What can you do with this server?

The cloud-audit MCP server enables AI agents to perform AWS security auditing through six tools: * scan_aws — Scan AWS accounts for misconfigurations across 18+ services, detect attack chains, and estimate breach costs. Supports AWS CLI profile, regions, and severity filters. * get_findings — Retrieve findings from the latest scan, filterable by severity (critical/high/medium/low) and AWS service prefix. Each finding includes check ID, severity, affected resource, description, and estimated breach cost. * get_attack_chains — Fetch correlated findings that form exploitable end-to-end attack paths, each with a narrative, priority fix recommendation, and breach cost estimate. * get_remediation — Get copy-paste ready AWS CLI commands and Terraform HCL snippets to fix a specific security check by ID. * get_health_score — Retrieve a 0–100 security health score with finding counts by severity, attack chain count, and total estimated risk exposure in USD. * list_checks — List all 80 available security checks organized by service/category, no AWS credentials required.

Which integrations are available for this server?

Enables scanning of AWS accounts to detect security vulnerabilities and multi-step attack chains, providing breach cost estimations and remediation guidance via AWS CLI commands and Terraform HCL.

de en es ja ko ru zh

cloud-audit

by gebalamariusz

Overview Schema Related Servers Score Discussions

Python

Remote

Quick Start

pip install cloud-audit
cloud-audit scan

Uses your default AWS credentials and region. Try without an AWS account:

cloud-audit demo

NEW in v2.3: Blast Radius CLI + live visualizer

Walk outward from any AWS resource and show exactly what an attacker reaches if THAT resource is compromised. The CLI runs offline against a saved scan (zero AWS API calls at blast-radius time); the matching open visualizer at blast-audit.haitmg.pl renders the same JSON as an interactive attack graph with break-point highlighting, MITRE ATT&CK overlay, and an executive boardroom mode for CFO/CISO briefings.

Seeds: EC2 short id (i-XXX), IAM role/user ARN, Lambda ARN, S3 bucket ARN, Secrets Manager secret ARN.

# 1. Run a scan once (saves to ~/.cloud-audit/last-scan.json)
cloud-audit scan

# 2. Inspect blast radius from any resource (uses the last scan automatically)
cloud-audit blast-radius --resource i-0abc123def456              # tree (default)
cloud-audit blast-radius --resource i-0abc123 --format mermaid   # for docs/slides
cloud-audit blast-radius --resource i-0abc123 --format markdown  # for PR comments

# 3. Export JSON and visualize it interactively
cloud-audit blast-radius --resource arn:aws:iam::123456789012:role/deploy \
                        --format json --output blast.json
# → open https://blast-audit.haitmg.pl/demo/upload/ → drop blast.json

Seven historical breach scenarios ship pre-loaded for context (Capital One 2019, Cryptomining 2025, AgentCore 2026, Snowflake UNC5537 2024, nx Supply Chain 2026, Codefinger SSE-C 2025, Trivy / TeamPCP 2026), each with verified primary-source citations. See the Blast Radius documentation for expansion rules, the BlastRadiusGraph v1.0 schema, and the risk-score heuristic.

Also new since v2.0

Version	Highlight
v2.3.0 (May 2026)	Blast Radius CLI + live visualizer + 15 security-hardening fixes (Mermaid XSS escape, ID collision, BFS bounds, symlink-safe writes, URL scheme allow-list). 812 tests.
v2.2.1 (May 2026)	TF-001 SES phishing burst escalation + TF-004 defensive-tool exclusion.
v2.2.0 (May 2026)	Threat Feed v1 - 10 active-abuse detectors from 2025-2026 incidents (cryptomining, leaked-cred scanners, MMDSv1, DataZone, Roles Anywhere, CloudTrail tampering). External research refs on every finding.
v2.1.0 (Apr 2026)	64 IAM escalation methods, full pathfinding.cloud coverage.
v2.0.0 (Apr 2026)	IAM Escalation graph, What-If simulator, Trend tracking, AI-SPM (Bedrock + SageMaker).

Detail per release in CHANGELOG.md.

NEW in v2.2: Threat Feed

Detect ACTIVE abuse patterns from 2025-2026 incidents (cryptomining campaigns, SES phishing setup, leaked-credential scanner activity, AgentCore CVEs):

cloud-audit threat-feed              # scan all 10 patterns
cloud-audit threat-feed --list       # show registered patterns
cloud-audit threat-feed --pattern aws-tf-003   # one pattern only

Each pattern carries external research references (Wiz, Datadog Security Labs, Unit 42, Permiso) on every finding. Exit code 1 when CRITICAL/HIGH detected (CI gate friendly). See Threat Feed docs.

Why It's Different

Most scanners give you findings. cloud-audit helps you decide what to fix first.

+---- Attack Chains (5 detected) -----------------------------------+
|  CRITICAL  Internet-Exposed Admin Instance                         |
|            i-0abc123 - public SG + admin IAM role + IMDSv1         |
|                                                                    |
|  CRITICAL  IAM Privilege Escalation via iam:PassRole               |
|            ci-deploy-role - 3-step path to admin                   |
|                                                                    |
|  CRITICAL  CI/CD to Admin Takeover                                 |
|            github-deploy - OIDC no sub + admin policy              |
+--------------------------------------------------------------------+

+---- Remediation Plan -------------------------------------------+
|  Fix 4 root causes, break 22 attack chains                       |
|                                                                    |
|  Quick Wins (effort: LOW, chains broken: 14):                      |
|    1. Restrict SG ingress on sg-0abc123    -> breaks 8 chains      |
|    2. Add OIDC sub condition               -> breaks 6 chains      |
+--------------------------------------------------------------------+

Other tools give you 200 findings sorted by severity. cloud-audit groups them by root cause, shows which single fixes collapse the most attack paths, and lets you simulate the impact before you touch anything:

cloud-audit simulate --fix aws-vpc-002
# Score: 34 -> 58 (+24)  |  Chains broken: 8 of 22  |  Findings resolved: 11

94 checks across 23 AWS services. Every finding includes copy-paste AWS CLI + Terraform remediation.

Feature matrix

Capability	What it does
Blast Radius CLI (v2.3)	`cloud-audit blast-radius --resource <id>` walks outward from any AWS resource and emits the reachable attack graph as tree, JSON (BlastRadiusGraph v1.0), Mermaid, or Markdown. The JSON drops straight into the live visualizer for interactive exploration.
Threat Feed v1 (v2.2)	10 active-abuse detectors from real 2025-2026 incidents - cryptomining, leaked-cred scanners, MMDSv1, DataZone overgrant, Roles Anywhere, CloudTrail tampering. Each detector ships with primary-source citation.
IAM Privilege Escalation (v2.1)	64 escalation methods across 9 categories, including lateral movement detection via AssumeRole graph traversal. PMapper has been unmaintained since v1.1.5 (Jan 2022); cloud-audit offers a CLI-native alternative that covers additional escalation patterns beyond PMapper's IAM-principal scope.
What-If Simulator (v2.0)	`cloud-audit simulate --fix aws-vpc-002` shows score change, chains broken, and risk reduction before you apply anything.
Root Cause Grouping (v2.0)	"Fix 4 things, break 22 chains." Groups findings by shared root cause and ranks by impact.
Security Posture Trend (v2.0)	`cloud-audit trend` tracks health score, chains, and risk over time with sparkline visualization.
AI-SPM (v2.0)	Open-source Bedrock + SageMaker scanner. 5 checks, 3 attack chains (model theft, LLMjacking, data poisoning).

Features

Attack Chain Detection

31 rules correlate individual findings into exploitable attack paths.

  Internet --> Public SG --> EC2 (IMDSv1) --> Admin IAM Creds --> Account Takeover
               aws-vpc-002   aws-ec2-004       Detected: AC-01, AC-02

Chain	What it catches
IAM Privilege Escalation	iam:PassRole + lambda:Create + iam:Attach = 3-step path to admin
Internet-Exposed Admin	Public SG + admin IAM role + IMDSv1 = account takeover
CI/CD to Admin Takeover	OIDC without sub condition + admin policy = pipeline hijack
LLMjacking	Bedrock no logging + no guardrails = undetected model abuse

Based on MITRE ATT&CK Cloud and pathfinding.cloud. See all 31 rules.

