Pangea Security APIs MCP. Guard Inputs, Scrub Data, and Audit Everything.

Q: How do I use Pangea Security APIs MCP to redact JSON data?

You call redactstructured and pass the JSON object along with a list of fields you want removed. This method is better than generic redaction because it uses specific JSON paths.

Q: Is Pangea Security APIs MCP good for checking suspicious IPs?

Yes. Use ipgeolocate to find where the IP comes from, and then run embargoipcheck or ipreputation to see if it's flagged as a proxy or coming from an embargoed nation.

Q: What is the difference between auditlog and auditlogbulk in Pangea Security APIs MCP?

auditlog creates one single record for a specific event. Use auditlogbulk when you need to create many related records at once, like logging ten user sign-ins.

Q: Can I use Pangea Security APIs MCP to check if my password is safe?

Yes, use the passwordbreached tool. It compares a hashed version of your password against public databases of leaked credentials to tell you if it's compromised.

Pangea Security APIs is an essential security layer for building LLM applications. It lets your AI client automatically scan inputs and outputs for sensitive data (PII), detect prompt injections, check IP origins against embargo lists, and manage user access rights before the information ever hits your model.

Claude

ChatGPT

Cursor

Gemini

Windsurf

VS Code

JetBrains

Vercel

See Vinkius in Action

Give Claude and any AI agent real-world access

Data Privacy and Redaction

Automatically find and scrub sensitive information from plain text or complex JSON objects.

AI Input Guarding

Analyze prompts and chat completions to detect malicious content, PII, and prompt injection attempts before processing.

Security Auditing and Logging

Maintain a chronological record of all actions taken in your system and search those records using plain language.

Identity and Access Management

Control who can access resources, manage user sessions, and programmatically create or update user accounts.

Threat Intelligence Vetting

Check IP addresses for geopolitical embargoes, detect proxies, and scan files for known malware signatures.

Ask an AI about this

Waiting for input…

AI Agent

MCP Server

What AI agents can do with Pangea (Security APIs) - 36 Tools

These tools allow you to scan content for threats, manage user identities, secure communication channels, and track activity logs across your entire application.

Make your AI actually useful.

Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.

Start using Pangea (Security APIs) MCP

Ai Guard Prompt

Analyzes and redacts malicious or sensitive content found in LLM prompts.

Ai Guard Text

Scans any given text for PII, malicious patterns, and prompt injection attempts.

Aidr Chat Completions

Guards entire LLM chat completions while logging and tracing every interaction...

Audit Log Bulk

Creates multiple secure records of activity in your audit log at once.

Audit Log

Records a single, specific security event into the tamper-proof audit trail.

Audit Search Results

Retrieves pages of filtered search results from your historical audit log.

Audit Search

Searches the entire audit history using natural language questions.

Authn Flow Complete

Finalizes a user authentication flow and returns active session tokens.

Authn Flow Start

Initiates the process for a user to sign up or log in.

Authn Flow Update

Updates the state of an authentication flow, like submitting a password or OTP code.

Authn Session List

Retrieves a list of all currently active user sessions for management.

Authn Session Logout

Invalidates and ends one or more existing user login sessions.

Authn User Create

Creates a new user account programmatically within your system.

Authz Check

Determines if a specific user has permission to perform an action on a resource.

Authz List Resources

Lists all the resources that a given subject is authorized to access.

Authz Tuple Create

Defines specific relationship rules for managing resource permissions (AuthZ).

Domain Whois

Retrieves public WHOIS details associated with a given domain name.

Embargo Ip Check

Checks if an IP address originates from any country that is currently under embargo.

Embargo Iso Check

Verifies a two-letter ISO code against known lists of restricted countries.

File Scan

Scans an uploaded file to detect and flag any signs of malware or threats.

Intel Reputation

Fetches reputation scores for specific domains, URLs, or file hashes.

Ip Geolocate

Determines the physical location data associated with a given IP address.

Ip Proxy

Checks if an incoming IP address is masking its true source because it's a proxy.

Ip Reputation

Gets the overall reputation score and verdict for an entire IP address.

Ip Vpn

Checks to see if an incoming IP address is masking its source because it's a VPN connection.

Password Breached

Compares a password hash prefix against known databases of leaked credentials.

Redact Structured

Removes specific fields from a JSON object based on defined paths (JSONPath).

Redact Text

Scans and removes sensitive data from any block of plain text.

Sanitize File

Applies defined sanitization rules to a file, returning a cleaned version for safe...

Share Delete

Removes files or entire folders from the secure sharing area.

Share Folder Create

Creates new organizational folders within the secure file sharing service.

Share Get

Downloads a specific file or retrieves metadata about its properties.

Share List

Lists all objects within a designated bucket or folder, allowing for filtering.

Unredact

Reverses the redaction process on data that was previously protected using FPE...

User Breached

Checks if an email, phone number, or username appears in known public data breaches.

Vault Decrypt

Performs cryptographic decryption on stored secret values.

Vault Encrypt

Encrypts sensitive information to store it securely in the vault.

