CNAPP engine Emfirge exposed as MCP server for AI-native cloud security
Ansh Sonkar wrapped his self-built CNAPP tool, Emfirge, as an MCP server so cloud security workflows like attack path tracing and compliance checks can run directly inside Claude, Cursor, Kiro, Cline, and other MCP-compatible clients instead of a dashboard.
Score breakdown
The project demonstrates a concrete pattern for surfacing graph-based cloud security analysis inside AI coding clients via MCP, replacing dashboard-bound workflows with direct, in-editor queries backed by real infrastructure data rather than model speculation.
- 01Emfirge is a self-built CNAPP that Ansh Sonkar converted into an MCP server.
- 02It works with MCP-compatible AI clients including Claude, Cursor, Kiro, and Cline.
- 03Users provide a read-only AWS IAM role to connect their infrastructure.
Ansh Sonkar built Emfirge as a personal CNAPP project to learn infrastructure engineering, but repeatedly hit the same friction point: cloud security insights were locked inside dashboards, forcing users to jump between multiple screens to investigate attack paths, compliance issues, blast radius, or proposed fixes. His solution was to expose Emfirge's core engine as an MCP server, making it accessible directly from MCP-compatible AI clients including Claude, Cursor, Kiro, and Cline. The tool requires only a read-only AWS IAM role to get started.
The core of Emfirge is a graph-based model of cloud infrastructure.
The core of Emfirge is a graph-based model of cloud infrastructure. Sonkar notes that most of the tool's capabilities — attack path analysis, path finding, and risk modeling — turned out to be graph traversal problems, which made MCP feel like a natural interface. For "what-if" simulations (e.g., "What happens if I make this bucket public?" or "Does this change increase or reduce risk?"), Emfirge clones the infrastructure graph, applies the proposed change, and reruns the analysis, so answers come from graph computation rather than LLM speculation.
A key design concern was data privacy: sensitive values like AWS account IDs, ARNs, resource identifiers, and IP addresses are tokenized locally before any LLM interaction, so the model sees only anonymized tokens. The source code is publicly available on GitHub at `https://github.com/theanshsonkar/emfirge`, and Sonkar is seeking feedback from practitioners in cloud security, platform engineering, and infrastructure.
Key facts
- 01Emfirge is a self-built CNAPP that Ansh Sonkar converted into an MCP server.
- 02It works with MCP-compatible AI clients including Claude, Cursor, Kiro, and Cline.
- 03Users provide a read-only AWS IAM role to connect their infrastructure.
- 04The engine models cloud infrastructure as a graph for attack path tracing, compliance checks, and blast radius analysis.
- 05What-if simulations clone the infrastructure graph, apply a proposed change, and rerun analysis — not LLM guessing.
- 06Sensitive identifiers (AWS account IDs, ARNs, IP addresses) are tokenized locally before any LLM interaction.
- 07Source code is publicly available on GitHub at github.com/theanshsonkar/emfirge.
Topics
Summary and scoring are generated automatically from the original article. We always link back to the publisher and never republish images or paywalled content. Last processed Jun 16, 2026 · 23:11 UTC. How this works →