What audytx does

Posted within seconds of PR open or push. Severity-sorted, with findings folded into a collapsible <details> block past the summary. Updates in place on every push — never spammed as a new comment.

Findings carry a fix_snippet; precisely line-anchored ones post as GitHub one-click suggestions. The same soundness gate powers autofix_terraform over MCP — it applies only fixes it can anchor exactly, re-scans, and loops until clean. Never a corrupting edit.

Every finding the engine suppresses appears in a 🧠 audytx reasoned about N findings block — with the rule ID, resource address, and the axis that drove the decision. You audit the engine's calls without reading its source. This is the differentiator: dismissals carry their rationale.

The same findings upload as SARIF to GitHub's Security tab. Context suppressions surface as dismissed alerts with their reason — your security lead sees the same dismissals you do, with the same rationale.

gp2→gp3, NAT gateway vs VPC endpoints, non-prod Multi-AZ, S3 Bucket Keys for KMS, and more — quantified when the engine can. The PR header summarizes dollar bands when any opportunity has a signal. Cost and security in one comment, not two tools.

audytx is a Streamable-HTTP MCP server at POST /mcp — no auth, no session, no install. Point Claude Code, Cursor, or any MCP client at it and the agent that generated the config gets the findings at agent speed.

claude mcp add --transport http audytx https://audytx.com/mcp

scan_terraform returns findings with file/line evidence, severity, fix snippets — plus the context-suppressed false positives, each with its rationale. autofix_terraform applies the sound, line-anchored fixes server-side, re-scans, and loops (≤3 passes) until nothing auto-fixable remains. Same reasoning as the PR path.

Optionally hand audytx your terraform show -json output — over MCP, or from a CI workflow authenticated by its GitHub Actions OIDC token (no secret to manage). Plan data resolves what static parsing can't: values behind undefaulted variables, count/for_each expansion, and module-internal resources. Strictly opt-in; absence never degrades a scan.

Actions are expanded against an embedded AWS action table (thousands of actions), so iam:Create* resolves to the concrete privesc-relevant verbs it covers. The engine evaluates effective Allow over Deny precedence, NotAction inversion, and Condition gating — so a grant only counts when it's genuinely exploitable (Resource: "*", no limiting Condition, not neutralized by a Deny).

audytx builds the sts:AssumeRole / iam:PassRole graph and searches it for reachable escalation — an internet entry point (public Lambda / Fargate task / EC2 with IMDSv1 / unauthenticated API Gateway / Cognito) that chains, role to role, to admin. Curated paths (ATTACK_PATH_001–008) still ship; the search generalizes them so multi-hop chains a pattern list would miss surface too. On the iam-vulnerable corpus audytx detects all 31 documented privesc paths — tied with Checkov as the only tools that do (KICS 3%, Trivy 0%) — see the benchmark.

Each axis is a pre-computed per-resource verdict the rule layer consults before firing — the seam that turns a rule from "always fires" into "fires only when the graph says it should." A representative slice; the full list and per-rule mapping live at /status.

Every suppression is a latent false negative — so audytx measures the recall side of the moat too. An adversarial "must-NOT-suppress" corpus (multiple cases per axis) is scanned and each finding checked: did a suppressor eat a real finding? All 17 axes are currently leak-free against that corpus. We publish the FN-rate beside the false-positive benchmark — most scanners measure neither.

~50 service catalogs plus Rust skills the YAML DSL can't express (IAM, fusion, cross-reference, secrets, cost). Rules consult the axes above instead of firing blindly. Live list and per-rule axis mapping at /status.

Commit a baseline at the repo root to dismiss specific {rule_id, resource_address} pairs. Required expires: dates stop suppressions from rotting silently — when an entry expires, the finding fires again.

- rule_id: AWS_S3_010
  resource_address: aws_s3_bucket.legacy_public_assets
  reason: "Public by design; replatform tracked in PLAT-441"
  expires: 2026-09-30

The PR footer enumerates context-suppressed vs baseline-suppressed vs shown-live, and the numbers reconcile against the total. The engine can't silently lose a finding.

audytx-testbed holds long-lived PRs of real public AWS-Terraform repos that exercise every axis. See exactly what the engine does on real HCL — without trusting screenshots.

A wasm32-clean engine — no Python, Java, or Docker. A full 23-resource scan does its analysis in tens of milliseconds at the edge. Cheap enough to run on every PR at startup volumes without a funding round.

Every comment carries the engine + rule-catalog version. /status exposes the axis inventory, per-rule mapping, and output formats; /metrics reports aggregate usage. Every deploy is validated live against the API before it's trusted.

Same input ⇒ byte-identical findings, guarded by a golden-hash oracle so an optimization can never silently change output. Findings are a function of your code and the pinned engine version — not a model's mood.