records of detected security threats. You can narrow down the results by vector (like XSS or SQLi) right from your editor.

Manage API security and view vulnerability data for your team with VS Code Copilot.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect Wallarm MCP to VS Code Copilot

Create your Vinkius account to connect Wallarm to VS Code Copilot and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup Wallarm with VS Code Copilot

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Inspect Attack Vectors via MCP Server

Team members can use `search_security_attacks` to list all security attacks Wallarm caught. The output groups these threats by vector (SQLi, XSS), letting the whole team see where the biggest gaps are. This capability lets you quickly identify patterns in malicious traffic that need code attention.

Update Vulnerability Status using Copilot

When a security issue is found, use `search_vulnerabilities` to list all open vulnerabilities discovered by Wallarm. You can then run `update_vulnerability_status` to change its lifecycle status—marking it 'closed' or as a false positive. This keeps your team's vulnerability database accurate and actionable.

Audit Network Rules with VS Code Copilot

Start by listing what rules exist using `list_ip_acl_rules`. This shows all configured IP allowlist and denylist entries. If a new requirement comes up, you can use `create_ip_acl_rule` to add an IP or CIDR range, specifying if it belongs on the 'white' or 'black' list.

Setup guide

Set up Wallarm MCP in VS Code Copilot

Prerequisites

VS Code 1.99 or later with GitHub Copilot extension
Active Vinkius subscription with a valid endpoint token

1

Open MCP configuration

Open the Command Palette (Cmd+Shift+P / Ctrl+Shift+P) and run "MCP: Add Server". Select HTTP (Streamable) as the server type. VS Code will create .vscode/mcp.json in your workspace.
2

Add the Wallarm MCP

Paste the JSON snippet shown on the right into your .vscode/mcp.json. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com.
3

Switch to Agent mode

Open Copilot Chat (Cmd+Shift+I / Ctrl+Shift+I) and switch to Agent mode using the dropdown. MCP tools are only available in Agent mode — they do not appear in Edit or Ask modes.
4

Verify the connection

In the Copilot Chat input, type # to list available tools. You should see the Wallarm tools listed. Try asking: "List my recent Wallarm transactions" and Copilot will invoke them automatically.

.vscode/mcp.json

{
  "mcpServers": {
    "wallarm-mcp": {
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Wallarm. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect Wallarm now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about Wallarm MCP in VS Code Copilot

You use `get_client_info` to fetch immediate client details. This gives your team visibility into the Wallarm account, subscription level, and feature availability.

The server handles network metadata from `search_security_hits`. Specifically, it provides full request headers and payloads for blocked traffic, which is highly sensitive to your operations.

Yes. Run `search_vulnerabilities` to get a complete list of every open security vulnerability found in the live API traffic, helping your team prioritize fixes.

It provides direct access to core security functions like listing nodes (`list_filtering_nodes`) and searching attacks. This makes it a critical, verifiable tool for managing API security.

Use `search_security_attacks` to find records of detected security threats. You can narrow down the results by vector (like XSS or SQLi) right from your editor.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript