How to integrate Securitytrails MCP with Claude Agent SDK

This guide walks you through connecting Securitytrails to the Claude Agent SDK using the Composio tool router. By the end, you'll have a working Securitytrails agent that can show all ips linked to acme.com, fetch ssl certificate history for example.com, run sql query for hosts in 192.168.0.0/16 through natural language commands. This guide will help you understand how to give your Claude Agent SDK agent real control over a Securitytrails account through Composio's Securitytrails MCP server. Before we dive in, let's take a quick look at the key ideas and tools involved.

Get started for freeGet a demo
Securitytrails logoSecuritytrails
Api Key

Securitytrails is a leading domain and IP intelligence platform offering real-time and historical DNS, WHOIS, and cyber threat data. It helps security teams quickly investigate, monitor, and defend against threats using comprehensive internet asset visibility.

12 Tools

Introduction

This guide walks you through connecting Securitytrails to the Claude Agent SDK using the Composio tool router. By the end, you'll have a working Securitytrails agent that can show all ips linked to acme.com, fetch ssl certificate history for example.com, run sql query for hosts in 192.168.0.0/16 through natural language commands.

This guide will help you understand how to give your Claude Agent SDK agent real control over a Securitytrails account through Composio's Securitytrails MCP server.

Before we dive in, let's take a quick look at the key ideas and tools involved.

Also integrate Securitytrails with

OpenAI Agents SDKClaude CodeClaude CoworkCodexOpenClawHermesCLIGoogle ADKLangChainVercel AI SDKMastra AILlamaIndexCrewAI

TL;DR

Here's what you'll learn:
  • Get and set up your Claude/Anthropic and Composio API keys
  • Install the necessary dependencies
  • Initialize Composio and create a Tool Router session for Securitytrails
  • Configure an AI agent that can use Securitytrails as a tool
  • Run a live chat session where you can ask the agent to perform Securitytrails operations

What is Claude Agent SDK?

The Claude Agent SDK is Anthropic's official framework for building AI agents powered by Claude. It provides a streamlined interface for creating agents with MCP tool support and conversation management.

Key features include:

  • Native MCP Support: Built-in support for Model Context Protocol servers
  • Permission Modes: Control tool execution permissions
  • Streaming Responses: Real-time response streaming for interactive applications
  • Context Manager: Clean async context management for sessions

What is the Securitytrails MCP server, and what's possible with it?

The Securitytrails MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Securitytrails account. It provides structured and secure access to domain and IP intelligence data, so your agent can perform actions like retrieving domain details, analyzing IP associations, running custom SQL queries, and managing static asset rules on your behalf.

  • Domain and DNS intelligence: Instantly fetch detailed information about any domain, including current DNS record statistics and associated data for robust cybersecurity analysis.
  • SSL certificate retrieval: Access current and historical SSL certificate details for any hostname, helping you track certificate changes or potential vulnerabilities over time.
  • IP and company association search: Discover all IP addresses linked to a specific company domain, or run advanced IP searches using custom DSL queries for threat hunting and investigation.
  • Automated SQL-powered investigations: Execute SQL queries across hosts and IPs to extract targeted intelligence and spot trends or anomalies in your attack surface data.
  • Bulk static asset management: Add, update, or remove up to 1000 static asset rules at once to quickly adapt your security policies across projects.

What is the Composio tool router, and how does it fit here?

What is Composio SDK?

Composio's Composio SDK helps agents find the right tools for a task at runtime. You can plug in multiple toolkits (like Gmail, HubSpot, and GitHub), and the agent will identify the relevant app and action to complete multi-step workflows. This can reduce token usage and improve the reliability of tool calls. Read more here: Getting started with Composio SDK

The tool router generates a secure MCP URL that your agents can access to perform actions.

How the Composio SDK works

The Composio SDK follows a three-phase workflow:

  1. Discovery: Searches for tools matching your task and returns relevant toolkits with their details.
  2. Authentication: Checks for active connections. If missing, creates an auth config and returns a connection URL via Auth Link.
  3. Execution: Executes the action using the authenticated connection.

Step-by-step Guide

Step by step09 STEPS
1

Prerequisites

Before starting, make sure you have:
  • Composio API Key and Claude/Anthropic API Key
  • Primary know-how of Claude Agents SDK
  • A Securitytrails account
  • Some knowledge of Python
2

Getting API Keys for Claude/Anthropic and Composio

Claude/Anthropic API Key
  • Go to the Anthropic Console and create an API key. You'll need credits to use the models.
  • Keep the API key safe.
Composio API Key
  • Log in to the Composio dashboard.
  • Navigate to your API settings and generate a new API key.
  • Store this key securely as you'll need it for authentication.
3

Install dependencies

npm install @anthropic-ai/claude-agent-sdk @composio/core dotenv

Install the Composio SDK and the Claude Agents SDK.

What's happening:

  • @composio/core provides Composio integration for Anthropic
  • @anthropic-ai/claude-agent-sdk is the core agent framework
  • dotenv/config loads environment variables
4

Set up environment variables

bash
COMPOSIO_API_KEY=your_composio_api_key_here
USER_ID=your_user_id_here
ANTHROPIC_API_KEY=your_anthropic_api_key_here

Create a .env file in your project root.

What's happening:

  • COMPOSIO_API_KEY authenticates with Composio
  • USER_ID identifies the user for session management
  • ANTHROPIC_API_KEY authenticates with Anthropic/Claude
5

Import dependencies

import 'dotenv/config';
import readline from 'node:readline';
import { Composio } from '@composio/core';
import { query, type Options } from "@anthropic-ai/claude-agent-sdk";

dotenv.config();
What's happening:
  • We're importing all necessary libraries including the Claude Agent SDK and Composio
  • The dotenv.config() function loads environment variables from your .env file
  • This setup prepares the foundation for connecting Claude with Securitytrails functionality
6

Create a Composio instance and Tool Router session

async function chat() {
  const { COMPOSIO_API_KEY, USER_ID } = process.env;
  if (!COMPOSIO_API_KEY || !USER_ID) {
    throw new Error('COMPOSIO_API_KEY and USER_ID required in .env');
  }

  const composio = new Composio({ apiKey: COMPOSIO_API_KEY });

  // Create Tool Router session for Securitytrails
  const session = await composio.create(USER_ID, {
    toolkits: ['securitytrails'],
  });
  const mcpUrl = session?.mcp.url;
What's happening:
  • The function checks for the required COMPOSIO_API_KEY environment variable
  • We're creating a Composio instance using our API key
  • The create method creates a Tool Router session for Securitytrails
  • The returned url is the MCP server URL that your agent will use
7

Configure Claude Agent with MCP

const options: Options = {
  permissionMode: 'bypassPermissions',
  mcpServers: {
    composio: {
      type: 'http',
      url: mcpUrl,
      headers: { 'x-api-key': COMPOSIO_API_KEY }
    }
  },
  systemPrompt: 'You are a helpful assistant with access to Securitytrails tools via Composio.',
  maxTurns: 10,
};
What's happening:
  • We're configuring the Claude Agent options with the MCP server URL
  • permissionMode: 'bypassPermissions' allows the agent to execute operations without asking for permission each time
  • The system prompt instructs the agent that it has access to Securitytrails
  • maxTurns: 10 limits the conversation length to prevent excessive API usage
8

Create client and start chat loop

const rl = readline.createInterface({
    input: process.stdin,
    output: process.stdout,
    prompt: 'You: '
  });

  console.log('\nChat started. Type "exit" to quit.\n');

  let isProcessing = false;

  async function ask(prompt: string) {
    isProcessing = true;
    rl.pause();

    process.stdout.write('Claude is thinking...');
    const stream = query({ prompt, options });

    let firstChunk = true;
    for await (const msg of stream) {
      const content = (msg as any).message?.content || (msg as any).content;
      if (Array.isArray(content)) {
        for (const block of content) {
          if (block.type === 'text' && block.text) {
            if (firstChunk) {
              process.stdout.write('\r\x1b[K');
              process.stdout.write('Claude: ');
              firstChunk = false;
            }
            process.stdout.write(block.text);
          }
        }
      }
    }
    process.stdout.write('\n\n');