Remediation + Simulator

Every finding includes AWS CLI, Terraform HCL, and docs links. Export all fixes:

cloud-audit scan --export-fixes fixes.sh

Simulate before applying:

cloud-audit simulate --fix aws-vpc-002
# Score: 34 -> 58 (+24)  |  Chains broken: 8 of 22  |  Findings resolved: 11

cloud-audit simulate --fix aws-vpc-002,aws-ct-001,aws-iam-007
# Score: 34 -> 82 (+48)  |  Chains broken: 19 of 22

Trend Tracking

cloud-audit diff yesterday.json today.json    # Catches ClickOps drift
cloud-audit trend                              # Posture over time

6 Compliance Frameworks

CIS AWS v3.0 - 62 controls, 55 automated (89%)
SOC 2 Type II - 43 criteria, 24 automated (56%)
BSI C5:2020 Beta - 134 criteria, 57 automated/partial
ISO 27001:2022 Beta - 93 controls, 47 automated/partial
HIPAA Security Rule Beta - 47 specs, 29 automated/partial
NIS2 Directive Beta - 43 measures, 33 automated/partial

Breach Cost Estimation

Every finding and chain includes a dollar-range risk estimate based on IBM/Verizon breach data, with source links.

MCP Server for AI Agents

claude mcp add cloud-audit -- uvx --from cloud-audit cloud-audit-mcp

6 tools: scan_aws, get_findings, get_attack_chains, get_remediation, get_health_score, list_checks. Free and standalone.

How It Compares

Prowler is the AWS security standard: 600 checks across 84 services, 44 compliance frameworks (CIS, PCI-DSS, HIPAA, SOC2, NIST 800, ISO 27001, GDPR, FedRAMP, NIS2, MITRE ATT&CK and more), auto-remediation fixers, and graph-based attack path analysis in the Prowler App (Cartography + Neo4j). It also covers Azure, GCP, Kubernetes, M365, and several other providers.

cloud-audit is AWS-only and intentionally narrower (94 curated checks). It goes deep where Prowler goes wide: attack chain correlation and IAM escalation detection run in the free CLI with zero infrastructure, every finding ships with reviewable Terraform + AWS CLI remediation, and scan diff / drift tracking is built into the CLI.

Feature	Prowler	cloud-audit
AWS checks	600 across 84 services	94 across 23 services
Compliance frameworks (AWS)	44 (CIS, PCI-DSS, HIPAA, SOC2, NIST, ISO 27001, GDPR, FedRAMP, NIS2, ...)	6 (CIS v3.0, SOC 2, BSI C5, ISO 27001, HIPAA, NIS2)
Auto-remediation	55 fixers across 17 AWS services (direct API calls)	94/94 findings with CLI + Terraform output (reviewable, you apply)
Attack path / graph analysis	Prowler App (Cartography + graph queries)	CLI-native (31 rules, no infra)
IAM privilege escalation graph	Prowler App	CLI-native (61 methods + AssumeRole graph)
What-If remediation simulator	No	Yes
AI/ML security checks (Bedrock + SageMaker)	~20 checks	5 checks + 3 attack chain rules
Scan diff / drift tracking	Prowler App	Built-in CLI (`cloud-audit diff`)
Breach cost estimates (USD)	No	Per-finding + per-chain
MCP Server	Free	Free
Multi-cloud	AWS + 13 others	AWS only
License	Apache 2.0	MIT

Use Prowler for compliance breadth, multi-cloud coverage, and graph-based attack path analysis. Use cloud-audit for fast CLI-native attack chain detection, reviewable Terraform remediation, and CI/CD drift tracking. They are complementary, not competitors - a common setup is Prowler for quarterly compliance evidence plus cloud-audit daily in CI/CD.

Prowler stats verified from github.com/prowler-cloud/prowler on 2026-05-25. cloud-audit snapshot as of v2.3.0.

