Cloud Audit MCP

<p align="center"> <br> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/badchars/cloud-audit-mcp/main/.github/banner-dark.svg"> <source media="(prefers-color-scheme: light)" srcset="https://raw.githubusercontent.com/badchars/cloud-audit-mcp/main/.github/banner-light.svg"> <img alt="cloud-audit-mcp" src="https://raw.githubusercontent.com/badchars/cloud-audit-mcp/main/.github/banner-dark.svg" width="700"> </picture> </p> <h3 align="center">Cloud security audit tools for AI agents.</h3> <p align="center"> Prowler gives you a 200-page PDF.<br> This gives your AI agent <b>direct access to cloud APIs</b> — it reads, correlates, and fixes. </p> <br> <p align="center"> <a href="#the-problem">The Problem</a> &bull; <a href="#how-its-different">How It's Different</a> &bull; <a href="#quick-start">Quick Start</a> &bull; <a href="#what-the-ai-can-do">What The AI Can Do</a> &bull; <a href="#tools-reference-38-tools">Tools</a> &bull; <a href="#check-registry-60-checks">Checks</a> &bull; <a href="#architecture">Architecture</a> </p> <p align="center"> <a href="LICENSE"><img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="License"></a> <img src="https://img.shields.io/badge/runtime-Bun-f472b6" alt="Bun"> <img src="https://img.shields.io/badge/protocol-MCP-8b5cf6" alt="MCP"> <img src="https://img.shields.io/badge/tools-38-22c55e" alt="38 Tools"> <img src="https://img.shields.io/badge/checks-60+-ef4444" alt="60+ Checks"> <img src="https://img.shields.io/badge/providers-AWS%20%7C%20Azure%20%7C%20GCP-f59e0b" alt="AWS | Azure | GCP"> </p>

---

The Problem

Cloud security tools haven't changed in a decade. You run Prowler, wait 30 minutes, get a 200-page report, and then you have to read it, understand it, prioritize it, and fix it. Every. Single. Time.

Traditional workflow:
  prowler aws --compliance cis_3.0       →  200 findings, 40 pages
  you read the report                    →  2 hours
  you figure out what matters            →  30 minutes
  you write the fix commands             →  1 hour
  you run them                           →  30 minutes
  ─────────────────────────────────────
  Total: 4+ hours of your time

cloud-audit-mcp eliminates the human bottleneck. Your AI agent calls the cloud APIs directly, understands what it finds, chains checks together, and tells you exactly what to fix — in seconds.

With cloud-audit-mcp:
  You: "Check my AWS account for critical misconfigurations and fix them"

  Agent: → calls aws_check_s3_public, aws_check_iam_policies, aws_check_ec2_imds...
         → correlates: "This Lambda has admin role AND secrets in env vars"
         → prioritizes: "3 critical, 5 high — here's the impact of each"
         → "Run these 3 commands to fix the critical ones"

---

How It's Different

Every existing tool is designed for humans to read reports. cloud-audit-mcp is designed for AI agents to take action.

<table> <thead> <tr> <th></th> <th>Prowler / ScoutSuite / CloudSploit</th> <th>cloud-audit-mcp</th> </tr> </thead> <tbody> <tr> <td><b>Interface</b></td> <td>CLI → static report (PDF/HTML/JSON)</td> <td>MCP → AI agent calls tools in real-time</td> </tr> <tr> <td><b>Intelligence</b></td> <td>Run all checks, dump results</td> <td>Agent picks which checks to run based on context</td> </tr> <tr> <td><b>Correlation</b></td> <td>None — each finding is isolated</td> <td>Agent chains findings: "This public S3 + this Lambda role = data exfil path"</td> </tr> <tr> <td><b>Remediation</b></td> <td>Generic advice</td> <td>Agent generates exact CLI commands for your resources</td> </tr> <tr> <td><b>Follow-up</b></td> <td>Re-run the entire scan</td> <td>Agent re-checks the specific resource after fix</td> </tr> <tr> <td><b>Multi-cloud</b></td> <td>Separate tools per cloud</td> <td>Unified interface — AWS + Azure + GCP in one conversation</td> </tr> <tr> <td><b>Scope</b></td> <td>Compliance-focused (CIS benchmarks)</td> <td>Offensive-focused — privilege escalation paths, credential exposure, attack chains</td> </tr> </tbody> </table> <br> <details> <summary>Specific comparisons with popular tools</summary> <br>

| Tool | Stars | What it does | What it can't do | |---|---|---|---| | Prowler | 11k | 500+ CIS/compliance checks for AWS/Azure/GCP/K8s | Static report, no AI integration, no finding correlation | | ScoutSuite | 6k | Multi-cloud audit with HTML dashboard | Offline report, no real-time interaction, ~100 checks | | CloudSploit | 3k | 150+ checks across 6 clouds | Plugin-per-check, no cross-check intelligence | | Steampipe | 7k | SQL queries against cloud APIs, 1500+ controls | Requires SQL knowledge, no autonomous analysis | | Cartography | 3k | Neo4j graph of cloud resources + relationships | Requires Neo4j/Cypher, no predefined security checks | | Trivy | 24k | Container/IaC/cloud vulnerability scanner | Primarily CVE scanning, limited misconfig checks |

All of these are excellent tools. cloud-audit-mcp doesn't replace them — it fills a gap none of them address: giving an AI agent direct, interactive access to cloud security checks.