    isProcessing = false;
    rl.resume();
    rl.prompt();
  }

  rl.on('line', async (line) => {
    if (isProcessing) return;

    const input = line.trim();
    if (input === 'exit') {
      rl.close();
      process.exit(0);
    }
    if (input) await ask(input);
    else rl.prompt();
  });

  await ask('What can you help me with?');
}
What's happening:
  • The readline interface is created to handle user input and output
  • The query function is used to send the user's input to the agent
  • The chat loop continues until the user types 'exit' or 'quit'
9

Run the application

try {
  await chat();
} catch (error) {
  console.error(error);
  process.exit(1);
}
What's happening:
  • The chat function is the entry point for the application
  • The try-catch block is used to handle any errors that occur

Complete Code

Here's the complete code to get you started with Securitytrails and Claude Agent SDK:

import 'dotenv/config';
import readline from 'node:readline';
import { Composio } from '@composio/core';
import { query, type Options } from "@anthropic-ai/claude-agent-sdk";

async function chat() {
  const { COMPOSIO_API_KEY, USER_ID } = process.env;
  if (!COMPOSIO_API_KEY || !USER_ID) {
    throw new Error('COMPOSIO_API_KEY and USER_ID required in .env');
  }

  const composio = new Composio({ apiKey: COMPOSIO_API_KEY });
  const session = await composio.create(USER_ID, {
    toolkits: ['securitytrails']
  });
  const mcp_url = session?.mcp.url;

  const options: Options = {
    permissionMode: 'bypassPermissions',
    mcpServers: {
      composio: {
        type: 'http',
        url: mcp_url,
        headers: { 'x-api-key': COMPOSIO_API_KEY }
      }
    },
    systemPrompt: 'You are a helpful assistant with access to Securitytrails tools via Composio.',
    maxTurns: 10,
  };

  const rl = readline.createInterface({
    input: process.stdin,
    output: process.stdout,
    prompt: 'You: '
  });

  console.log('\nChat started. Type "exit" to quit.\n');

  let isProcessing = false;

  async function ask(prompt: string) {
    isProcessing = true;
    rl.pause();

    process.stdout.write('Claude is thinking...');
    const stream = query({ prompt, options });

    let firstChunk = true;
    for await (const msg of stream) {
      const content = (msg as any).message?.content || (msg as any).content;
      if (Array.isArray(content)) {
        for (const block of content) {
          if (block.type === 'text' && block.text) {
            if (firstChunk) {
              process.stdout.write('\r\x1b[K');
              process.stdout.write('Claude: ');
              firstChunk = false;
            }
            process.stdout.write(block.text);
          }
        }
      }
    }
    process.stdout.write('\n\n');

    isProcessing = false;
    rl.resume();
    rl.prompt();
  }

  rl.on('line', async (line) => {
    if (isProcessing) return;

    const input = line.trim();
    if (input === 'exit') {
      rl.close();
      process.exit(0);
    }
    if (input) await ask(input);
    else rl.prompt();
  });

  await ask('What can you help me with?');
}

try {
  await chat();
} catch (error) {
  console.error(error);
  process.exit(1);
}

Conclusion

You've successfully built a Claude Agent SDK agent that can interact with Securitytrails through Composio's Tool Router.

Key features:

  • Native MCP support through Claude's agent framework
  • Streaming responses for real-time interaction
  • Permission bypass for smooth automated workflows
You can extend this by adding more toolkits, implementing custom business logic, or building a web interface around the agent.
TOOLS

Supported Tools

Every Securitytrails action and event your agent gets out of the box.

Bulk Static Asset Rules

Bulk add or remove static asset rules for a SecurityTrails ASI project.

Get Company Associated IPs

Tool to retrieve IPs associated with a company domain.

Get Domain Details

Retrieves comprehensive domain information from SecurityTrails including current DNS records, infrastructure details, and statistics.

