Docker Compose Audit MCP Server

Docker Compose Security Audit

MCP server that audits docker-compose.yml files for security misconfigurations. Trivy-grade check catalog, designed for AI agents — every finding ships with a severity rating, full remediation text, and a YAML fix snippet you can paste.

Built by Unbearable Labs. Pay-per-event pricing — you only pay when an audit runs.

---

Available on

• Apify Actor Store — primary, metered usage (PPE)
• MCPize — pending submission
• MCP.so — pending submission
• PulseMCP — pending submission
• Smithery — pending submission
• Glama — pending submission

Newsletter: Unbearable TechTips Weekly · All Actors: github.com/UnbearableDev

What it does

Point any MCP-capable client (Claude Desktop, Cursor, n8n, Make, Zapier, custom agents) at this server, hand it the contents of a docker-compose.yml, and get back a structured report with:

• Severity — high / medium / low / info
• Service — which compose service the finding affects
• Description — what's wrong and why it matters
• Remediation — what to do about it
• Fix snippet — YAML you can paste directly into the file

Tools

All audit-running tools accept the same input:

• compose_yaml (string) — paste the YAML content directly, OR
• compose_url (string) — public HTTPS URL to fetch (e.g. GitHub raw URL)

Provide exactly one. min_severity defaults to low (drops info findings); set to medium or high to filter further.

Example response (truncated)

{
  "summary": {
    "total_findings": 14,
    "by_severity": {"high": 3, "medium": 6, "low": 5, "info": 0},
    "by_category": {"privilege": 4, "network": 3, "secrets": 2, "...": 5}
  },
  "findings": [
    {
      "id": "DCS-002",
      "category": "privilege",
      "severity": "high",
      "service": "web",
      "title": "Privileged mode enabled",
      "description": "Service 'web' has `privileged: true`...",
      "remediation": "Remove `privileged: true`. If you need specific capabilities...",
      "fix_yaml_snippet": "    # remove `privileged: true`; if needed, use cap_add or devices selectively",
      "references": ["CIS-Docker-5.4", "NIST-800-190"]
    },
    ...
  ]
}

Pricing

You pay only when a tool is invoked. No subscription, no monthly minimums.

Check catalog (25 live in v1, growing toward 54)

Use list_checks to get the canonical, up-to-date catalog with IDs, severities, and titles.

Connecting from Claude Desktop

Add to your MCP config:

{
  "mcpServers": {
    "compose-audit": {
      "transport": "streamable-http",
      "url": "https://YOUR-ACTOR-URL.apify.actor/mcp"
    }
  }
}

(Replace YOUR-ACTOR-URL with the Standby URL shown on the Apify Store page after you start the Actor.)

Limits

• YAML size: 1 MB cap per audit call
• URL fetch: 5-second timeout, max 3 redirects, HTTPS only
• Session timeout: 5 minutes of inactivity

What's NOT covered (yet)

Pure static analysis of the compose file only. Out of scope for this version:

• Image vulnerability scanning (use Trivy / Grype for that)
• Live container inspection
• Kubernetes / Helm manifests (different surface)
• Dockerfile-specific lint (use Hadolint)

The next 29 checks on the v1.x → v2 roadmap include build-context security, additional capability checks, secret-pattern detection in build args, and registry trust verification.

Source / contact

Issues, ideas, or false-positive reports: open an issue on the GitHub repo or email unbearabledev@gmail.com.

get the weekly newsletter(https://unbearabletechtips.beehiiv.com).