Cloudsword

v1.0.0Securitystable

一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

alibaba-cloudcloudsecuritycybersecuritymcpmcp-server
Share:
603
Stars
0
Downloads
0
Weekly
0/5

What is Cloudsword?

Cloudsword is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to 一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

This server falls under the Security and Cloud Services categories on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • 一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

Use Cases

Discover and test cloud security risks on Alibaba Cloud and Tencent Cloud. Enhance cloud protection capabilities through comprehensive scanning. Identify and remediate cloud security vulnerabilities.
wgpsec

Maintainer

LicenseApache-2.0
Languagego
Versionv1.0.0
UpdatedMay 17, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx cloudsword

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Cloudsword

Cloudsword is a comprehensive open-source cloud security assessment tool (written in Go) that helps cloud tenants discover and test security risks across Alibaba Cloud, Tencent Cloud, Huawei Cloud, Baidu Cloud, and Qiniu Cloud. Starting from v0.0.2 it supports the Model Context Protocol via both SSE and STDIO modes, allowing AI assistants to invoke its 25+ security modules to enumerate storage buckets, list compute instances, audit IAM users, and enumerate network assets — all through natural language. Security engineers use it to identify misconfigurations, overly permissive IAM policies, and exposed resources in multi-cloud environments.

Prerequisites

  • Go 1.21 or later (if building from source) or Homebrew (macOS) for the binary
  • Cloud provider access keys (access key ID and secret) for the cloud accounts you want to assess
  • An MCP-compatible client such as Claude Desktop or Cursor
  • Appropriate read permissions on the target cloud accounts (least-privilege assessment credentials recommended)
1

Install Cloudsword

Install via Homebrew on macOS, or download the binary for your platform from the GitHub releases page.

# macOS via Homebrew:
brew tap wgpsec/tap
brew install wgpsec/tap/cloudsword

# Or download binary from:
# https://github.com/wgpsec/cloudsword/releases
2

Set cloud credentials

Export your cloud provider credentials as environment variables. These are used by all modules and never written to disk.

export CLOUD_SWORD_ACCESS_KEY_ID=your_access_key_id
export CLOUD_SWORD_ACCESS_KEY_SECRET=your_access_key_secret
# Optional for temporary credentials:
export CLOUD_SWORD_SECURITY_TOKEN=your_sts_token
3

Start the MCP server in STDIO mode

Launch Cloudsword in STDIO mode so an MCP client can communicate with it directly.

cloudsword stdio
4

Or start in SSE mode

Alternatively, run Cloudsword in SSE mode to expose a network endpoint that MCP clients can connect to via URL.

cloudsword sse http://localhost:8080
5

Configure your MCP client

Add Cloudsword to your MCP client configuration using the STDIO transport and passing credentials via environment variables.

Cloudsword Examples

Client configuration

Add this block to your claude_desktop_config.json to run Cloudsword in STDIO mode with Alibaba Cloud credentials.

{
  "mcpServers": {
    "cloudsword": {
      "command": "cloudsword",
      "args": ["stdio"],
      "env": {
        "CLOUD_SWORD_ACCESS_KEY_ID": "your_access_key_id",
        "CLOUD_SWORD_ACCESS_KEY_SECRET": "your_access_key_secret"
      }
    }
  }
}

Prompts to try

These prompts invoke Cloudsword's security assessment modules for Alibaba Cloud and Tencent Cloud.

- "List all OSS buckets in my Alibaba Cloud account and identify any that are publicly accessible."
- "Enumerate all RAM users in my Alibaba Cloud account and list their attached policies."
- "List all ECS instances in my Alibaba Cloud account across all regions."
- "Enumerate all COS buckets in my Tencent Cloud account and check their access control settings."
- "List all CAM users in my Tencent Cloud account and flag any with admin permissions."

Troubleshooting Cloudsword

Modules return 'InvalidAccessKeyId' or authentication errors

Verify that CLOUD_SWORD_ACCESS_KEY_ID and CLOUD_SWORD_ACCESS_KEY_SECRET are set correctly for the target cloud provider. For Alibaba Cloud, keys from the RAM console should have API access enabled, not just console access.

Temporary credential errors (token expired)

If using STS temporary credentials, set CLOUD_SWORD_SECURITY_TOKEN to the current session token. Temporary credentials expire; refresh them and restart the server.

cloudsword command not found after brew install

Run 'brew link wgpsec/tap/cloudsword' and ensure /usr/local/bin or /opt/homebrew/bin is in your PATH. Alternatively, download the binary directly from the GitHub releases page and place it in your PATH.

Frequently Asked Questions about Cloudsword

What is Cloudsword?

Cloudsword is a Model Context Protocol (MCP) server that 一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具 It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Cloudsword?

Follow the installation instructions on the Cloudsword GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Cloudsword?

Cloudsword works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Cloudsword free to use?

Yes, Cloudsword is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

Cloudsword Alternatives — Similar Security Servers

Looking for alternatives to Cloudsword? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "cloudsword": { "command": "npx", "args": ["-y", "cloudsword"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Cloudsword?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides