MCP.so
ログイン

Cloud Audit

@gebalamariusz

Cloud Audit について

Open-source AWS security scanner with Attack Chains, Breach Cost Estimation, and MCP Server. 47 checks across 15 AWS services. Every finding includes copy-paste remediation (CLI + Terraform) and a dollar-risk estimate with verified source. First free standalone AWS security MCP s

基本情報

カテゴリ

開発者ツール

トランスポート

stdio

公開者

gebalamariusz

投稿者

Mariusz Gębala

設定

以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。

{
  "mcpServers": {
    "cloud-audit": {
      "command": "uvx",
      "args": [
        "--from",
        "cloud-audit",
        "cloud-audit-mcp"
      ]
    }
  }
}

ツール

6

Run an AWS security scan and return a summary. Scans your AWS account for security misconfigurations, detects attack chains, and estimates breach cost risk. Args: profile: AWS CLI profile name (default: "default") regions: Comma-separated AWS regions to scan (default: profile region) min_severity: Minimum finding severity: critical, high, medium, low

Get findings from the last scan, optionally filtered. Each finding includes check ID, severity, resource, description, and estimated breach cost. Args: severity: Filter by severity (critical, high, medium, low) service: Filter by AWS service prefix (e.g. "iam", "s3", "ec2", "vpc") limit: Maximum number of findings to return (default: 20)

Get all detected attack chains from the last scan. Attack chains are correlated findings that form exploitable attack paths. Each chain includes a narrative, priority fix, and breach cost estimate.

Get remediation details (CLI command + Terraform code) for a specific check. Returns copy-paste ready AWS CLI command and Terraform HCL snippet to fix the finding. Args: check_id: The check ID (e.g. "aws-iam-001", "aws-s3-001", "aws-vpc-002")

Get the current health score and risk exposure summary. Returns the 0-100 health score, finding counts by severity, attack chain count, and total estimated risk exposure in USD.

List all available security checks (no AWS credentials needed). Returns check IDs with their categories and services.

概要

What is Cloud Audit?

Cloud Audit is an open-source CLI scanner that correlates AWS security findings into attack chains and provides copy-paste remediation in AWS CLI and Terraform. It is built for security engineers and cloud teams who need actionable, context-rich output rather than a flat list of issues.

How to use Cloud Audit?

Install with pip install cloud-audit and run cloud-audit scan (uses default AWS credentials). For a demo without an account, run cloud-audit demo. The MCP server is started with claude mcp add cloud-audit -- uvx --from cloud-audit cloud-audit-mcp.

Key features of Cloud Audit

  • Attack chain detection (20 rules) correlating findings into exploitable paths
  • Copy-paste remediation with AWS CLI commands and Terraform HCL
  • Scan diff to track drift between scans
  • Built-in compliance engines for CIS AWS v3.0 and SOC

コメント

「開発者ツール」の他のコンテンツ