Cloud Audit

Name: Cloud Audit
Author: gebalamariusz

by gebalamariuszcommunityv1.0.2

cloud-audit is an open-source CLI scanner that detects exploitable AWS attack paths and provides remediation instructions using AWS CLI and Terraform.

From the registry: AWS security scanner with Attack Chains, Breach Cost Estimation, and MCP Server for AI agents.

GitHub Repository

Install & configure

Prerequisites

required
AWS credentials
Configured AWS credentials (default profile or env vars)

Install in your client

Paste into the AI you're chatting with — it will figure out the rest

Please install the `cloud-audit` MCP server into my current AI client (that's you).

Required prerequisites (do these first if not already done):
- **AWS credentials** — Configured AWS credentials (default profile or env vars)

Canonical MCP server config (stdio transport):
- command: `uvx`
- args: ["--from","cloud-audit","cloud-audit-mcp"]

Note: AWS security scanner — finds attack chains and generates AWS CLI + Terraform fixes. 88 checks across 21 AWS services. Read-only.

Add this MCP server to my current client's config in the correct format for you. If you need secrets or credentials I haven't provided, ASK me — do not invent values or leave raw placeholders. After adding it, tell me how to verify the server is connected.

Note: AWS security scanner — finds attack chains and generates AWS CLI + Terraform fixes. 88 checks across 21 AWS services. Read-only.

Tools (6)

scan_aws

Scans AWS accounts for vulnerabilities.

get_findings

Retrieves detected vulnerabilities.

get_attack_chains

Identifies attack paths based on findings.

get_remediation

Provides remediation steps for vulnerabilities.

get_health_score

Calculates a health score based on findings.

list_checks

Lists all available checks.

Environment variables

CLOUD_AUDIT_REGIONSrequiredSpecifies the AWS regions to scan.

CLOUD_AUDIT_MIN_SEVERITYrequiredSets the minimum severity level for findings.

CLOUD_AUDIT_EXCLUDE_CHECKSLists checks to exclude from the scan.

CLOUD_AUDIT_ROLE_ARNSpecifies the ARN of the role to assume for cross-account scanning.

Packages

cloud-audit

pypiv1.0.2transport: stdio

Details

Language: Python
License: MIT
Released: Mar 24, 2026
Last commit: Apr 7, 2026
Registry name: io.github.gebalamariusz/cloud-audit

Related Servers

SafeDep Vet MCP

Protect your AI agents and IDEs from malicious open-source packages.

1.0k

Skylos

Dead code, security, secrets detection and code quality for Python, TypeScript, Go.

370

UniFi Access MCP

Manage UniFi Access doors, credentials, policies, visitors, and events via MCP.

243