Update README.md

README.md

@@ -13,6 +13,9 @@ tags:
   - mcp-in-action-track-enterprise
   - mcp-in-action-track-consumer
   - mcp-in-action-track-creative
+  - building-mcp-track-enterprise
+  - building-mcp-track-consumer
+  - building-mcp-track-creative
 thumbnail: >-
   https://cdn-uploads.huggingface.co/production/uploads/66d9b98cec009ab887601d00/2x4OCbl46kVrGOh1a2S4z.png
 ---
@@ -414,4 +417,106 @@ Built for **MCP's 1st Birthday Hackathon** hosted by **Anthropic** and **Gradio*
 - [Chroma](https://www.trychroma.com/)
 - [Nebius Token Factory](https://nebius.com/)
 
+
+# VAPT Agent MCP Server
+
+This Gradio application has been integrated with **Model Context Protocol (MCP)** to enable AI assistants and other MCP clients to interact with the VAPT (Vulnerability Assessment and Penetration Testing) agent programmatically.
+
+## MCP Server Overview
+
+The MCP server exposes the VAPT agent's functionality through a standardized interface, allowing AI assistants like Claude to perform security testing and receive guidance directly.
+
+**MCP Server URL**: `http://<ip>:<port>/gradio_api/mcp/`
+
+### Available MCP Tools
+
+The server provides **4 MCP tools**:
+
+1. **`run_security_test`** - Execute a security test on an API endpoint
+   - Parameters:
+     - `api_endpoint` (string): The target API endpoint URL
+     - `http_method` (string): HTTP method (GET, POST, PUT, DELETE, etc.)
+     - `api_key` (string): API authentication key
+   - Returns: Progress updates, vulnerability report markdown, report file path, and button state
+
+2. **`update_dashboard`** - Update the security dashboard
+   - Parameters:
+     - `report_md` (string): Report markdown content
+   
+3. **`tutor_respond`** - Get security guidance from the AI tutor
+   - Parameters:
+     - `question` (string): Security-related question
+     - `history` (array): Conversation history
+     - `report_md` (string): Current report markdown for context
+   - Note: If passing a file as input, use the `upload_file_to_gradio` tool first
+
+## Configuration
+
+### Streamable HTTP Transport
+
+For MCP clients that support Streamable HTTP, add this configuration:
+
+```json
+{
+  "mcpServers": {
+    "gradio": {
+      "url": "http://<ip>:<port>/gradio_api/mcp/"
+    },
+    "upload_files_to_gradio": {
+      "command": "uvx",
+      "args": [
+        "--from",
+        "gradio[mcp]",
+        "gradio",
+        "upload-mcp",
+        "http://<ip>:<port>/",
+        "<UPLOAD_DIRECTORY>"
+      ]
+    }
+  }
+}
+```
+
+### STDIO Transport
+
+For clients like Claude Desktop that only support STDIO, first [install Node.js](https://nodejs.org/en/download/), then use:
+
+```json
+{
+  "mcpServers": {
+    "gradio": {
+      "command": "npx",
+      "args": [
+        "mcp-remote",
+        "http://<ip>:<port>/gradio_api/mcp/",
+        "--transport",
+        "streamable-http"
+      ]
+    },
+    "upload_files_to_gradio": {
+      "command": "uvx",
+      "args": [
+        "--from",
+        "gradio[mcp]",
+        "gradio",
+        "upload-mcp",
+        "http://<ip>:<port>/",
+        "<UPLOAD_DIRECTORY>"
+      ]
+    }
+  }
+}
+```
+
+### File Upload Support
+
+The `upload_files_to_gradio` tool uploads files from your local `<UPLOAD_DIRECTORY>` (or any subdirectories) to the Gradio app. This is required because MCP servers need files as URLs. You can omit this tool if you prefer manual file uploads.
+
+**Requirements**: [uv](https://docs.astral.sh/uv/getting-started/installation/) must be installed.
+
+## Resources
+
+- [Gradio MCP Documentation](https://www.gradio.app/guides/building-mcp-server-with-gradio)
+- [Hugging Face Spaces Configuration](https://huggingface.co/docs/hub/spaces-config-reference)
+
 ---