Cursor Integration – AWS Security Findings in Your Code Editor
Cursor is an AI code editor with MCP support. TroveSec can be added as an MCP server either globally (available in all projects) or per-project.
Prerequisites
Section titled “Prerequisites”- Cursor installed (1.0+ recommended)
- A TroveSec account with at least one completed scan
- A TroveSec API key — generate one under Integrations → API Keys
-
Choose where to add the config
Edit
~/.cursor/mcp.json— create it if it doesn’t exist.Edit
.cursor/mcp.jsonin your project root. Add.cursor/mcp.jsonto.gitignoreto avoid committing your API key. -
Add the TroveSec server block
{"mcpServers": {"trovesec": {"command": "npx","args": ["mcp-remote","https://mcp.trovesec.io/mcp","--header","Authorization:Bearer ${AUTH_TOKEN}"],"env": {"AUTH_TOKEN": "cs_live_xxx"}}}}Replace
cs_live_xxxwith your API key. -
Restart Cursor
Fully quit and reopen Cursor. You can verify MCP tools are loaded under Cursor Settings → MCP.
-
Verify
Open the chat panel and type: “What are my critical AWS findings?”
Cursor should call
get_findingsand return data from your latest scan.
Example prompts
Section titled “Example prompts”- “Before I deploy this IAM change, are there any existing IAM findings I should know about?”
- “What’s wrong with our S3 configuration right now?”
- “Give me the CLI commands to fix the top critical finding”
- “Run a fresh scan and tell me what’s new”
See also
Section titled “See also”- MCP Integrations Overview — how TroveSec’s MCP connection works
- Tools Reference — all 16 tools with example prompts
- Security Posture Score — understand your score and trend