QNSP
Start building free
Why QNSP
Why Post-Quantum NowWhat Sets QNSP ApartVet PQC Vendors
Platform
Platform ArchitectureWhat You Can BuildAI Assistants (MCP)
PricingDevelopersUse Cases
Resources
Knowledge BasePerformance BenchmarksResearchSystem StatusQNSP vs AWS KMSQNSP vs HashiCorp Vault
ContactStart building free

Model Context Protocol

Add quantum-safe security to your AI assistant in under a minute.

GAFree with any plan

@qnsp/mcp-server is the official Model Context Protocol bridge for QNSP. It exposes 15 tenant-scoped tools — vault, KMS, audit, search, crypto-inventory, billing, platform health — to any MCP-speaking agent: Claude Desktop, ChatGPT, Cursor, Windsurf, plus any custom agent built on the MCP SDK.

15MCP tools
4Compatible agents (and counting)
30sSetup time
FreeOn every plan
Get a free API key@qnsp/mcp-server on npm →

Claude Desktop

Add QNSP to Claude in 3 steps

  1. Get a free API key. Sign in at cloud.qnsp.cuilabs.io/auth, then go to Settings → API Keys → New API Key. Copy the qnsp_pqc_… token that appears once.
  2. Open ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows). Add the QNSP entry under mcpServers:
    {
  "mcpServers": {
    "qnsp": {
      "command": "npx",
      "args": ["-y", "@qnsp/mcp-server"],
      "env": {
        "QNSP_API_KEY": "qnsp_pqc_..."
      }
    }
  }
}
  3. Restart Claude Desktop. You'll see a 🔌 icon in the input area; click it to confirm qnsp is connected. All 15 tools are now callable: try "List my QNSP vault secrets" or "Generate an ML-KEM-768 key in QNSP".

Cursor · Windsurf

Same config, different file path

Cursor and Windsurf both speak MCP and accept the same JSON shape — just put it in the IDE's MCP config file:

# Cursor / Windsurf settings (.cursor/mcp.json or .windsurf/mcp.json)

{
  "mcpServers": {
    "qnsp": {
      "command": "npx",
      "args": ["-y", "@qnsp/mcp-server"],
      "env": { "QNSP_API_KEY": "qnsp_pqc_..." }
    }
  }
}

ChatGPT

Custom MCP connector

ChatGPT (Pro, Team, Enterprise) supports custom MCP connectors. In Settings → Connectors → Custom, point at the @qnsp/mcp-server hosted endpoint or run it locally with stdio transport.

What the agent can do

15 QNSP tools, tenant-scoped, audit-trailed

Every call the agent makes is gated by the same activation handshake, crypto-policy, and entitlement checks as a direct API call. Nothing the agent does is invisible to the audit chain.

qnsp_kms_generate_key

KMS

Generate a new PQC key (ML-KEM or ML-DSA) under the agent's tenant scope.

qnsp_kms_list_keys

KMS

List the tenant's PQC keys with algorithm, status, and rotation date.

qnsp_kms_get_key

KMS

Fetch metadata for a specific key id (no private key material).

qnsp_kms_rotate_key

KMS

Rotate a key, bumping its version while keeping prior versions for legacy reads.

qnsp_vault_create_secret

Vault

Create a PQC-encrypted secret with optional metadata.

qnsp_vault_get_secret

Vault

Retrieve a secret by id (returns encrypted payload + metadata).

qnsp_vault_list_secrets

Vault

Enumerate the tenant's secrets, paginated.

qnsp_crypto_scan

Crypto Inventory

Trigger a discovery scan over a configured scope (codebase, infra, etc.).

qnsp_crypto_inventory

Crypto Inventory

Read the current Cryptographic Bill of Materials (CBOM) for the tenant.

qnsp_crypto_readiness

Crypto Inventory

Compute the tenant's PQC migration readiness score.

qnsp_audit_query

Audit

Query the tamper-evident audit chain by topic, source service, and time window.

qnsp_search_query

Search

Run an encrypted-vector or keyword search against the tenant's indexes.

qnsp_tenant_info

Tenant

Read tenant metadata, tier, crypto policy, and current quotas.

qnsp_billing_status

Billing

Read the tenant's entitlements, usage meters, and credit balance.

qnsp_platform_health

Platform

Aggregate health snapshot of all 18 QNSP backend services via the edge gateway.

Why this matters

Quantum-safe security primitives, native in agent workflows

AI agents need vaults too

Agents that handle real customer data can't keep API keys, PHI, or PII in plaintext context windows. The MCP server makes QNSP's PQC vault a first-class agent capability — 'store this securely' becomes one tool call.

Audit trails for non-determinism

Every agent action that touches QNSP is signed and chained in the audit log. When an agent deletes the wrong key or scans the wrong scope, the post-mortem is one query — no log scraping across 5 services.

Crypto inventory on demand

Ask Claude to scan your codebase and surface every classical crypto primitive that needs PQC migration. The MCP server kicks off the discovery run; the agent renders the CBOM as a Markdown table.

Tenant-scoped by construction

The agent's API key resolves to a single tenant. There's no 'pick a tenant' confusion or cross-tenant leak risk. Free-tier keys get free-tier limits; enterprise keys get enterprise capabilities.