Skip to main content
This walks you from nothing to a security assessment on one of your agents, driving Enoki from Claude Code over MCP. Using Cursor or another client instead? The steps are the same — see Connect your agent for its config.
1

Mint an API key

In app.enokilabs.aiSettings → API Keys, create a key with the read and write scopes (add test:run to trigger assessments). Copy it — it’s shown once. Details: API keys & scopes.
2

Connect Claude Code

Add the Enoki MCP server, with your key as a Bearer token:
Run /mcp in a session to confirm the Enoki tools are connected.
3

Register your target

Ask your agent to register your endpoint as a target. It should call get_setup_guide for the config reference, then create_target — which fires one live probe and only saves the target if it succeeds. On a failure it returns a categorized reason (unreachable / auth_failed / parse_error) so you can adjust and retry.
4

Run an assessment

With the target’s model_id, call trigger_assessment to start a run, then poll get_assessment_status until it’s complete. See what we test for.
5

Read and fix findings

Pull results with list_findings and get_finding (which includes the repro). Once you’ve fixed one, close_finding it and run validate_fix to re-run its attacks and confirm the fix holds.

Next steps

MCP tool reference

Every tool, grouped by area, with the scope each needs.

REST API

Drive the same flow from CI/CD or your own code.