Contrast MCP Server

Remediate vulnerabilities found by Contrast products using LLM and Coding Agent capabilities.

Documentación

Contrast MCP Server

Java CI with Gradle License

The Contrast MCP Server connects Contrast Security to your AI coding agent so you can remediate vulnerabilities, update insecure libraries, and analyze security coverage through natural language.

It comes in two forms.

  • Hosted MCP Server is a remote MCP server that Contrast runs for you. It is the simplest path for Contrast SaaS customers, with browser-based OAuth sign-in and nothing to install. Recommended for most users.
  • Local MCP Server is the open-source server in this repository that you run yourself with API keys. It is the right choice for on-premises and EOP (Enterprise On-Premises) instances.

[!WARNING] CRITICAL SECURITY WARNING: Exposing Contrast vulnerability data to an AI service that trains on your prompts can leak sensitive information. Only use the Contrast MCP Server with environments that contractually guarantee data isolation and prohibit model training on your inputs.

Verify AI Data Privacy: Confirm that your service agreement prevents model training on your prompts and consult your security team before sharing Contrast data.

UNSAFE: Public consumer LLM sites (e.g., free ChatGPT, Gemini, Claude) that use prompts for training.

POTENTIALLY SAFE: Enterprise services with contractual privacy guarantees (e.g., Google Cloud AI, AWS Bedrock, Azure OpenAI).

Contents

Hosted MCP Server (recommended)

The Hosted MCP Server, a remote MCP server that Contrast operates for you, is the easiest way to connect an AI agent to Contrast. You point your client at one URL, sign in through your browser, and your agent can start asking questions about your security data. There are no API keys to copy around, no container or JAR to keep updated, and no local process to run.

The hosted server is read-only and is available now for Contrast SaaS.

Prerequisites

  • A Contrast SaaS account with access to at least one organization
  • An MCP client that supports Streamable HTTP transport and OAuth 2.0 with PKCE (see Supported clients)
  • A modern web browser for the OAuth sign-in

Connect

Add the server to Claude Code by pointing it at your Contrast host followed by /mcp.

claude mcp add --transport http contrast-hosted-mcp https://app.contrastsecurity.com/mcp

Replace app.contrastsecurity.com with your organization's Contrast URL if you use a dedicated instance. The first time your agent calls a tool, your browser opens for sign-in. If sign-in does not start automatically, run /mcp in Claude Code and choose Authenticate for contrast-hosted-mcp. You log in with your existing Contrast credentials, choose an organization, and approve read access. Your session refreshes on its own, so you typically sign in once and keep working.

For step-by-step setup for Claude Code, Claude Desktop, the Codex CLI, the GitHub Copilot CLI, and opencode, see the Hosted MCP Server installation guide.

Connection details

Any MCP client that supports Streamable HTTP transport and OAuth 2.0 with PKCE can connect.

SettingValue
Endpoint URLhttps://<your-contrast-host>/mcp (for example https://app.contrastsecurity.com/mcp)
TransportStreamable HTTP (stateless)
HTTP methodPOST
AuthenticationOAuth 2.0 with PKCE (S256)
OAuth scopesopenid, profile, offline_access

Your client discovers the OAuth configuration automatically through the WWW-Authenticate response header, which points to the standard /.well-known/oauth-protected-resource metadata document. Clients that support Dynamic Client Registration can register at /oauth2/connect/register on the Contrast origin.

Supported clients

ClientStatus
Claude Code CLIWorking
Codex CLIWorking
GitHub Copilot CLIWorking
opencodeWorking
Claude DesktopWorking
Gemini CLINot yet supported, OAuth compatibility issue
VS Code Copilot pluginNot yet supported, OAuth compatibility issue

Support for more clients is in progress as their OAuth handling matures. If your client fails during OAuth registration before the login page appears, that is usually a client compatibility issue rather than a problem with your account.

Security and privacy

The hosted server changes how access works without changing what you are allowed to see.

  • OAuth, not API keys. You sign in through your browser, so there are no long-lived keys to distribute or store on developer machines.
  • Read-only. Every hosted tool is read-only. You cannot modify, update, or delete data through the hosted server.
  • Organization-scoped. Each session is bound to the single organization you select at sign-in, so there is no organization ID to guess or get wrong.
  • Your existing permissions apply. Every request carries your identity to Contrast, which enforces the same role-based access control as the web interface. If you cannot see something in Contrast, your agent cannot see it either.
  • No data storage. The hosted server stores none of your data, and your token never appears in a tool response.

The shared warning above still applies. Tool results become part of your AI conversation, so follow your organization's policy on what security data can be sent to your chosen AI client and model.

Available tools (hosted)

The hosted server provides read-only tools across the domains below. Your agent calls them automatically based on your questions.

Show hosted tools

Authentication

ToolDescription
get_user_infoShow who you are signed in as and which organization is active

Vulnerabilities (Assess)

ToolDescription
search_vulnerabilitiesSearch vulnerabilities across all applications
search_app_vulnerabilitiesSearch vulnerabilities within a specific application with session filtering
get_vulnerabilityGet detailed vulnerability info including remediation guidance
list_vulnerability_typesList all available vulnerability types for filtering

Applications

ToolDescription
search_applicationsSearch applications by name, tag, or metadata filters
get_session_metadataGet session metadata fields available for an application

Libraries (SCA)

ToolDescription
list_application_librariesList libraries used by an application with class usage statistics and vulnerability counts
list_applications_by_cveFind applications affected by a specific CVE

Protection (ADR/Protect)

ToolDescription
search_attacksSearch attack events with filtering by status, type, and rules
get_protect_rulesGet protection rules configured for an application

Coverage

ToolDescription
get_route_coverageGet route coverage data showing exercised vs discovered routes

SAST (Scan)

ToolDescription
get_scan_projectGet SAST project details and vulnerability counts

Issues, Incidents, and Observations

These tools require the Contrast unified data platform (NorthStar) to be enabled for your organization.

