Claude Integration

Safeguard ships its own remote MCP (Model Context Protocol) server, so you can connect Claude by Anthropic directly to your software supply chain security data and ask questions in plain language. The Claude connector URL is https://mcp.safeguard.sh/mcp/anthropic — our MCP endpoint purpose-built for Claude. Once connected, Claude can query your vulnerabilities, SBOMs, packages, licenses, findings, and compliance data, generate AI remediation plans, compare SBOMs, manage SCM integrations, and enforce policy gates — all through a connector named Safeguard Security. The server exposes 190+ tools and also supports MCP resources and prompts.

What you can do

• Query vulnerabilities, SBOMs, packages, licenses, findings, and compliance data across your tenant.
• Generate AI-powered remediation plans for npm, pip, Maven, Go, and Cargo projects.
• Compare SBOMs in both CycloneDX and SPDX formats.
• Manage SCM integrations: GitHub, GitLab, Bitbucket, and Azure DevOps.
• Run risk scoring and compliance reporting.
• Enforce policy-gate checks for deployment readiness.
• Operate across multiple tenants (multi-tenant support).

Connect from Claude.ai (web)

1. Create your Safeguard account at https://app.safeguard.sh — or sign in if you already have one.
2. In Claude, open Settings → Connectors → Add custom connector.
3. Enter these details — Name: Safeguard Security, URL: https://mcp.safeguard.sh/mcp/anthropic.
4. Claude will ask you to authenticate — sign in to Safeguard and click Approve.
5. That's it — Safeguard's 190+ security tools are now available to Claude. Start asking questions.

Connect from Claude Desktop

Safeguard's MCP server is a remote server. Claude Desktop reaches it through the mcp-remote bridge, which Claude Desktop launches with npx. Add the following to your claude_desktop_config.json:

{
  "mcpServers": {
    "safeguard": {
      "command": "npx",
      "args": ["-y", "mcp-remote", "https://mcp.safeguard.sh/mcp/anthropic"],
      "env": { "SAFEGUARD_API_KEY": "<your-api-key>" }
    }
  }
}

Replace <your-api-key> with a key generated from https://app.safeguard.sh/settings/api-keys, then restart Claude Desktop.

Authentication

You need a Safeguard account first. If you don't have one, create it at https://app.safeguard.sh — sign-up takes a minute. Once you have an account, connecting is just a matter of approving access when Claude asks; there's nothing else to configure.

The Safeguard MCP server supports two authentication methods:

• OAuth 2.0 — recommended for Claude.ai (web). When you add the Safeguard Security connector, Claude redirects you to Safeguard; you sign in (or create your account) and click Approve to grant access. No keys to copy — once approved, you're connected.
• API key — recommended for Claude Desktop and headless setups. From your account, generate a key at https://app.safeguard.sh/settings/api-keys and supply it (for example, via the SAFEGUARD_API_KEY environment variable shown above, or by pasting it when adding the connector on the web).

Example prompts

List my security projects
Find critical vulnerabilities
Show me all SBOMs
Generate a remediation plan for my npm project
Which packages violate my license policy?

Other AI assistants

The same MCP server (and a REST/OpenAPI surface) lets you bring Safeguard into other assistants too:

Endpoints