Vault Get

Retrieves item details or specific secret values from your secure Vault storage.

Vault Key Generate

Generates new symmetric or asymmetric cryptographic keys for use in the vault.

Vault Secret Store

Stores a secret value or access token securely within the system's Vault.

Security and governance baked right in.

Pick your AI client below to get set up. Just create a Vinkius account, subscribe, and you're instantly up and running. We handle the entire backend infrastructure, delivering out-of-the-box support for HTTPS Streamable, SSE, and OAuth2—zero messy routing required.

Pangea Security APIs MCP is compatible with Claude

Claude AI

Open Claude Settings

Go to claude.ai, click your profile icon, then navigate to Customize → Connectors.

Add Custom Connector

Click the "+" button and select Add custom connector. Paste your Vinkius endpoint URL:

https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp

Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com. For OAuth-protected servers, expand Advanced settings to add credentials.

Start a conversation

Open a new chat. The Pangea Security APIs integration is available immediately — no restart needed.

Antigravity

Configure Agent Environment

Open your Antigravity agent's workspace configuration or mcp-servers.json file.

Bind the Endpoint

Add the Vinkius endpoint URL to your agent's MCP connections list:

"mcp_servers": {
  "pangea-security-apis": {
    "serverUrl": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
  }
}

Provide your secure token in place of [YOUR_TOKEN_HERE] to ensure your agent requests are authenticated.

Execute

Start your Antigravity session. The agent will autonomously discover and utilize the Pangea Security APIs tools with full Vinkius guardrails applied.

Pangea Security APIs MCP is compatible with VS Code

VS Code Copilot

⚡

One-Click Install (Recommended)

In your Vinkius Dashboard, simply click the Add to VS Code button for this server. We'll automatically configure your local workspace.

Or configure manually

Open MCP Settings

Open VS Code, press Ctrl/Cmd + Shift + P, and search for GitHub Copilot: MCP Servers.

Add Server Config

Add the Vinkius endpoint configuration to your mcp-servers.json file:

"pangea-security-apis": {
  "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
}

Ensure you replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com.

LangChain

Install Dependencies

Install the LangChain MCP adapters for your environment:

pip install langchain-mcp-adapters

Connect the Server

Use the SSEClient in LangChain to connect to the Vinkius managed endpoint:

from langchain_mcp_adapters.client import SSEClient

# Connect to Vinkius
client = SSEClient(url="https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp")
tools = client.get_tools()

CrewAI

Define the Tool

Load the Vinkius MCP tools into your CrewAI agents:

from crewai import Agent
from mcp_crewai import MCPTool

# Connect securely to Vinkius
vinkius_tools = MCPTool(url="https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp")

# Assign to Agent
researcher = Agent(
    role='Data Researcher',
    tools=vinkius_tools.get_all()
)

Execute Task

Run your CrewAI process. The agent will autonomously route tasks to the Vinkius managed server.

Choose How to Get Started

Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.

Build Your Own

Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.

Import from OpenAPI, Swagger, or YAML specs
Create Agent Skills with progressive disclosure
Deploy to edge with MCPFusion framework
Built in DLP, auth, and compliance on each call
Real time usage dashboard and cost metering
Publish to catalog or keep private

Start building

Make Your AI Do More

Start with Pangea (Security APIs), then connect any of our 5,200+ other servers whenever your AI needs more. One click, no limits.

Use this MCP plus 5,200+ others, all in one place
Add new capabilities to your AI anytime you want
Connections are secured and governed automatically
Track usage and costs across all your servers
Works with Claude, ChatGPT, Cursor, and more
New servers added to the catalog weekly

VINKIUS CLOUD

Cloud Hosted

Managed infra

V8 Isolated

Sandboxed per request

Zero-Trust Proxy

No stored credentials

DLP Enforced

Policy on each call

GDPR Compliant

EU data residency

Token Compression

~60% cost reduction

Your data is protected. See how we built it.

The Security Headache of LLM Data Flow

Today, handling data means jumping through hoops. You build a feature that accepts user input, and then you have to worry about it: Does the prompt contain an email address? Is this IP address flagged as high risk? If it's structured JSON, did someone put an SSN in field 4B? Usually, you write custom validation checks for every single one of those things.

With this MCP, your agent handles all that overhead. You don't write the checkers; you just call them. Your workflow automatically runs `ai_guard_text` and `redact_structured`. What you get is a clean data output, guaranteed safe and ready for your model.

Control Access with Authz Tools

Before implementing any feature that changes state—like creating a user or accessing a protected folder—you currently rely on backend logic to check permissions. This means if you forget one conditional statement, the whole system breaks open.

Now, your agent uses `authz_check` and `authz_list_resources`. You simply ask: 'Does User X have permission for Action Y on Resource Z?' It's a single, reliable check that prevents unauthorized actions from ever completing.

