Skip to content

Windsurf Integration – AWS Security Data in Your AI IDE

Windsurf is an AI-native IDE from Codeium. With TroveSec connected, you can ask security questions, review findings, and get remediation code inline as you work — without switching context.

  • Windsurf installed
  • A TroveSec account with at least one completed scan
  • A TroveSec API key — generate one under Integrations → API Keys
  1. Open the Windsurf MCP config file

    Terminal window
    # macOS / Linux
    ~/.codeium/windsurf/mcp_config.json
    # Windows
    %USERPROFILE%\.codeium\windsurf\mcp_config.json

    Create the file if it doesn’t exist.

  2. Add the TroveSec server block

    {
    "mcpServers": {
    "trovesec": {
    "command": "npx",
    "args": [
    "mcp-remote",
    "https://mcp.trovesec.io/mcp",
    "--header",
    "Authorization:Bearer ${AUTH_TOKEN}"
    ],
    "env": {
    "AUTH_TOKEN": "cs_live_xxx"
    }
    }
    }
    }

    Replace cs_live_xxx with your API key.

  3. Restart Windsurf

    Fully quit and reopen Windsurf. TroveSec tools will be available in the Cascade AI panel.

  4. Verify

    In the Cascade panel, type: “What are my critical AWS findings?”

    Cascade should call get_findings and return real data from your latest scan.

  • Ask “is there anything wrong with how I’ve configured this S3 bucket?” and TroveSec can confirm against your actual findings
  • Get remediation CLI commands and Terraform snippets directly in the editor where you’re making the fix
  • After a deploy, trigger a scan and check for new findings without leaving Windsurf
  • “What findings do we have in IAM right now?”
  • “Show me the remediation Terraform for the top critical finding”
  • “Did anything regress after the last deploy?”
  • “What’s blocking our SOC2 certification?”