Getting started with the CAST Imaging on Cloud MCP Server
Overview
These instructions explain how to configure GitHub Copilot to interact with CAST Imaging on Cloud’s dedicated MCP server, enabling you to quickly obtain AI-generated insights about your applications.
Prerequisites
- An active CAST Imaging on Cloud subscription
- Your personal API key (obtain from your CAST Imaging on Cloud dashboard):
Setup instructions for GitHub Copilot for Visual Studio Code
Step 1 - Initial configuration
- Install the GitHub Copilot extension (see https://marketplace.visualstudio.com/items?itemName=GitHub.copilot ) in Visual Studio Code.
- Ensure you are signed in to GitHub and clone the repository you need to work with.
- Create an
mcp.jsonconfiguration file and place it in the.vscode/folder for your Visual Studio Code workspace. Themcp.jsonmust use the following template:
{
"inputs": [
{
"id": "imaging-key",
"type": "promptString",
"description": "CAST Imaging on Cloud API Key"
}
],
"servers": {
"CASTImaging": {
"type": "http",
"url": "https://castimaging.io/imaging/mcp/",
"headers": {
"x-api-key": "${input:imaging-key}"
}
}
}
}
Step 2 - Verify the connection
When the mcp.json file is configured, you can verify the connection:
- Launch Github Copilot
- Enter your CAST Imaging API key when prompted
- Run a test query, for example:
"List all of the apps available"
If configured correctly, your assistant should be able to access your CAST Imaging on Cloud account and respond with your project information, listing all the applications that are available to you.
Example queries
Basic application information
List all applications
Transaction analysis
List all applications transactions
Show 10 transactions for application <YourApp>
Data flow analysis
List available applications datagraphs
Show data graphs for application <YourApp>
Quality insights
List applications insights
Show quality issues for application <YourApp>
Architectural analysis
Analyze the architecture of <YourApp>
Show dependencies for <YourApp>
Available Toolsets
| Toolset | Description |
|---|---|
Portfolio Tools |
Portfolio‑level exploration: list applications, compare metrics, scan hotspots across systems. |
Applications Tools |
Application‑level analysis: transactions, quality issues, datagraphs, architecture. |
Objects Tools |
Object element exploration: locate objects, references, callers/callees. |
Tools
Portfolio
- applications - List the available applications in CAST Imaging
- applications_transactions - Get transactions from all applications with filtering support
- applications_data_graphs - Data entity interaction networks (data graphs) from all applications
- applications_dependencies - Inter-dependencies between all applications
- applications_quality_insights - Quality insights including CVE, cloud detection patterns, and green detection patterns
Applications
- application_database_explorer - Explore database tables and columns in an application
- stats - Get basic statistical information for an application
- architectural_graph - Get architectural graph data (nodes/links) at specific levels (layer, component, sub-component, technology-category, element-type)
- architectural_graph_focus - Get focused architectural graph data for specific areas
- quality_insights - Get quality-related insights (CVE, cloud patterns, green patterns, structural flaws, ISO-5055)
- quality_insight_occurrences - Get specific occurrences of quality insights by ID
- packages - Get package information and dependencies
- package_interactions - Get interactions with specific packages by component and version
- transactions - Get transactions with optional filtering by name, fullname, or type
- transaction_objects_with_insights - Get objects with insights within specific transactions
- transaction_complex_objects - Get complex objects within specific transactions
- transaction_documents - Get documents for specific transactions
- add_transaction_document - Add documentation to specific transactions
- transaction_graph - Get transaction graph data (nodes/links) at different granularity levels
- transaction_graph_focus - Get focused transaction graph data concentrating on complex objects
- data_graphs - Get data entity interaction networks (data graphs) with optional filtering
- data_graph_objects_with_insights - Get objects with insights within specific data graphs
- data_graph_complex_objects - Get complex objects within specific data graphs
- data_graph_documents - Get documents for specific data graphs
- add_datagraph_document - Add documentation to specific data graphs
- data_graph_graph - Get data graph structure (nodes/links) at different granularity levels
- data_graph_graph_focus - Get focused data graph structure concentrating on complex objects
- documents - Find documents about code elements and graphs matching search text (requires IMAGING_CODE=True)
- inter_applications_dependencies - Get inward and outward inter-application dependencies
- inter_app_detailed_dependencies - Get detailed dependencies between two specific applications
Objects
- objects - Get objects in an application matching identification criteria (name, fullname, mangling, type, filepath)
- object_details - Get comprehensive details for objects including properties, relationships, code snippets, and usage statistics
- add_object_document - Add documentation text to a specific object identified by ID
- source_files - Find source files that define code objects matching file path criteria
- source_file_details - Get detailed information about source files and their code elements (inventory, intra, inward, outward, testing)
- transactions_using_object - Get transactions that use objects matching specified criteria
- data_graphs_involving_object - Get data entity interaction networks (data graphs) that involve specific objects
Security best practices
- Never share your API key with others or commit it to version control
- Rotate your API keys regularly through the CAST Imaging on Cloud dashboard
- Revoke unused keys to minimize security risks
- Use separate keys for different applications or team members
Troubleshooting
Connection failure
- Verify your API key is correct and active
- Ensure your network allows connections to CAST Imaging on Cloud
- Review your client’s logs for specific error messages
Slow response times
- Check your internet connection
- Verify the CAST Imaging on Cloud service status
- Consider the size of datasets you’re querying