Stats
Actions
Available In
Tags
What's Inside
Skills3
Steps
/fix-test
Fix a failing Vanta compliance test by generating code changes and opening a pull request
Steps
/list-tests
Show failing Vanta compliance tests, prioritized by what can be fixed from this repository
Vanta Test Remediation
/test-remediation
Fix failing Vanta compliance tests using code. Apply when the user mentions Vanta tests, compliance test failures, remediation, test IDs (e.g., "cloudtrail-log-file-validation"), Vanta URLs (app.vanta.com), or compliance frameworks (SOC 2, ISO 27001, HIPAA).
README
Vanta Plugin for Claude Code
This repository provides an official Claude Code plugin that connects Claude to the Vanta MCP Server, giving you access to Vanta's security and compliance tools directly inside your Claude Code sessions.
[!NOTE]
Vanta’s remote MCP server is currently in beta and released to all customers. Before connecting, confirm the following:Vanta role: You must be a Vanta Admin. The MCP server is not currently accessible to non-Admin users. Access for non-admin users is coming soon.
Features
Vanta MCP Server
Claude Code automatically connects to Vanta's hosted MCP server for your region:
# US
https://mcp.vanta.com/mcp
# EU
https://mcp.eu.vanta.com/mcp
# Aus
https://mcp.aus.vanta.com/mcp
This gives Claude tools to:
- Remediate failing tests — list failing compliance tests, inspect which entities are out of scope, and get the context needed to fix them
- Manage controls — browse controls and their framework mappings, list associated tests, and access linked evidence documents
- Assess vendor risk — review vendors, run security assessments, manage risk attributes, and track compliance documentation
- Track vulnerabilities — surface vulnerable assets, and monitor remediation progress
- Govern policies — list, download, and upload policy documents across your compliance program
- Analyze compliance gaps — enumerate framework requirements and identify coverage gaps across SOC 2, ISO 27001, and more
Slash Commands
| Command | Description |
|---|---|
/vanta:fix-test <test-id or URL> | Fix a failing test by generating IaC changes and opening a PR |
/vanta:list-tests | Show failing tests prioritized by what you can fix from this repo |
Installation (Claude Code)
1. Update the official marketplace
/plugin marketplace update anthropics/claude-plugins-official
This ensures you have the latest plugin listings from the official Claude Code marketplace.
2. Install the plugin
/plugin install vanta-mcp-plugin@claude-plugins-official
3. Reload plugins
/reload-plugins
This loads the plugin and starts the MCP server without restarting Claude Code.
4. Authenticate
In Claude Code, run /mcp and select vanta-* for your region. A browser window will open in your Vanta app — click Allow to complete OAuth authorization.
Manual Setup
For detailed setup instructions across Claude Code, Cursor, and Perplexity, see the Connecting to Vanta MCP guide.
Authentication
All integrations use OAuth against the MCP server. No API keys or tokens to manage.
Resources
- Connecting to Vanta MCP — setup guide for Claude Code, Cursor, and Perplexity
- Vanta documentation
- Report an issue
License
This project is licensed under the terms of the MIT open source license. Please refer to LICENSE file for details.
Stats
Version1.0.0
Stars5
Forks3
Copy clicks1
MaintenanceExcellent
LicenseMIT
Last Commit
Added
Safety Signals
Caution
External network access
Connects to servers outside your machine
