io.github.gebalamariusz/cloud-audit

cloud-audit

AWS security scanner with Attack Chains, Breach Cost Estimation, and MCP Server for AI agents.

57 0 tools GitHub PyPI

No known CVEs

No license

Actively maintained

Last commit 17d ago

Works with most clients

Transport: stdio, sse, http

0 tools

Grade F

Edit this pageView history

Security Cloud

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-gebalamariusz-cloud-audit": {
      "args": [
        "cloud-audit"
      ],
      "command": "uvx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-gebalamariusz-cloud-audit)](https://mcppedia.org/s/io-github-gebalamariusz-cloud-audit)

Read me

What io.github.gebalamariusz/cloud-audit does

Open-source CLI scanner that helps you decide what to fix first —

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'cloud-audit' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

55/100across 5 weighted dimensions

How we score →

0255075100

−45

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked cloud-audit against OSV.dev.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.gebalamariusz/cloud-audit safe to use?: io.github.gebalamariusz/cloud-audit has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.gebalamariusz/cloud-audit?: io.github.gebalamariusz/cloud-audit supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with io.github.gebalamariusz/cloud-audit?: io.github.gebalamariusz/cloud-audit is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is io.github.gebalamariusz/cloud-audit actively maintained?: io.github.gebalamariusz/cloud-audit is actively maintained — last commit was 17 days ago. It has 57 GitHub stars.

Similar servers

Others in security / cloud

View all →

Observability Mcp95

MCP Server for GCP environment for interacting with various Observability APIs.

807 10

Sink95

⚡ A Simple / Speedy / Secure Link Shortener with Analytics, 100% run on Cloudflare.

6.7k 3

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Alibabacloud Devops Mcp Server92

Yunxiao MCP Server provides AI assistants with the ability to interact with the Yunxiao platform. It provides a set of tools that interact with Yunxiao's API, allowing AI assistants to manage Codeup repository, Project, Pipeline, Packages etc.

116 7

MCP Security Weekly

Get CVE alerts and security updates for io.github.gebalamariusz/cloud-audit and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

cloud-audit

Find AWS attack paths, IAM escalation routes, and the fixes that matter most.

Open-source CLI scanner that helps you decide what to fix first -
not just what's wrong.

Find attack chains and IAM escalation paths - Simulate fixes before you apply them - Fix root causes, not individual findings

blast-audit visualizer - executive briefing view of Snowflake 2024 breach: $28M exposure, 4 years to detect, fix = enforce MFA

_{Drop a cloud-audit blast-radius JSON into the live visualizer at blast-audit.haitmg.pl - or click the screenshot to explore the Snowflake 2024 breach interactively.}

Quick Start

pip install cloud-audit cloud-audit scan

Uses your default AWS credentials and region. Try without an AWS account:

cloud-audit demo

NEW in v2.3: Blast Radius CLI + live visualizer

Walk outward from any AWS resource and show exactly what an attacker reaches if THAT resource is compromised. The CLI runs offline against a saved scan (zero AWS API calls at blast-radius time); the matching open visualizer at blast-audit.haitmg.pl renders the same JSON as an interactive attack graph with break-point highlighting, MITRE AT

Frequently Asked Questions

Is io.github.gebalamariusz/cloud-audit safe to use?

io.github.gebalamariusz/cloud-audit has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.gebalamariusz/cloud-audit?

io.github.gebalamariusz/cloud-audit supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with io.github.gebalamariusz/cloud-audit?

io.github.gebalamariusz/cloud-audit is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is io.github.gebalamariusz/cloud-audit actively maintained?

io.github.gebalamariusz/cloud-audit is actively maintained — last commit was 17 days ago. It has 57 GitHub stars.

cloud-audit

English | 简体中文

Find AWS attack paths, IAM escalation routes, and the fixes that matter most.

Open-source CLI scanner that helps you decide what to fix first -
not just what's wrong.

Find attack chains and IAM escalation paths - Simulate fixes before you apply them - Fix root causes, not individual findings

Documentation - Quick Start - Blast Radius - Live Visualizer - Attack Chains - IAM Escalation - Threat Feed - MCP Server

_{Drop a cloud-audit blast-radius JSON into the live visualizer at blast-audit.haitmg.pl - or click the screenshot to explore the Snowflake 2024 breach interactively.}

Quick Start

pip install cloud-audit
cloud-audit scan

Uses your default AWS credentials and region. Try without an AWS account:

cloud-audit demo

NEW in v2.3: Blast Radius CLI + live visualizer

Walk outward from any AWS resource and show exactly what an attacker reaches if THAT resource is compromised. The CLI runs offline against a saved scan (zero AWS API calls at blast-radius time); the matching open visualizer at blast-audit.haitmg.pl renders the same JSON as an interactive attack graph with break-point highlighting, MITRE AT

... View full README on GitHub