ToolDescription
search_issuesSearch and filter security issues across your organization
get_issueGet full details for a specific issue
get_issue_summaryGet a concise summary of a specific issue
get_issue_countCount issues matching filters without fetching full details
list_issue_incidentsList incidents linked to an issue
list_issues_by_libraryList open issues associated with an application library
search_incidentsSearch and filter incidents
get_incidentGet full details for a specific incident
get_incident_summaryGet a concise summary of a specific incident
list_incident_issuesList issues linked to an incident
get_observationGet full details for a specific observation
list_issue_observationsList observations linked to an issue (cursor-paginated)
list_incident_observationsList observations linked to an incident (cursor-paginated)
get_incident_observation_countCount observations linked to an incident without paging

Local MCP Server

The Local MCP Server is the open-source server in this repository. Your MCP client launches it as a local process over stdio, it authenticates with Contrast API and service keys, and it connects to your own Contrast instance, including on-premises and EOP. Use it when you cannot use the hosted server, or when you need raw SARIF scan output.

Available tools (local)

The Local MCP Server provides 13 tools for security analysis and vulnerability management.

Applications

ToolDescription
search_applicationsSearch applications by name, tag, or metadata filters
get_session_metadataGet session metadata fields available for an application

Vulnerabilities

ToolDescription
search_vulnerabilitiesSearch vulnerabilities across all applications (org-level)
search_app_vulnerabilitiesSearch vulnerabilities within a specific application with session filtering
get_vulnerabilityGet detailed vulnerability info including stack trace and remediation guidance
list_vulnerability_typesList all available vulnerability types for filtering

Libraries (SCA)

ToolDescription
list_application_librariesList libraries used by an application with class usage statistics and vulnerability counts
list_applications_by_cveFind applications affected by a specific CVE

Protection (ADR/Protect)

ToolDescription
search_attacksSearch attack events with filtering by status, type, and rules
get_protect_rulesGet protection rules configured for an application

Coverage

ToolDescription
get_route_coverageGet route coverage data showing exercised vs discovered routes

SAST (Scan)

ToolDescription
get_scan_projectGet SAST project details and vulnerability counts
get_scan_resultsGet SAST scan results in SARIF format

Quick start

Prerequisites

VS Code (GitHub Copilot) - One-Click Install

Install in VS Code

Click the button above to automatically install in VS Code. For manual setup, see the VS Code (GitHub Copilot) Installation Guide.

IntelliJ IDEA (GitHub Copilot)

Add this to your mcp.json configuration file and replace the placeholder values with your Contrast credentials:

{
  "servers": {
    "contrast": {
      "command": "docker",
      "args": [
        "run",
        "-e",
        "CONTRAST_HOST_NAME",
        "-e",
        "CONTRAST_API_KEY",
        "-e",
        "CONTRAST_SERVICE_KEY",
        "-e",
        "CONTRAST_USERNAME",
        "-e",
        "CONTRAST_ORG_ID",
        "-i",
        "--rm",
        "contrast/mcp-contrast:latest",
        "-t",
        "stdio"
      ],
      "env": {
        "CONTRAST_HOST_NAME": "example.contrastsecurity.com",
        "CONTRAST_API_KEY": "example",
        "CONTRAST_SERVICE_KEY": "example",
        "CONTRAST_USERNAME": "[email protected]",
        "CONTRAST_ORG_ID": "example"
      }
    }
  }
}

📖 Full IntelliJ (GitHub Copilot) Installation Guide - Includes step-by-step setup and JAR deployment option

Other AI Assistants

More setup and troubleshooting

Getting the JAR file (download, attestation verification, and build from source), proxy configuration, and troubleshooting have moved to the Local MCP Server guide.

Sample prompts

These prompts work with either server.

For the Developer

Remediate Vulnerabilities in Code

  • Please list vulnerabilities for Application Y.
  • Give me details about vulnerability X in Application Y.
  • Review vulnerability X and fix it.

Third-Party Library Remediation

  • Which libraries in Application X have high or critical vulnerabilities and are actively used?
  • Update library X, which has a critical vulnerability, to the safe version.
  • Which libraries in Application X are not being used?

Retrieve Applications by Tag

  • Please give me the applications tagged with "backend."

Retrieve Applications by Metadata

  • Please give me the applications with metadata "dev-team" and "backend-team."

Retrieve Vulnerabilities by Session Metadata

  • Give me the session metadata for Application X.
  • Give me the vulnerabilities in the latest session for Application X.
  • Give me the vulnerabilities for session metadata "Branch Name" "feature/some-new-fix" for Application X.
  • Give me the route coverage for the latest session for Application X.
  • Give me the route coverage for session metadata "Branch Name" "feature/some-new-fix" for Application X.

For the Security Professional

  • Please give me a breakdown of applications and servers vulnerable to CVE-xxxx-xxxx.
  • Please list the libraries for the application named xxx and tell me what version of commons-collections is being used.
  • Which vulnerabilities in Application X are being blocked by a Protect or ADR rule?

Data privacy

The Contrast MCP Server provides a bridge between your Contrast Data and the AI Agent/LLM of your choice. By using Contrast's MCP server you will be providing your Contrast Data to your AI Agent/LLM, it is your responsibility to ensure that the AI Agent/LLM you use complies with your data privacy policy. Depending on what questions you ask the following information will be provided to your AI Agent/LLM.

  • Application Details
  • Application Rule configuration
  • Vulnerability Details
  • Route Coverage data
  • ADR/Protect Attack Event Details

Changelog

See CHANGELOG.md for the complete release history, including breaking changes and new features.