4,000+ servers built on vurb.ts
Vinkius
Unlock for AI Agents
Mastra AISDK
Mastra AI
UpGuard MCP Server

Bring Attack Surface
to Mastra AI

Learn how to connect UpGuard to Mastra AI and start using 9 AI agent tools in minutes. Fully managed, enterprise secure, and ready to use without writing a single line of code.

MCP Inspector GDPR Free for Subscribers
Get VendorList Account RisksList Identity BreachesList Monitored DomainsList Monitored IpsList Saas AppsList User RisksList Vendor RisksList Vendors
Unlock for AI Agents
ChatGPT Claude Perplexity

Compatible with every major AI agent and IDE

ClaudeClaude
ChatGPTChatGPT
CursorCursor
GeminiGemini
WindsurfWindsurf
VS CodeVS Code
JetBrainsJetBrains
VercelVercel
+ other MCP clients
UpGuard

What is the UpGuard MCP Server?

Connect your UpGuard account to any AI agent and simplify how you monitor your attack surface, assess third-party vendor risks, and protect your organization's digital assets through natural conversation.

What you can do

  • Vendor Risk Assessment — List and query all monitored vendors to retrieve their security scores and metadata.
  • Risk Monitoring — List active security risks detected across your own infrastructure (BreachSight) and your vendor network (VendorRisk).
  • Data Breach Tracking — Monitor identity breaches affecting your workforce and retrieve detailed breach reports.
  • Asset Visibility — List monitored domains, IP ranges, and SaaS applications to understand your digital footprint.
  • Employee Security — Audit user-related risk data and identity theft exposures directly via AI commands.

How it works

  1. Subscribe to this server
  2. Enter your UpGuard API Key (found in your account settings)
  3. Start managing your cybersecurity posture from Claude, Cursor, or any MCP client

Who is this for?

  • CISO & Security Analysts — quickly check security scores and identify critical infrastructure risks via simple AI queries.
  • Procurement & Compliance — verify vendor risk profiles and monitor third-party security posture directly from the workspace.
  • IT Operations — track monitored domains and IPs to maintain a secure and up-to-date asset inventory.

Built-in capabilities (9)

get_vendor

Get details for a specific vendor

list_account_risks

List all active risks for the account

list_identity_breaches

List identity breaches

list_monitored_domains

List monitored domains

list_monitored_ips

List monitored IP addresses

list_saas_apps

List monitored SaaS applications

list_user_risks

List users and their risk data

list_vendor_risks

List active risks for a vendor

list_vendors

List all monitored vendors

Why Mastra AI?

Mastra's agent abstraction provides a clean separation between LLM logic and UpGuard tool infrastructure. Connect 9 tools through Vinkius and use Mastra's built-in workflow engine to chain tool calls with conditional logic, retries, and parallel execution. deployable to any Node.js host in one command.

  • Mastra's agent abstraction provides a clean separation between LLM logic and tool infrastructure. add UpGuard without touching business code

  • Built-in workflow engine chains MCP tool calls with conditional logic, retries, and parallel execution for complex automation

  • TypeScript-native: full type inference for every UpGuard tool response with IDE autocomplete and compile-time checks

  • One-command deployment to any Node.js host. Vercel, Railway, Fly.io, or your own infrastructure

M
See it in action

UpGuard in Mastra AI

AI AgentVinkius
High Security·Kill Switch·Plug and Play
Why Vinkius

UpGuard and 4,000+ other MCP servers. One platform. One governance layer.

Teams that connect UpGuard to Mastra AI through Vinkius don't need to source, host, or maintain individual MCP servers. Every tool call runs inside a hardened runtime with credential isolation, DLP, and a signed audit chain.

4,000+MCP Servers ready
<40msCold start
60%Token savings
Raw MCP
Vinkius
Server catalogFind and host yourself4,000+ managed
InfrastructureSelf-hostedSandboxed V8 isolates
Credential handlingPlaintext in configVault + runtime injection
Data loss preventionNoneConfigurable DLP policies
Kill switchNoneGlobal instant shutdown
Financial circuit breakersNonePer-server limits + alerts
Audit trailNoneEd25519 signed logs
SIEM log streamingNoneSplunk, Datadog, Webhook
HoneytokensNoneCanary alerts on leak
Custom domainsNot applicableDNS challenge verified
GDPR complianceManual effortAutomated purge + export
Unlock for AI Agents View step-by-step setup guide for Mastra AI →
Enterprise Security

Why teams choose Vinkius for UpGuard in Mastra AI

The UpGuard MCP Server runs on Vinkius-managed infrastructure inside AWS — a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts. All 9 tools execute in hardened sandboxes optimized for native MCP execution.

Your AI agents in Mastra AI only access the data you authorize, with DLP that blocks sensitive information from ever reaching the model, kill switch for instant shutdown, and up to 60% token savings. Enterprise-grade infrastructure, zero maintenance.

Unlock for AI Agents View full UpGuard details →
UpGuard
Fully ManagedVinkius Servers
60%Token savings
High SecurityEnterprise-grade
IAMAccess control
EU AI ActCompliant
DLPData protection
V8 IsolateSandboxed
Ed25519Audit chain
<40msKill switch
Stream every event to Splunk, Datadog, or your own webhook in real-time

* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure

The Vinkius Advantage

How Vinkius secures UpGuard for Mastra AI

Every tool call from Mastra AI to the UpGuard MCP Server is protected by DLP redaction, cryptographic audit chains, V8 sandbox isolation, kill switch, and financial circuit breakers.

< 40msCold start
Ed25519Signed audit chain
60%Token savings
FAQ

Frequently asked questions

01

How do I check the security score of a specific vendor?

Use the get_vendor tool and provide the Vendor ID. Your agent will retrieve the complete security profile, including the overall score and metadata for that vendor.

02

Can I see all active risks across my entire account?

Yes! Use the list_account_risks query. This retrieves all active security risks detected across your own digital infrastructure (BreachSight).

03

Is it possible to monitor data breaches affecting our employees?

Absolutely. Use the list_identity_breaches query to retrieve data on identity breaches affecting your workforce, helping you take proactive security measures.

04

How does Mastra AI connect to MCP servers?

Create an MCPClient with the server URL and pass it to your agent. Mastra discovers all tools and makes them available with full TypeScript types.

05

Can Mastra agents use tools from multiple servers?

Yes. Pass multiple MCP clients to the agent constructor. Mastra merges all tool schemas and the agent can call any tool from any server.

06

Does Mastra support workflow orchestration?

Yes. Mastra has a built-in workflow engine that lets you chain MCP tool calls with branching logic, error handling, and parallel execution.

07

createMCPClient not exported

Install: npm install @mastra/mcp

Explore More MCP Servers

View all →
Zoho Invoice

Zoho Invoice

10 tools

Manage customers, create invoices, and automate billing on Zoho Invoice — the clean and simple invoicing software for small business.

Zesty.io

Zesty.io

8 tools

Manage content models, items, and instances via the Zesty.io API.

Lever

Lever

10 tools

Manage recruitment postings, candidate opportunities, and hiring stages via the Lever API.

JotForm

JotForm

10 tools

Manage forms, submissions, and reports via JotForm API.