</details>

---

Quick Start

Install

git clone https://github.com/badchars/cloud-audit-mcp.git
cd cloud-audit-mcp
bun install

Connect to your AI agent

<details open> <summary><b>Claude Code</b></summary>

claude mcp add cloud-audit bun run /path/to/cloud-audit-mcp/src/index.ts

</details> <details> <summary><b>Claude Desktop</b></summary>

Add to ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "cloud-audit": {
      "command": "bun",
      "args": ["run", "/path/to/cloud-audit-mcp/src/index.ts"],
      "env": {
        "AWS_PROFILE": "your-profile"
      }
    }
  }
}

</details> <details> <summary><b>Cursor / Windsurf / other MCP clients</b></summary>

Same JSON config format. Point the command to your installation path.

</details>

Set up cloud credentials

The MCP server uses your existing cloud credentials. No extra API keys needed.

# AWS — any of these:
aws configure                              # interactive setup
export AWS_PROFILE=my-profile              # named profile
export AWS_ACCESS_KEY_ID=...               # explicit keys

# Azure
export AZURE_SUBSCRIPTION_ID=...           # required
az login                                   # interactive login (recommended)
# or: AZURE_TENANT_ID + AZURE_CLIENT_ID + AZURE_CLIENT_SECRET

# GCP
export GCP_PROJECT_ID=my-project           # required
gcloud auth application-default login      # interactive login (recommended)
# or: GOOGLE_APPLICATION_CREDENTIALS=/path/to/key.json

Start auditing

You: "Check my AWS account for critical security issues"

That's it. The agent handles the rest.

---

What The AI Can Do

Targeted Security Audit

You: "I'm worried about data exposure in our S3 buckets and Lambda functions"

Agent: → aws_check_s3_public
         Found 2 public buckets: "staging-assets" and "client-uploads"
       → aws_check_s3_objects
         "client-uploads" contains 847 .sql files and 12 .pem files
       → aws_check_lambda_env
         Lambda "process-uploads" has DATABASE_URL with plaintext credentials
       → "Critical: Your upload pipeline has public S3 + Lambda with DB creds.
          An attacker could download SQL dumps AND get your database password.
          Fix: 1) Block public access  2) Move creds to Secrets Manager"

Multi-Cloud Posture Review

You: "Audit all three cloud accounts and give me the top 10 issues"

Agent: → cloud_run_all {provider: "aws"}     (13 checks)
       → cloud_run_all {provider: "azure"}   (13 checks)
       → cloud_run_all {provider: "gcp"}     (8 checks)
       → cloud_audit_summary
       → cloud_audit_report
       → "34 total findings across 3 clouds.
          Top 3 critical:
          1. AWS: IAM policy allows privilege escalation via CreatePolicyVersion
          2. Azure: SQL Server firewall allows 0.0.0.0/0
          3. GCP: 4 instances have cloud-platform scope (full API access)"

Privilege Escalation Detection

You: "Can anyone escalate privileges in our AWS account?"

Agent: → aws_check_iam_policies
         Found PassRole + CreateFunction combo on role "dev-deploy-role"
         Found CreatePolicyVersion on user "ci-bot"
       → aws_check_lambda_permissions
         "ci-bot" has UpdateFunctionCode on all Lambda functions
       → "Two escalation paths:
          1. dev-deploy-role can create a Lambda with any role → admin
          2. ci-bot can inject code into any Lambda AND create policy versions
          Both should be restricted immediately."

Pre-Pentest Cloud Recon

You: "We have a pentest next week. What would an attacker find?"

Agent: → aws_check_ec2_imds        → 12 instances with IMDSv1 (SSRF → creds)
       → aws_check_ec2_snapshots   → 3 unencrypted public snapshots
       → aws_check_api_gateway     → 7 endpoints with no auth
       → aws_check_secrets_manager → 1 secret with Principal: "*"
       → "Attacker's likely path: public API Gateway → SSRF on EC2 →
          IMDSv1 credential theft → access SecretsManager secret →
          pivot to production database. Priority fixes: IMDSv2 + API auth"

Azure Container Security

You: "Check our Azure container infrastructure"

Agent: → azure_check_acr       → Admin user enabled on 2 registries
       → azure_check_functions → 3 Function Apps with anonymous auth
       → azure_check_keyvault  → Key Vault allows all networks
       → azure_check_webapp    → SCM basic auth enabled, 5 connection strings with pas