prowler-mcp 0.3.0

MCP server for Prowler ecosystem

Prowler MCP Server

Prowler MCP Server brings the entire Prowler ecosystem to AI assistants through the Model Context Protocol (MCP). It enables seamless integration with AI tools like Claude Desktop, Cursor, and other MCP clients, allowing interaction with Prowler's security capabilities through natural language.

Preview Feature: This MCP server is currently under active development. Features and functionality may change. We welcome your feedback—please report any issues on GitHub or join our Slack community.

Key Capabilities

Prowler Cloud and Prowler App (Self-Managed)

Full access to Prowler Cloud platform and self-managed Prowler App for:

• Findings Analysis: Query, filter, and analyze security findings across all your cloud environments
• Provider Management: Create, configure, and manage your configured Prowler providers (AWS, Azure, GCP, etc.)
• Scan Orchestration: Trigger on-demand scans and schedule recurring security assessments
• Resource Inventory: Search and view detailed information about your audited resources
• Muting Management: Create and manage muting rules to suppress non-critical findings
• Compliance Reporting: View compliance status across frameworks and drill into requirement-level details

Prowler Hub

Access to Prowler's comprehensive security knowledge base:

• Security Checks Catalog: Browse and search over 1000 security checks across multiple Prowler providers
• Check Implementation: View the Python code that powers each security check
• Automated Fixers: Access remediation scripts for common security issues
• Compliance Frameworks: Explore mappings to over 70 compliance standards and frameworks
• Provider Services: View available services and checks for all supported Prowler providers

Prowler Documentation

Search and retrieve official Prowler documentation:

• Intelligent Search: Full-text search across all Prowler documentation
• Contextual Results: Get relevant documentation pages with highlighted snippets
• Document Retrieval: Access complete markdown content of any documentation file

Documentation

For comprehensive guides and tutorials, see the official documentation:

Guide	Description
Overview	Key capabilities, use cases, and deployment options
Installation	Docker, PyPI, and source installation
Configuration	Configure Claude Desktop, Cursor, and other MCP clients
Tools Reference	Complete reference of all tools
Developer Guide	How to extend with new tools

Deployment Options

Prowler MCP Server can be used in three ways:

1. Prowler Cloud MCP Server (Recommended)

Use Prowler's managed MCP server at https://mcp.prowler.com/mcp

• No installation required
• Managed and maintained by Prowler team
• Always up-to-date

{
  "mcpServers": {
    "prowler": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://mcp.prowler.com/mcp",
        "--header",
        "Authorization: Bearer pk_YOUR_API_KEY_HERE"
      ]
    }
  }
}

2. Local STDIO Mode

Run the server locally on your machine

• Runs as a subprocess of your MCP client
• Requires Python 3.12+ or Docker

3. Self-Hosted HTTP Mode

Deploy your own remote MCP server

• Full control over deployment
• Requires Python 3.12+ or Docker

See the Installation Guide for complete instructions.

Quick Installation

Docker (Recommended)

docker pull prowlercloud/prowler-mcp

# STDIO mode
docker run --rm -i prowlercloud/prowler-mcp

# HTTP mode
docker run --rm -p 8000:8000 prowlercloud/prowler-mcp --transport http --host 0.0.0.0 --port 8000

From Source

git clone https://github.com/prowler-cloud/prowler.git
cd prowler/mcp_server
uv run prowler-mcp --help

Available Tools

For complete tool descriptions and parameters, see the Tools Reference.

Tool Naming Convention

All tools follow a consistent naming pattern with prefixes:

• prowler_app_* - Prowler Cloud and App (Self-Managed) management tools
• prowler_hub_* - Prowler Hub catalog and compliance tools
• prowler_docs_* - Prowler documentation search and retrieval

Architecture

prowler_mcp_server/
├── server.py                 # Main orchestrator (imports sub-servers with prefixes)
├── main.py                   # CLI entry point
├── prowler_hub/              # tools - no authentication required
├── prowler_app/              # tools - authentication required
│   ├── tools/                # Tool implementations
│   ├── models/               # Pydantic models for LLM-optimized responses
│   └── utils/                # API client, authentication, tool loader
└── prowler_documentation/    # tools - no authentication required

Key Features:

• Modular Design: Three independent sub-servers with prefixed namespacing
• Auto-Discovery: Prowler App tools are automatically discovered and registered
• LLM Optimization: Response models minimize token usage by excluding empty values
• Dual Transport: Supports both STDIO (local) and HTTP (remote) modes

Use Cases

The Prowler MCP Server enables powerful workflows through AI assistants:

Security Operations

• "Show me all critical findings from my AWS production accounts"
• "Register my new AWS account in Prowler and run a scheduled scan every day"
• "List all muted findings and detect what findgings are muted by a not enough good reason in relation to their severity"

Security Research

• "Explain what the S3 bucket public access Prowler check does"
• "Find all Prowler checks related to encryption at rest"
• "What is the latest version of the CIS that Prowler is covering per provider?"

Documentation & Learning

• "How do I configure Prowler to scan my GCP organization?"
• "What authentication methods does Prowler support for Azure?"
• "How can I contribute with a new security check to Prowler?"

Requirements

For Prowler Cloud MCP Server:

• Prowler Cloud account and API key (only for Prowler Cloud/App features)

For self-hosted STDIO/HTTP Mode:

• Python 3.12+ or Docker
• Network access to:
  • https://hub.prowler.com (for Prowler Hub)
  • https://docs.prowler.com (for Prowler Documentation)
  • Prowler Cloud API or self-hosted Prowler App API (for Prowler Cloud/App features)

No Authentication Required: Prowler Hub and Prowler Documentation features work without authentication. A Prowler API key is only required to access Prowler Cloud or Prowler App (Self-Managed) features.

Configuring MCP Hosts

To configure your MCP host (Claude Code, Cursor, etc.) see the Configuration Guide for detailed setup instructions.

Contributing

For developers looking to extend the MCP server with new tools or features:

• Developer Guide: Step-by-step instructions for adding new tools
• AGENTS.md: AI agent guidelines and coding patterns

Related Products

• Prowler Hub: Browse security checks and compliance frameworks
• Prowler Cloud: Managed Prowler platform
• Lighthouse AI: AI security analyst

License

This project follows the repository's main license. See the LICENSE file at the repository root.