Can I check for critical vulnerabilities in a specific project version?

Yes! Use the `list_vulnerabilities` tool with the Project and Version IDs. Your agent will fetch the list of components with known security flaws and their severity levels.

How do I know if my Black Duck scan is finished?

Simply ask the agent to `get_bom_status` for the specific project version. It will return the current calculation status, showing if the BOM is 'Up to date' or still processing.

What happens if I trigger API rate limits?

Black Duck limits connections to 100 requests per 10 seconds or 10,000 per 30 minutes. If you exceed this sustained load protection, you will temporarily receive a HTTP 429 error code restricting your IP for 15 minutes.

Black Duck (Synopsys) MCP Server

Name: Black Duck (Synopsys)
Availability: InStock
Author: Vinkius

synopsys.com/software-integrity/black-duck.html

Built by Vinkius GDPR ToolsFree

Secure your open source supply chain via Black Duck — list projects, versions, and vulnerabilities directly from any AI agent.

Vinkius AI Gateway supports streamable HTTP and SSE.

Works with every AI agent you already use

…and any MCP-compatible client

Black Duck (Synopsys) MCP Server: see your AI Agent in action

AI Agent→Vinkius→Black Duck (Synopsys)

You

Vinkius AI Gateway

GDPR·High Security·Kill Switch·Ultra-Low Latency·Plug and Play

Built-in capabilities (10)

get_bom_status

Check BOM calculation status for a project version

get_project

Get details of a specific project

get_vulnerability_details

Get details of a specific CVE/Vulnerability

list_code_locations

List all scan code locations

list_policy_rules

List all security policy rules

list_project_versions

List all versions for a specific project

list_projects

List all Black Duck projects

list_users

List all Black Duck users

list_vulnerabilities

List vulnerabilities for a project version

search_projects

Search projects by name

What this connector unlocks

Connect your Black Duck (Synopsys) instance to any AI agent and orchestrate your open source security and license compliance workflows through natural conversation.

What you can do

Project Oversight — List and retrieve detailed metadata for all your software projects and their versions.
Vulnerability Tracking — Query project versions for known vulnerabilities (CVEs) and retrieve severity levels.
BOM Monitoring — Check the status of Bill of Materials (BOM) calculations to ensure up-to-date compliance data.
Policy Management — List and audit security policy rules defined across your organization.
Scan Analysis — Access code locations and scan histories to track security coverage.
User & Access Auditing — Retrieve user profiles and manage access controls within the platform.

How it works

1. Subscribe to this server
2. Enter your Black Duck Instance URL and API Token
3. Start securing your code from Claude, Cursor, or any MCP-compatible client

Who is this for?

Security Engineers — quickly audit vulnerabilities across multiple projects without manual dashboard exports.
Developers — check the security status of their project dependencies straight from the code editor.
Compliance Officers — retrieve policy rule summaries and BOM statuses for periodic reporting.

Frequently asked questions

Give your AI agents the power of Black Duck (Synopsys)

Access Black Duck (Synopsys) and 2,000+ MCP servers — ready for your agents to use, right now. No glue code. No custom integrations. Just plug Vinkius AI Gateway and let your agents work.

DETAILS

CategoryFort Knox

HackerOne

10 tools

Automate bug bounty management via HackerOne — manage reports, programs, and payments directly from any AI agent.

Google Cloud Storage

12 tools

Manage your GCS buckets and objects — list files, upload data, and audit permissions via AI.

WorkOS

10 tools

Manage enterprise organizations, SSO connections, and directory sync on WorkOS — the platform for enterprise-ready features.

Vanta

10 tools

Manage your automated compliance and security posture. Audit users, devices, vendors, and vulnerabilities directly from your AI agent.

Mattermark

10 tools

Startup and venture capital data via Mattermark — search companies, investors, and funding rounds.

Ezus

12 tools

Streamline travel agency operations via Ezus — manage projects, clients, suppliers, and invoices through your AI agent.