Skip to content

Cursor Integration – AWS Security Findings in Your Code Editor

Cursor is an AI code editor with MCP support. TroveSec can be added as an MCP server either globally (available in all projects) or per-project.

  • Cursor installed (1.0+ recommended)
  • A TroveSec account with at least one completed scan
  • A TroveSec API key — generate one under Integrations → API Keys
  1. Choose where to add the config

    Edit ~/.cursor/mcp.json — create it if it doesn’t exist.

  2. Add the TroveSec server block

    {
    "mcpServers": {
    "trovesec": {
    "command": "npx",
    "args": [
    "mcp-remote",
    "https://mcp.trovesec.io/mcp",
    "--header",
    "Authorization:Bearer ${AUTH_TOKEN}"
    ],
    "env": {
    "AUTH_TOKEN": "cs_live_xxx"
    }
    }
    }
    }

    Replace cs_live_xxx with your API key.

  3. Restart Cursor

    Fully quit and reopen Cursor. You can verify MCP tools are loaded under Cursor Settings → MCP.

  4. Verify

    Open the chat panel and type: “What are my critical AWS findings?”

    Cursor should call get_findings and return data from your latest scan.

  • “Before I deploy this IAM change, are there any existing IAM findings I should know about?”
  • “What’s wrong with our S3 configuration right now?”
  • “Give me the CLI commands to fix the top critical finding”
  • “Run a fresh scan and tell me what’s new”