cloud-audit-mcp (badchars)
Cloud security audit MCP server with 38 tools and 60+ checks for AWS, Azure, and GCP misconfiguration detection.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for cloud-audit-mcp (badchars), derived from its capabilities.
AIVSS 9.4 ยท Critical
View MAESTRO 7-layer threat model โOverview
cloud-audit-mcp gives AI agents direct, interactive access to cloud security posture checks across AWS, Azure, and GCP, exposing 38 tools and 60+ misconfiguration checks (integrating tools like Prowler, CloudSploit, and Steampipe). The agent, not the human, finds the misconfigurations. Because it reads cloud configuration and requires cloud credentials, credential scope and data egress are its primary concerns.
Key features
- 38 tools, 60+ CSPM checks
- AWS + Azure + GCP misconfiguration detection
- Integrates Prowler/CloudSploit/Steampipe
Use cases
- Agent-driven cloud posture assessment
- Find misconfigurations across multi-cloud