Blast radius specifically

Most existing AWS blast-radius tooling either lives behind paid SaaS, requires standing up Neo4j + Cartography, or has been unmaintained for years. cloud-audit blast-radius aims to be a lightweight CLI-native alternative: arbitrary AWS resource seeds (EC2, IAM, Lambda, S3, secret), a documented JSON contract (BlastRadiusGraph v1.0) that downstream tools can consume, and no infrastructure to stand up.

Tool	Forward BFS from arbitrary AWS resource?	Pure CLI?	Last release
Wiz / Stream Security CloudTwin	yes	no (paid SaaS)	active
Prowler App	yes	no (needs Neo4j + Cartography)	active
Prowler CLI	no	yes	active
PMapper	IAM-only, optimised for privesc-to-admin	yes	v1.1.5, Jan 2022 (unmaintained)
Cloudsplaining	no (IAM policy analysis only)	yes	v0.8.2, Oct 2024
CloudFox	no for AWS (`lateral-movement` GCP only)	yes	active
DetentionDodger	IAM-only, only post-quarantine users	yes	v1.0, Oct 2024
awspx	partial (graph + web UI)	Docker	v1.3.4, Aug 2021 (unmaintained)
ScoutSuite	no	yes	v5.14.0, May 2024
Cartography	no built-in (bring your own Cypher)	no (graph ingestor)	active
BloodHound CE	no for AWS (AD + Azure scope)	no (web app)	active
pathfinding.cloud	no (it's a catalog)	n/a	n/a
Trivy	no	yes	active
cloud-audit blast-radius	yes	yes	v2.3.0, May 2026

The companion visualizer at blast-audit.haitmg.pl consumes the same JSON without an account, install, or upload-to-cloud step. Everything stays in your browser.

Reports

cloud-audit scan --format html -o report.html     # Client-ready HTML
cloud-audit scan --format json -o report.json      # Machine-readable
cloud-audit scan --format sarif -o results.sarif   # GitHub Code Scanning
cloud-audit scan --format markdown -o report.md    # PR comments

Installation

pip install cloud-audit          # pip (recommended)
pipx install cloud-audit         # pipx (isolated)
docker run ghcr.io/gebalamariusz/cloud-audit scan  # Docker

Docker with credentials:

docker run -v ~/.aws:/home/cloudaudit/.aws:ro ghcr.io/gebalamariusz/cloud-audit scan

Usage

cloud-audit scan -R                                    # Show remediation
cloud-audit scan --profile prod --regions eu-central-1  # Specific profile/region
cloud-audit scan --regions all                          # All enabled regions
cloud-audit scan --min-severity high                   # Filter by severity
cloud-audit scan --role-arn arn:aws:iam::...:role/audit # Cross-account
cloud-audit scan --quiet                               # Exit code only (CI/CD)
cloud-audit simulate --fix aws-vpc-002                 # What-If simulator
cloud-audit trend                                      # Posture over time
cloud-audit list-checks                                # List all checks

Exit code	Meaning
0	No findings
1	Findings detected
2	Scan error

Create .cloud-audit.yml in your project root:

provider: aws
regions:
  - eu-central-1
  - eu-west-1
min_severity: medium
exclude_checks:
  - aws-eip-001
suppressions:
  - check_id: aws-vpc-001
    resource_id: vpc-abc123
    reason: "Legacy VPC, migration planned for Q3"
    accepted_by: "jane@example.com"
    expires: "2026-09-30"
  - check_id: "aws-cw-*"
    reason: "CloudWatch alarms managed by separate team"
    accepted_by: "ops@example.com"

Variable	Example
`CLOUD_AUDIT_REGIONS`	`eu-central-1,eu-west-1`
`CLOUD_AUDIT_MIN_SEVERITY`	`high`
`CLOUD_AUDIT_EXCLUDE_CHECKS`	`aws-eip-001,aws-iam-001`
`CLOUD_AUDIT_ROLE_ARN`	`arn:aws:iam::...:role/auditor`

Precedence: CLI flags > env vars > config file > defaults.

CI/CD

- run: pip install cloud-audit
- run: cloud-audit scan --format sarif --output results.sarif
- uses: github/codeql-action/upload-sarif@v3
  with:
    sarif_file: results.sarif

Ready-to-use workflows: basic scan, daily diff, post-deploy.

