This is a historical AWS security analysis tool that's no longer an active Cyntrisec product. It scans AWS infrastructure via AssumeRole to build a capability graph from IAM policies, EC2 instances, security groups, RDS databases, and S3 buckets, then discovers attack paths from the internet to sensitive targets. The MCP server exposes tools like get_scan_summary and get_attack_paths to query locally stored scan results. You'd reach for this if you want to analyze blast radius, identify unused permissions, or generate remediation plans with ROI prioritization based on security impact and cost savings. It's read only by default and outputs deterministic JSON with proof chains, but comes with no warranty or support.
claude mcp add --transport stdio io.github.cyntrisec-cyntrisec uvx cyntrisec