Safeguard.sh Documentation Center
MCP Integrations

Claude

Connect Safeguard's MCP server to Claude (Claude.ai and Claude Desktop) to query your software supply chain security in natural language.

Safeguard ships its own remote MCP (Model Context Protocol) server, so you can connect Claude by Anthropic directly to your software supply chain security data and ask questions in plain language. The Claude connector URL is https://mcp.safeguard.sh/mcp/anthropic — our MCP endpoint purpose-built for Claude. Once connected, Claude can query your vulnerabilities, SBOMs, packages, licenses, findings, and compliance data, generate AI remediation plans, compare SBOMs, manage SCM integrations, and enforce policy gates — all through a connector named Safeguard Security. The server exposes 190+ tools and also supports MCP resources and prompts.

What you can do

  • Query vulnerabilities, SBOMs, packages, licenses, findings, and compliance data across your tenant.
  • Generate AI-powered remediation plans for npm, pip, Maven, Go, and Cargo projects.
  • Compare SBOMs in both CycloneDX and SPDX formats.
  • Manage SCM integrations: GitHub, GitLab, Bitbucket, and Azure DevOps.
  • Run risk scoring and compliance reporting.
  • Enforce policy-gate checks for deployment readiness.

Connect

  1. Create your Safeguard account at https://app.safeguard.sh — or sign in if you already have one.
  2. In Claude, open Settings, then Connectors, then Add custom connector.
  3. Enter these details — Name: Safeguard Security, URL: https://mcp.safeguard.sh/mcp/anthropic.
  4. Claude will ask you to authenticate — sign in to Safeguard and click Approve.
  5. That's it — Safeguard's 190+ security tools are now available to Claude. Start asking questions.

For Claude Desktop, add the following to your claude_desktop_config.json. Claude Desktop reaches the remote server through the mcp-remote bridge, which it launches with npx:

{
  "mcpServers": {
    "safeguard": {
      "command": "npx",
      "args": ["-y", "mcp-remote", "https://mcp.safeguard.sh/mcp/anthropic"],
      "env": { "SAFEGUARD_API_KEY": "<your-api-key>" }
    }
  }
}

Replace <your-api-key> with a key generated from https://app.safeguard.sh/settings/api-keys, then restart Claude Desktop.

Authentication

You need a Safeguard account first. If you don't have one, create it at https://app.safeguard.sh — sign-up takes a minute. The Safeguard MCP server supports two authentication methods:

  • OAuth 2.0 — recommended for Claude.ai (web). When you add the Safeguard Security connector, Claude redirects you to Safeguard; you sign in (or create your account) and click Approve to grant access. No keys to copy.
  • API key — recommended for Claude Desktop and headless setups. From your account, generate a key at https://app.safeguard.sh/settings/api-keys and supply it via the SAFEGUARD_API_KEY environment variable shown above.

Example prompts

List my security projects
Find critical vulnerabilities
Show me all SBOMs
Generate a remediation plan for my npm project
Which packages violate my license policy?

Endpoints

EndpointURL
Claude connector URLhttps://mcp.safeguard.sh/mcp/anthropic
API keyshttps://app.safeguard.sh/settings/api-keys
Safeguard accounthttps://app.safeguard.sh

MCP Integrations

Connect Safeguard's MCP server to your AI assistant.

ChatGPT (OpenAI)

Connect Safeguard to ChatGPT with a Custom GPT Action, or via the OpenAI MCP endpoint.

On this page

What you can doConnectAuthenticationExample promptsEndpoints