Get Domain SSL

Tool to fetch current and historical SSL certificate details for a hostname.

IP Search Statistics

Fetch aggregated statistics for IP addresses matching a DSL query.

List ASI Projects

Tool to list ASI projects available to the account.

Ping

Tool to test authentication and connectivity with the SecurityTrails API.

Scroll Results

Tool to continue scrolling through DSL search results.

Search IPs

Tool to search IP addresses via SecurityTrails DSL.

SQL API Execute Query

Execute SQL-like queries against SecurityTrails data.

SQL API Scroll Results

Tool to fetch next page of SQL query results.

Temp Scrape Securitytrails Usage

Retrieve account usage information from the SecurityTrails API.

FRAMEWORKS

How to build Securitytrails MCP Agent with another framework

OpenAI Agents SDK logo

OpenAI Agents SDK

Use Securitytrails MCP with OpenAI Agents SDK

Claude Code logo

Claude Code

Use Securitytrails MCP with Claude Code

Claude Cowork logo

Claude Cowork

Use Securitytrails MCP with Claude Cowork

Codex logo

Codex

Use Securitytrails MCP with Codex

OpenClaw logo

OpenClaw

Use Securitytrails MCP with OpenClaw

Hermes logo

Hermes

Use Securitytrails MCP with Hermes

CLI logo

CLI

Use Securitytrails MCP with CLI

Google ADK logo

Google ADK

Use Securitytrails MCP with Google ADK

LangChain logo

LangChain

Use Securitytrails MCP with LangChain

Vercel AI SDK logo

Vercel AI SDK

Use Securitytrails MCP with Vercel AI SDK

Mastra AI logo

Mastra AI

Use Securitytrails MCP with Mastra AI

LlamaIndex logo

LlamaIndex

Use Securitytrails MCP with LlamaIndex

CrewAI logo

CrewAI

Use Securitytrails MCP with CrewAI

FAQ

Frequently asked questions

With a standalone Securitytrails MCP server, the agents and LLMs can only access a fixed set of Securitytrails tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Securitytrails and many other apps based on the task at hand, all through a single MCP endpoint.

Yes, you can. Claude Agent SDK fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Securitytrails tools.

Yes, absolutely. You can configure which Securitytrails scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do.

All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Securitytrails data and credentials are handled as safely as possible.

Start with Securitytrails.It takes 30 seconds.

Managed auth, hosted MCP servers, and every Securitytrails tool your agent needs.Free to start.

Start building
Customer stories

Teams ship real agents on Composio

GET STARTED FOR FREEBOOK A DEMO
agent.aiZoomLettaGleanHubSpotAWSWabi

Karan skipped his own birthday party to fix our critical issue. It was 10pm and he diverted his Waymo to help us instead. This really sets the bar — it shows the commitment you need when users rely on your software.

Harsha Gaddipati
Harsha Gaddipati
Co-founder, Slashy

A lot of students tell us that the moment their connected tools start talking to each other inside Opennote feels almost magical. The agent just knows them, and it's immensely helped keep new users on the platform.

Abhi Arya
Abhi Arya
Co-founder, Opennote

We chose Composio over Pipedream because it delivered depth where it mattered — niche tools and tricky edge cases other platforms simply ignored. That gave us confidence to scale without compromising.

Nirman Dave
Nirman Dave
CEO, Zams

As a solo builder, shipping fast is life or death. The only way I can outcompete incumbents is by outmanoeuvring them. Getting bogged down managing agent auth would have been a death sentence.

Ryan Yu
Ryan Yu
Founder, Extra Thursday

Before Composio, adding tool integrations was slow and resource-intensive. Each one could take weeks of engineering time, and maintaining them meant constantly keeping up with API changes.

Tomisin Jenrola
Tomisin Jenrola
Founder & CEO, SwarmZero

With hands-on help from their founder, we integrated Gmail and Google Drive in just 30 minutes. This level of personal support and commitment is exactly what startups should strive for.

Jerome Leclanche
Jerome Leclanche
Co-Founder, Ingram Technologies