# HackEDU (Security Journey) MCP > HackEDU (Security Journey) MCP automates secure coding training by connecting your AI client directly to vulnerability data. It lets you manage user progress, list available modules, and automatically trigger personalized training plans when new vulnerabilities are found. ## Overview - **Category:** developer-tools - **Price:** Free - **Tags:** security-awareness, secure-coding, vulnerability-training, compliance-training, developer-education ## Description Stop manually exporting security reports or tracking down developer compliance status across spreadsheets. This MCP connects HackEDU (Security Journey) to any compatible agent, giving your AI client the power of a dedicated AppSec coordinator. You can now list all users and teams in one conversation thread, monitor who's falling behind on mandatory training modules, and even pull up the full taxonomy of vulnerabilities mapped to CWE standards. When an external scanner finds a new flaw, you don't need to open three different dashboards; your agent pushes that issue directly into HackEDU via this MCP. The data flows instantly, triggering adaptive training plans for specific developers who need remediation. This capability makes Vinkius the central hub where all your security education and vulnerability data meets your workflow. ## Tools ### create_issue Create/Push a new vulnerability issue to trigger adaptive training ### get_team_progress Get the training progress for a specific team ### get_user Get detailed information about a specific user ### get_user_progress Get the training progress for a specific user ### list_adaptive_training_plans List adaptive training plans created based on vulnerability findings ### list_content List all available training modules and lessons ### list_issues List vulnerability issues synced from external sources (e.g., Bugcrowd, HackerOne) ### list_teams List all teams configured in HackEDU ### list_users List all users in your HackEDU account ### list_vulnerabilities List HackEDU vulnerability taxonomy (CWE/CVE/CAPEC mapping) ## Prompt Examples **Prompt:** ``` Show me the training progress for Team Alpha. ``` **Response:** ``` Retrieving Team Alpha progress... The team currently has an overall completion rate of 78%. 12 out of 15 developers have completed the 'OWASP Top 10' module. Would you like to see the names of the pending users? ``` **Prompt:** ``` List all security lessons related to SQL Injection. ``` **Response:** ``` Searching catalog... I found 3 relevant modules: 'Basics of SQLi', 'Advanced Blind SQL Injection', and 'Preventing SQLi in Node.js'. Would you like the full description or UUID for any of these? ``` **Prompt:** ``` Create a new security issue for 'BOLA vulnerability found in API' with vulnerability ID 502. ``` **Response:** ``` Security issue created! I've logged the 'BOLA vulnerability' in HackEDU. This will automatically trigger adaptive training plans for the relevant development team. Should I list the assigned users? ``` ## Capabilities ### Track user and team compliance Get detailed progress reports showing if individual users or entire teams completed mandatory modules. ### Manage developer accounts List all system users and configured development teams within the platform. ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ### undefined undefined ## Frequently Asked Questions **How do I find my HackEDU API Key?** Log in to your HackEDU Admin Dashboard and navigate to the API section. You will be able to generate and copy your unique X-API-Key from there. **Can I track the training progress of a specific team?** Yes! Use the `get_team_progress` tool by providing the unique team ID. The agent will return the completion percentage and status for that team. **What is 'Adaptive Training' in this integration?** Adaptive Training allows you to push real-world vulnerability findings (via `create_issue`) to HackEDU. The platform then automatically assigns relevant security lessons to developers to help them fix and prevent similar issues. **Is HackEDU now part of Security Journey?** Yes, HackEDU was acquired by Security Journey. This integration works with accounts from both brands using the same API infrastructure.