Server data from the Official MCP Registry
AI-Powered AWS security analysis: scan IAM policies and CloudFormation for risks and escalation.
AI-Powered AWS security analysis: scan IAM policies and CloudFormation for risks and escalation.
The MCP server is well-structured with appropriate authentication mechanisms and no critical security vulnerabilities. The server requires optional API key authentication for production use, supports demo mode, and makes reasonable network calls to the Shieldly API. The code is compiled/minified which prevents easy source code review, but the available metadata, package.json, and README indicate a legitimate security analysis tool from an established vendor. Minor code quality considerations around error handling in the compiled bundle, but these do not materially impact security posture. Supply chain analysis found 1 known vulnerability in dependencies (0 critical, 1 high severity). Package verification found 1 issue.
3 files analyzed · 4 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Set these up before or after installing:
Environment variable: SHIELDLY_API_KEY
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-shieldly-io-mcp": {
"env": {
"SHIELDLY_API_KEY": "your-shieldly-api-key-here"
},
"args": [
"-y",
"@shieldly/mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
AI-Powered Security Analysis for AWS — official MCP server.
Gives any MCP-compatible AI assistant (Claude Code, Claude Desktop, Cursor, etc.) two tools to analyze AWS IAM policies and CloudFormation templates for security risks — privilege escalation paths, wildcards, and other over-permissive access. Powered by Shieldly.
Add to your MCP client config (e.g. Claude Desktop's claude_desktop_config.json,
or Claude Code's .mcp.json):
{
"mcpServers": {
"shieldly": {
"command": "npx",
"args": ["-y", "@shieldly/mcp"]
}
}
}
Both tools run in demo mode without an API key (rate-limited, no signup). For
higher limits, set SHIELDLY_API_KEY:
{
"mcpServers": {
"shieldly": {
"command": "npx",
"args": ["-y", "@shieldly/mcp"],
"env": { "SHIELDLY_API_KEY": "sk_live_..." }
}
}
}
Get an API key (Builder plan or above): https://www.shieldly.io/app/api
analyze_iam_policyAnalyzes an IAM identity policy, or a cross-account trust+identity pair.
| Argument | Type | Description |
|---|---|---|
policy | string | The IAM policy JSON as a string. |
policyType | identity | cross_account | Defaults to identity. |
analyze_cloudformation_templateAnalyzes a CloudFormation template — extracts IAM roles/policies and flags over-permissive access.
| Argument | Type | Description |
|---|---|---|
template | string | The CloudFormation template JSON as a string. |
MIT
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.