Bring Secret Detection
to Claude Code
Learn how to connect GitGuardian to Claude Code and start using 49 AI agent tools in minutes. Fully managed, enterprise secure, and ready to use without writing a single line of code.
GDPR Free for SubscribersCompatible with every major AI agent and IDE
Gemini
What is the GitGuardian MCP Server?
Connect your GitGuardian workspace to any AI agent to strengthen your security posture and manage secret leaks through natural conversation.
What you can do
- Incident Management — List, retrieve, and resolve secret incidents. Assign team members to leaks and track remediation progress.
- Honeytokens — Create and manage decoy credentials (honeytokens) to detect unauthorized access to your private infrastructure.
- Security Scanning — Scan code snippets or content for secrets and sensitive data in real-time to prevent leaks before they happen.
- Audit & Compliance — Access detailed audit logs to monitor workspace activity and ensure compliance with security policies.
- Team Collaboration — Manage teams, members, and API tokens to orchestrate security operations across your organization.
How it works
- Subscribe to this server
- Enter your GitGuardian API Key
- Start monitoring and securing your code from Claude, Cursor, or any MCP-compatible client
Your AI acts as a 24/7 Security Operations Center (SOC) assistant, helping you triage alerts and deploy defenses without leaving your workflow.
Who is this for?
- Security Engineers — quickly triage secret incidents and manage honeytoken deployments across multiple environments.
- DevOps & SREs — automate security audits and monitor workspace health checks directly from the terminal or IDE.
- Developers — scan code for secrets before committing and check incident statuses without switching to the GitGuardian dashboard.
Built-in capabilities (49)
Assign a secret incident
Bulk lookup for honeytoken HMSL hashes
Create a custom tag
Create a honeytoken
Create a honeytoken note
Create a honeytoken within a context
Create a team
Delete a custom tag
Delete a custom tags key
Retrieve a custom tag
Check API health status
Retrieve a honeytoken
Retrieve quota overview
Retrieve secret incident details
Retrieve current API token details
Ignore a secret incident
List API tokens
List all existing event names for audit logs
List audit logs for your workspace
List custom tags
List health check history for an instance
List health checks
List all honeytokens events
List honeytoken notes
List sources where a honeytoken appears
List honeytokens
List IP allowlist rules
List GitGuardian's own IP addresses
List workspace members
List groups via SCIM
List members via SCIM
List secret incidents
List all sources
List team members
List teams
Scan multiple contents for secrets
Reset a honeytoken
Resolve a secret incident
Revoke a honeytoken
Revoke current API token
Scan content and create incidents automatically
Scan content for secrets
Trigger a health check
Trigger scans on sources
Full update of a custom tag
Partial update of a custom tag
Update a custom tags key
Update a honeytoken
Update a secret incident
Why Claude Code?
Claude Code registers GitGuardian as an MCP server in a single terminal command. Once connected, Claude Code discovers all 49 tools at runtime and can call them headlessly. ideal for CI/CD pipelines, cron jobs, and automated workflows where GitGuardian data drives decisions without human intervention.
- —
Single-command setup:
claude mcp addregisters the server instantly. no config files to edit or applications to restart - —
Terminal-native workflow means MCP tools integrate seamlessly into shell scripts, CI/CD pipelines, and automated DevOps tasks
- —
Claude Code runs headlessly, enabling unattended batch processing using GitGuardian tools in cron jobs or deployment scripts
- —
Built by the same team that created the MCP protocol, ensuring first-class compatibility and the fastest adoption of new protocol features
GitGuardian in Claude Code
GitGuardian and 4,000+ other MCP servers. One platform. One governance layer.
Teams that connect GitGuardian to Claude Code through Vinkius don't need to source, host, or maintain individual MCP servers. Every tool call runs inside a hardened runtime with credential isolation, DLP, and a signed audit chain.
Raw MCP | Vinkius | |
|---|---|---|
| Server catalog | Find and host yourself | 4,000+ managed |
| Infrastructure | Self-hosted | Sandboxed V8 isolates |
| Credential handling | Plaintext in config | Vault + runtime injection |
| Data loss prevention | None | Configurable DLP policies |
| Kill switch | None | Global instant shutdown |
| Financial circuit breakers | None | Per-server limits + alerts |
| Audit trail | None | Ed25519 signed logs |
| SIEM log streaming | None | Splunk, Datadog, Webhook |
| Honeytokens | None | Canary alerts on leak |
| Custom domains | Not applicable | DNS challenge verified |
| GDPR compliance | Manual effort | Automated purge + export |
Why teams choose Vinkius for GitGuardian in Claude Code
The GitGuardian MCP Server runs on Vinkius-managed infrastructure inside AWS — a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts. All 49 tools execute in hardened sandboxes optimized for native MCP execution.
Your AI agents in Claude Code only access the data you authorize, with DLP that blocks sensitive information from ever reaching the model, kill switch for instant shutdown, and up to 60% token savings. Enterprise-grade infrastructure, zero maintenance.
* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure
How Vinkius secures
GitGuardian for Claude Code
Every tool call from Claude Code to the GitGuardian MCP Server is protected by DLP redaction, cryptographic audit chains, V8 sandbox isolation, kill switch, and financial circuit breakers.
Frequently asked questions
Can I resolve a secret incident directly through the AI?
Yes. You can use the resolve_secret_incident tool by providing the incident ID. You can also use assign_secret_incident to delegate the fix to a specific team member.
How do I create a decoy credential to catch attackers?
Use the create_honeytoken tool. You can specify the type and name of the honeytoken, and GitGuardian will generate a decoy that alerts you if it's ever used.
Is it possible to scan a text block for secrets before I commit it?
Absolutely. Use the scan_content tool. Provide the document content and a filename, and the AI will return any detected secrets or policy violations found by GitGuardian's engine.
How do I add an MCP server to Claude Code?
Run claude mcp add <name> --transport http "<url>" in your terminal. Claude Code registers the server and discovers all tools immediately.
Can Claude Code run MCP tools in headless mode?
Yes. Claude Code supports non-interactive execution, making it ideal for scripts, cron jobs, and CI/CD pipelines that need MCP tool access.
How do I list all connected MCP servers?
Run claude mcp in your terminal to see all registered servers and their status, or type /mcp inside an active Claude Code session.
Command not found: claude
Ensure Claude Code is installed globally: npm install -g @anthropic-ai/claude-code
Connection timeout
Check your internet connection and verify the Edge URL is reachable
Explore More MCP Servers
View all →
Lindy (Autonomous AI Employees)
10 toolsManage autonomous AI employees via Lindy — trigger task runs, monitor reasoning logs, and audit app integrations.
FutureVault
12 toolsManage digital vaults, track documents, and oversee folder structures via AI agents with FutureVault.
Oppo Game Open Platform
8 toolsManage Oppo Game Open Platform distribution — validate logins, query orders, and report game data directly from any AI agent.
Physiological Hydration Metric Engine
5 toolsCompute exact metabolic water intake requirements. Structure highly optimized, circadian fluid distribution schedules adapting natively to body mass, physical output, and environmental climate.