IAC Audit Pack

Name: IAC Audit Pack
Author: UnbearableDev

UnbearableDev/iac-audit-pack

Run one MCP call that audits Docker Compose, Dockerfiles, GitHub Actions, and Kubernetes manifests with 131 combined checks before release.

Overview

io.github.UnbearableDev/iac-audit-pack is a MCP server for the Ship phase that runs four IaC audits in one call with 131 checks across Compose, Dockerfile, GitHub Actions, and Kubernetes.

What is this MCP server?

Single pack runs four IaC audits: Docker Compose, Dockerfile, GitHub Actions, and Kubernetes
131 total checks aggregated across those artifact types
One Apify streamable-http MCP remote instead of four separate audit servers
Ideal pre-release pass when your stack mixes containers, workflows, and manifests
Maintained by UnbearableDev with version 1.0.0 server metadata
131 checks across four audit types: Compose, Dockerfile, GitHub Actions, Kubernetes
Four IaC audits invokable in one MCP pack per server description
Version 1.0.0 at unbearable-dev--iac-audit-pack Apify actor endpoint

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

You juggle compose, images, CI workflows, and k8s YAML but lack time to run separate security tools on each before every release.

Who is it for?

Indie full-stack operators who ship containerized apps with GitHub Actions and want a single MCP audit sweep across their IaC footprint.

Skip if: Teams auditing only one artifact type who prefer minimal scoped servers, or environments without any of the four supported formats.

What do I get? / Deliverables

After connecting the pack, your agent can trigger a unified IaC audit and return cross-artifact findings in one workflow.

Combined audit results across four IaC categories totaling 131 checks
Per-artifact findings for Compose, Dockerfile, GitHub Actions, and Kubernetes inputs
Agent-usable remediation list for a coordinated pre-ship hardening pass

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Infrastructure-as-code spans the build repo but audit value peaks when you Ship and need confidence across every deploy surface. Bundled IaC auditing is a ship-security accelerator for solos who touch compose, k8s, CI, and images in one codebase.

How it compares

Bundled IaC security MCP pack, not a deploy tool or a single-format linter skill.

Common Questions / FAQ

Who is io.github.UnbearableDev/iac-audit-pack for?

It is for solo builders and small teams who maintain Compose, Dockerfiles, GitHub Actions, and Kubernetes together and want one agent-driven audit entry point.

When should I use io.github.UnbearableDev/iac-audit-pack?

Use it before tagging a release, after large infra refactors, or when onboarding a new deploy path that touches multiple IaC file types at once.

How do I add io.github.UnbearableDev/iac-audit-pack to my agent?

Register the Apify MCP remote URL, add your Apify token as Bearer authorization, then call the pack tools with the IaC files your agent should analyze.

IAC Audit Pack

UnbearableDev/iac-audit-pack

Run one MCP call that audits Docker Compose, Dockerfiles, GitHub Actions, and Kubernetes manifests with 131 combined checks before release.

Overview

io.github.UnbearableDev/iac-audit-pack is a MCP server for the Ship phase that runs four IaC audits in one call with 131 checks across Compose, Dockerfile, GitHub Actions, and Kubernetes.

What is this MCP server?

Single pack runs four IaC audits: Docker Compose, Dockerfile, GitHub Actions, and Kubernetes
131 total checks aggregated across those artifact types
One Apify streamable-http MCP remote instead of four separate audit servers
Ideal pre-release pass when your stack mixes containers, workflows, and manifests
Maintained by UnbearableDev with version 1.0.0 server metadata
131 checks across four audit types: Compose, Dockerfile, GitHub Actions, Kubernetes
Four IaC audits invokable in one MCP pack per server description
Version 1.0.0 at unbearable-dev--iac-audit-pack Apify actor endpoint

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

You juggle compose, images, CI workflows, and k8s YAML but lack time to run separate security tools on each before every release.

Who is it for?

Indie full-stack operators who ship containerized apps with GitHub Actions and want a single MCP audit sweep across their IaC footprint.

Skip if: Teams auditing only one artifact type who prefer minimal scoped servers, or environments without any of the four supported formats.

What do I get? / Deliverables

After connecting the pack, your agent can trigger a unified IaC audit and return cross-artifact findings in one workflow.

Combined audit results across four IaC categories totaling 131 checks
Per-artifact findings for Compose, Dockerfile, GitHub Actions, and Kubernetes inputs
Agent-usable remediation list for a coordinated pre-ship hardening pass

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Bundled IaC security MCP pack, not a deploy tool or a single-format linter skill.

Common Questions / FAQ

Who is io.github.UnbearableDev/iac-audit-pack for?

It is for solo builders and small teams who maintain Compose, Dockerfiles, GitHub Actions, and Kubernetes together and want one agent-driven audit entry point.

When should I use io.github.UnbearableDev/iac-audit-pack?

Use it before tagging a release, after large infra refactors, or when onboarding a new deploy path that touches multiple IaC file types at once.

How do I add io.github.UnbearableDev/iac-audit-pack to my agent?

Register the Apify MCP remote URL, add your Apify token as Bearer authorization, then call the pack tools with the IaC files your agent should analyze.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is io.github.UnbearableDev/iac-audit-pack for?

When should I use io.github.UnbearableDev/iac-audit-pack?

How do I add io.github.UnbearableDev/iac-audit-pack to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is io.github.UnbearableDev/iac-audit-pack for?

When should I use io.github.UnbearableDev/iac-audit-pack?

How do I add io.github.UnbearableDev/iac-audit-pack to my agent?