NSAuditor AI CE 0.2.10: The Cloud Finding Your AI Agent Counted But Never Read

MobNS

If you drive cloud audits through an AI assistant, here is a failure mode worth knowing about — because NSAuditor AI Community Edition 0.2.10 (“MCP affordance II”, live on npm with agent-skill 0.2.10) was built to close it. Enterprise stays at 0.19.4.

Picture the workflow. You ask your Desktop agent: “Audit my SQS queues and SNS topics for CloudWatch alarm coverage.” The scanner runs, finds four queues and topics with no alarms, and the agent replies that the alarm dimension “came back clean.” Both things are true at once — the engine found the problem, and the agent reported none — because the scan_cloud MCP summary itemized only CRITICAL and HIGH findings. The MEDIUMs existed only as a number. To a model reading that summary, a count of medium findings looks exactly like nothing there.

CE 0.2.10 changes what the agent sees on the very first call. The summary now rolls up MEDIUM and LOW findings per provider, grouped by category and sorted count-descending — MEDIUM (8) sqs-age-alarm-missing ×2 · …. It compacts long lists into one line but never caps them, so the monitoring story is always on the page. Findings already flagged as evidence-gaps stay in their own channel, so nothing is double-counted, and plugins that don’t yet emit a category fall back to a per-plugin bucket instead of vanishing.

The second half is a drill-down. The new Enterprise-gated get_findings tool reads the most recent scan from a per-provider, per-session cache — filter by provider, plugin, severity, or category, paginate the results, and pull the full untruncated text of any finding. That means an agent can go from “eight medium monitoring findings” to the exact queue and topic names without re-scanning, and without reaching for a raw cloud API as a fallback (in the original validation, that fallback hit the production account). The license boundary is enforced before the cache is touched: a Community or Pro caller hitting get_findings gets the same upgrade denial as scan_cloud and never sees cached Enterprise findings — a committed leak-path test holds that line.

The throughline for anyone running compliance scans through an assistant: a green verdict you can’t trust is worse than no verdict, and an MCP surface that hides actionable findings behind a count wastes detection the engine already did. Community Edition is MIT and free; the cloud audit surface and get_findings require an Enterprise license. https://www.nsauditor.com/ai/enterprise/

Related Posts:

  • nsauditor-ai-ee-0-18-3-hero
  • nsauditor-ai-ee-0-18-1-readonly-gcp
  • nsauditor-ai-ee-0-3-3-azure-soc2-multicloud
  • nsauditor-ai-ee-0-5-1-sqs-sns-cloudwatch-alarm-coverage
  • nsauditor-ai-ee-0-18-2-evidence-gap-visibility