Support 24/7 support@vinkius.com ↗

Security Vinkius Trust Center ↗

SLA Service Level Agreement ↗

Report Listing Send Report ↗

ai-guardrails

pii-redaction

threat-intelligence

audit-logging

prompt-injection

data-privacy

What Pangea Security APIs MCP does for your AI

When you build any application around a large language model, security is the biggest headache. You can’t trust what comes in or what goes out. This MCP gives you a unified way to enforce data rules right at the start of your process. It lets your agent automatically scrub plain text and structured JSON objects for private information; it also scans chat completions and prompts before they execute, stopping malicious inputs like prompt injections cold.

If you're tracking activity, you get more than just a log file—you can search through all historical events using natural language queries. You can also validate user identity by starting sign-in flows or checking if an IP address is coming from a restricted region. Because it’s hosted on Vinkius, connecting this MCP to your workflow means you don't have to build custom middleware; you just connect and start securing everything.

Built · Hosted · Managed by Vinkius Pangea Security APIs - Guard Inputs & Audit Logs

Server ID 019e38d2-0adb-73a7-9430-682b11f9cd23

Vinkius Inspector

Compliance Grade F

Score 3.6/100

Report View Report ↗

Benefits of connecting Pangea Security APIs MCP

Stop data leaks before they start. Use redact_text or redact_structured to strip PII from user inputs, ensuring your model never sees private customer data.

Protect against bad actors with AI Guarding. Tools like ai_guard_prompt and aidr_chat_completions detect prompt injections—the biggest risk in LLM workflows.

Achieve compliance easily. The MCP lets you use audit_search to query audit logs using plain English, making compliance checks fast instead of manual report generation.

Control access at the source. You can manage user sessions using authn_flow_start or check permissions with authz_check before running any critical code path.

Vet external data sources. Before your agent uses an IP address, run embargo_ip_check to guarantee it's not coming from a restricted region.

Pangea Security APIs MCP use cases

01 01

Handling Customer Support Chats

A support agent needs to log a customer complaint that includes their account number and personal address. Instead of copying the whole thing into the system, your agent runs ai_guard_text first. It automatically strips all PII, so the security team gets a usable, non-sensitive report.

02 02

Building Financial Agents

A financial modeling bot needs to process quarterly reports that are structured JSON files containing salary data. The agent uses redact_structured to zero out all the sensitive salary fields before handing the data off for analysis.

03 03

Onboarding New Users

A new employee needs access to a specific shared drive. Instead of manually asking an admin, your agent first runs authz_check and verifies if the user's role has permission for that resource before granting access.

04 04

Processing External APIs

Your application receives data from a third-party API endpoint. Before processing it, your agent calls embargo_ip_check to ensure the incoming connection IP address is not from a prohibited country.

Pangea Security APIs MCP tradeoffs

What to watch out for, and the recommended way to handle each one.

Assuming all inputs are safe

Avoid

The developer writes code that sends user prompts directly into the LLM without any pre-screening, leaving the system open to prompt injection attacks.

Instead

Always run every incoming prompt through ai_guard_prompt and use aidr_chat_completions. This ensures malicious inputs are caught before they reach your model.

Manual data scrubbing

Avoid

When a user complains, the team manually opens a spreadsheet, finds emails, and deletes them, which is slow and error-prone.

Instead

Let your agent handle it. Use redact_text to scrub PII from any text field automatically, guaranteeing consistency every time.

Ignoring historical activity

Avoid

When an incident occurs, the team has to manually check multiple system logs and search through dates/user IDs using a basic filter.

Instead

Use audit_search to query your entire security history using natural language. Just ask: 'Show all login failures for marketing last week.' Done.

When to use Pangea Security APIs MCP

You should use this MCP if your primary concern is the integrity of data flowing through or residing within your AI application. If you need to verify who can do what (authz), check where IP addresses are coming from (embargo_ip_check), or scrub sensitive fields from structured data (redact_structured), this is your tool. Don't use it if you simply need basic file storage—you'll want a different object store MCP instead. Only use the identity tools (authn_*, authz_*) when you are actively building user management features, not just reading logs.

Frequently asked questions about Pangea Security APIs MCP

How do I use Pangea Security APIs MCP to redact JSON data? +

You call redact_structured and pass the JSON object along with a list of fields you want removed. This method is better than generic redaction because it uses specific JSON paths.

Is Pangea Security APIs MCP good for checking suspicious IPs? +

Yes. Use ip_geolocate to find where the IP comes from, and then run embargo_ip_check or ip_reputation to see if it's flagged as a proxy or coming from an embargoed nation.

What is the difference between audit_log and audit_log_bulk in Pangea Security APIs MCP? +

audit_log creates one single record for a specific event. Use audit_log_bulk when you need to create many related records at once, like logging ten user sign-ins.

Can I use Pangea Security APIs MCP to check if my password is safe? +

Yes, use the password_breached tool. It compares a hashed version of your password against public databases of leaked credentials to tell you if it's compromised.

Does Pangea Security APIs MCP help with general data storage? +

No, this MCP handles security and access control, not storage. You use vault_encrypt or vault_secret_store to secure the data, but you need a separate service for actual file storage.