Skip to content
Logo

MCP Tools Reference

These tools are automatically available in Claude Desktop once connected. Claude decides which tool to call based on your question — you do not invoke them directly.

get_findings

Section titled “get_findings”

Returns security findings from your most recent scan. Supports filtering by severity, AWS service, keyword, and date range.

Example prompts

  • “What are my critical findings?”
  • “Show me all IAM issues”
  • “Any S3 misconfigurations from this week?“

get_finding_detail

Section titled “get_finding_detail”

Returns full detail on a specific finding — description, risk explanation, CLI fix command, and Terraform code.

Example prompts

  • “Tell me more about that S3 finding”
  • “How do I fix the IAM finding you just mentioned?“

get_risk_summary

Section titled “get_risk_summary”

Returns an executive summary: overall risk level, finding counts by severity, top 3 critical issues, and trend vs your previous scan.

Example prompts

  • “What’s my security posture?”
  • “How bad is it?”
  • “Give me a board-level summary”

get_soc2_gaps

Section titled “get_soc2_gaps”

Returns failing findings grouped by SOC2 trust service criteria (CC6.1, CC7.2, etc.).

Example prompts

  • “Am I ready for SOC2?”
  • “What do I need to fix for my audit?”
  • “Show me my SOC2 compliance gaps”

get_remediation_plan

Section titled “get_remediation_plan”

Returns findings in recommended fix order with time estimates and remediation code.

Example prompts

  • “Where should I start?”
  • “Give me a fix plan”
  • “What should I prioritise this sprint?“

trigger_scan

Section titled “trigger_scan”

Starts a new AWS security scan. Scans take 2–5 minutes to complete.

Example prompts

  • “Run a new scan”
  • “Check my account for new issues”

get_scan_status

Section titled “get_scan_status”

Returns the status of your most recent scan — queued, running, complete, or failed.

Example prompts

  • “Is my scan done?”
  • “What’s the status of the scan I just triggered?“

get_connections

Section titled “get_connections”

Lists your connected AWS accounts with alias, account ID, status, and last scan date.

Example prompts

  • “Which AWS accounts are connected?”
  • “What environments am I monitoring?“

search_findings

Section titled “search_findings”

Searches across resource names, check titles, and descriptions by keyword.

Example prompts

  • “Find anything related to my-prod-bucket”
  • “Search for RDS findings”

get_findings_by_resource

Section titled “get_findings_by_resource”

Returns all findings for a specific AWS resource by exact name or ARN.

Example prompts

  • “What’s wrong with arn:aws:s3:::my-bucket?”
  • “Show me all issues with the deploy-bot-prod role”