prowler-mcp
SKILL.md
Overview
The Prowler MCP Server uses three sub-servers with prefixed namespacing:
| Sub-Server | Prefix | Auth | Purpose |
|---|---|---|---|
| Prowler App | prowler_app_* |
Required | Cloud management tools |
| Prowler Hub | prowler_hub_* |
No | Security checks catalog |
| Prowler Docs | prowler_docs_* |
No | Documentation search |
For complete architecture, patterns, and examples, see docs/developer-guide/mcp-server.mdx.
Critical Rules (Prowler App Only)
Tool Implementation
- ALWAYS: Extend
BaseTool(auto-registered viatool_loader.py, only public methods from the class are exposed as a tool) - NEVER: Manually register BaseTool subclasses
- NEVER: Import tools directly in server.py
Models
- ALWAYS: Use
MinimalSerializerMixinfor responses - ALWAYS: Implement
from_api_response()factory method - ALWAYS: Use two-tier models (Simplified for lists, Detailed for single items)
- NEVER: Return raw API responses
API Client
- ALWAYS: Use
self.api_clientsingleton - ALWAYS: Use
build_filter_params()for query parameters - NEVER: Create new httpx clients
Hub/Docs Tools
Use @mcp.tool() decorator directly—no BaseTool or models required.
Quick Reference: New Prowler App Tool
- Create tool class in
prowler_app/tools/extendingBaseTool - Create models in
prowler_app/models/usingMinimalSerializerMixin - Tools auto-register via
tool_loader.py
QA Checklist (Prowler App)
- Tool docstrings describe LLM-relevant behavior
- Models use
MinimalSerializerMixin - API responses transformed to simplified models
- Error handling returns
{"error": str, "status": "failed"} - Parameters use
Field()with descriptions - No hardcoded secrets
Resources
- Full Guide: docs/developer-guide/mcp-server.mdx
- Templates: See assets/ for tool and model templates
Weekly Installs
5
Repository
prowler-cloud/prowlerInstalled on
claude-code5
windsurf4
opencode4
codex4
trae3
cursor3