AWS Permissions

cloud-audit requires read-only access. Attach SecurityAudit (covers all checks including IAM escalation analysis):

aws iam attach-role-policy --role-name auditor --policy-arn arn:aws:iam::aws:policy/SecurityAudit

cloud-audit never modifies your infrastructure. The simulate command runs locally against scan data -- it does not call AWS APIs.

What It Checks

94 checks across IAM, S3, EC2, VPC, RDS, EIP, EFS, CloudTrail, GuardDuty, KMS, CloudWatch, Lambda, ECS, SSM, Secrets Manager, AWS Config, Security Hub, Account, AWS Backup, Amazon Inspector, AWS WAF, Amazon Bedrock, and Amazon SageMaker.

See all 94 checks by service or run cloud-audit list-checks locally.

Documentation

Full docs at haitmg.pl/cloud-audit:

Getting Started - installation, quick start, demo mode
Blast Radius - forward BFS from arbitrary AWS resource, JSON schema, visualizer integration
Attack Chains - all 31 rules with MITRE ATT&CK references
IAM Escalation - 64 methods, 9 categories (action-based + lateral AssumeRole graph)
Threat Feed - 10 active-abuse detectors from 2025-2026 incidents
What-If Simulator - simulate remediation impact
Compliance - 6 frameworks: CIS, SOC 2, BSI C5, ISO 27001, HIPAA, NIS2
All 94 Checks - full check reference by service

Companion visualizer

The same BlastRadiusGraph v1.0 JSON that cloud-audit blast-radius --format json emits also drives the live visualizer at blast-audit.haitmg.pl - no install, no signup, no upload to a third-party cloud (everything runs in your browser).

Seven historical breach scenarios are pre-loaded with primary-source citations:

Scenario	Year	One-line pitch	URL
Capital One	2019	SSRF → IMDSv1 → admin S3 (100M records, $190M total damage)	/demo/capital-one-2019/
Cryptomining	2025	Leaked AKID → 14 ASGs spinning in 10 minutes	/demo/cryptomining-2025/
Bedrock AgentCore	2026	Sandbox bypass via DNS resolver (AWS classed "won't fix")	/demo/agentcore-2026/
Snowflake / UNC5537	2024	Infostealer-harvested credentials replayed against no-MFA tenants (165 orgs, $28M+ AT&T settlement)	/demo/snowflake-unc5537-2024/
nx Supply Chain / UNC6426	2026	Trojanised npm → LLM stealer → GitHub OIDC → AWS Admin in <72 h	/demo/unc6426-nx-2026/
Codefinger	2025	AWS-native SSE-C ransomware (no key recovery from CloudTrail)	/demo/codefinger-ssec-2025/
Trivy / TeamPCP	2026	76 of 77 GitHub Action tags force-pushed to a credential stealer	/demo/trivy-teampcp-2026/

Boardroom mode (?board=1 on any scenario) renders the same graph as a CFO/CISO briefing with the dollar exposure, time-to-detect, and recommended fix surfaced as 3 big tiles - click "What stops this attack?" and the exposure tile animates to $0.

What's Next

Multi-account scanning (AWS Organizations)
SCP + permission boundary evaluation in IAM escalation
Terraform drift detection
Security Graph v3.0.0 (network reachability, cross-account propagation, permission-boundary semantics)

Past releases: CHANGELOG.md

Development

git clone https://github.com/gebalamariusz/cloud-audit.git
cd cloud-audit
pip install -e ".[dev]"

pytest -v                          # 812 tests
ruff check src/ tests/             # lint
mypy src/                          # type check

See CONTRIBUTING.md for how to add a new check.

License

MIT - Mariusz Gebala / HAIT

Install Server

license - permissive license

quality

maintenance

How are these scores calculated?

Maintenance

–Maintainers

2hResponse time

3dRelease cycle

28Releases (12mo)

Resources

GitHub Repository

Need Help?

Related Servers

Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/gebalamariusz/cloud-audit'

If you have feedback or need assistance with the MCP directory API, please join our Discord server