VOOZH about

URL: https://apify.com/unbearable_dev/iac-audit-pack

โ‡ฑ Unbearable IaC Audit Pack ยท Apify


Pricing

from $100.00 / 1,000 full pack audits

Go to Apify Store

Unbearable IaC Audit Pack

All four Unbearable Labs audit Actors under one MCP endpoint: docker-compose (25 checks), Dockerfile (26 checks), GitHub Actions (21 checks), HU postcode validator (5 tools). Snyk-comparable IaC coverage at 10x cheaper. Pay-per-event. Built by Unbearable Labs.

Pricing

from $100.00 / 1,000 full pack audits

Rating

0.0

(0)

Developer

๐Ÿ‘ Noel Himer

Noel Himer

Maintained by Community

Actor stats

0

Bookmarked

1

Total users

0

Monthly active users

21 days ago

Last modified

Share

All four infrastructure audit MCPs under one endpoint. 128 checks across Docker Compose, Dockerfile, GitHub Actions, and Kubernetes manifests.

Built by Unbearable Labs. Free to use โ€” bring your own Apify token.


Available on

Newsletter: Unbearable TechTips Weekly ยท All Actors: github.com/UnbearableDev

What's included

PackageChecksCategoriesPrimary tool
Docker Compose audit259audit_compose
Dockerfile audit195audit_dockerfile
GitHub Actions audit216audit_github_actions
Kubernetes manifest audit637audit_kubernetes

Plus bundle-only tools:

  • audit_all โ€” paste a dict of filenames โ†’ content; auto-detects file types and runs the right audit on each
  • list_all_checks โ€” full cross-package check catalog in one call

Also includes 6 Hungarian postcode utility tools (lookup_postcode, validate_address, etc.) on the same endpoint.

Example

Call: audit_all with compose + Dockerfile content

Input:

audit_all({
"compose":"<docker-compose.yml content>",
"dockerfile":"<Dockerfile content>"
})

Output:

{
"compose":{
"findings":[
{"check_id":"DCS-018","severity":"high","message":"Host Docker socket (/var/run/docker.sock) mounted"}
],
"summary":{"critical":0,"high":1,"medium":1,"low":0}
},
"dockerfile":{
"findings":[
{"check_id":"DFA-021","severity":"high","message":"USER root set explicitly โ€” runs as root"}
],
"summary":{"critical":0,"high":1,"medium":0,"low":0}
},
"cross_domain_summary":{
"total_findings":3,
"highest_severity":"high",
"domains_with_findings":["compose","dockerfile"]
}
}

Quick start (Claude Desktop)

{
"mcpServers":{
"iac-audit-pack":{
"type":"http",
"url":"https://unbearable-dev--iac-audit-pack.apify.actor/mcp",
"headers":{
"Authorization":"Bearer <your-apify-token>"
}
}
}
}

Tool catalog

Aggregation (bundle-only)

ToolDescription
audit_all(files, min_severity?)Multi-file detection + combined audit report
list_all_checks()All 128 checks across all four audit packages

Docker Compose (25 checks, 9 categories)

ToolDescription
audit_compose(compose_yaml?, compose_url?, min_severity?)Full 25-check audit
check_privilegePrivileged mode, cap_add, user namespace
check_networkHost networking, exposed dangerous ports
check_secretsHardcoded passwords, tokens in env vars
check_filesystemDocker socket mounts, host path mounts
check_resourcesMissing memory/CPU limits
check_image_hygieneUnpinned tags, latest usage
check_runtime_lifecycleRestart policies, healthchecks
check_loggingLogging driver config
check_compose_hygieneVersion field, service naming
list_checks_compose(category?)Check catalog

Dockerfile (19 checks, 5 categories)

ToolDescription
audit_dockerfile(dockerfile_content?, dockerfile_url?, min_severity?)Full 19-check audit
check_base_image_dockerfileUnpinned base, latest, root user in FROM
check_instructions_dockerfileADD vs COPY, COPY ordering, ENV secrets
check_security_dockerfileUSER root, privilege escalation patterns
check_efficiency_dockerfileLayer count, cache busting
check_secrets_dockerfileHardcoded secrets in RUN/ENV/ARG
list_checks_dockerfile(category?)Check catalog

GitHub Actions (21 checks, 6 categories)

ToolDescription
audit_github_actions(workflow_yaml?, workflow_url?, min_severity?)Full 21-check audit
check_secrets_ghaLeaked tokens, secret in run: blocks
check_permissions_ghaOverly broad write-all permissions
check_action_pinning_ghaUnpinned action refs (not SHA-pinned)
check_runner_security_ghaSelf-hosted runner risks
check_workflow_config_ghapull_request_target misuse, script injection
check_supply_chain_advanced_ghaTeamPCP-class supply-chain patterns (GHA-201..208)
list_checks_github_actions(category?)Check catalog

Kubernetes (63 checks, 7 categories)

ToolDescription
audit_kubernetes(manifest_yaml?, min_severity?)Full 63-check kube-linter audit
list_checks_kubernetes(category?)Check catalog

HU Postcode Validator (6 tools)

ToolDescription
validate_postcode(postcode)Settlement + county for a HU postcode
lookup_postcode(postcode)Alias for validate_postcode
lookup_city(city)All postcodes for a city (diacritic-insensitive)
validate_address(postcode, city)Postcode/city pairing validation
list_postcodes_in_county(county_name)All postcodes in a county
budapest_district_lookup(district_number)Budapest I-XXIII to postcodes

Pricing

Free to use โ€” hosted on Apify, bring your own Apify token.

Architecture

Package-import (not proxy): all four sub-packages are bundled directly into the Actor image. Single cold start, single billing rail, no cross-Actor latency.


Built by Noel @ Unbearable Labs โ€” more like this in the weekly newsletter: https://unbearabletechtips.beehiiv.com

You might also like

Docker Compose Security Audit

unbearable_dev/docker-compose-audit

Audits docker-compose.yml files for security misconfigurations. 25 checks across 9 categories with severity, remediation, and YAML fix snippets. Pay-per-event. MCP-native - call from Claude Desktop, Cursor, n8n, or any MCP client. Built by Unbearable Labs.

Dockerfile Security & Quality Audit

unbearable_dev/dockerfile-audit

Hadolint-grade Dockerfile audit, MCP-native. 18+ checks across 5 categories (base image, instructions, security, efficiency, secrets) with severity, line numbers, remediation, and fix snippets. Pay-per-event. Call from Claude Desktop, Cursor, n8n, or any MCP client. Built by Unbearable Labs.

Hungarian Postcode & Address Validator

unbearable_dev/hu-postcode-validator

Validate Hungarian postal codes and addresses from your AI agent. Look up postcodes by city, cities by postcode, and Budapest district info. Powered by official Magyar Posta and KSH settlement data. Pennies per call. Built by Unbearable Labs.

iHealth Labs Scraper

mshopik/ihealth-labs-scraper

Scrape iHealth Labs and extract data on medical devices and equipment from ihealthlabs.com. Our iHealth Labs API lets you crawl product information and pricing. The saved data can be downloaded as HTML, JSON, CSV, Excel, and XML.

๐Ÿข Enterprise MCP Gateway โ€” 26 AI Servers in One

nexgendata/enterprise-mcp-gateway

All-in-one MCP gateway bundling 26 specialized data servers โ€” finance, real estate, jobs, legal, news, sports, and more. One endpoint, one connection, full access. Built for AI agents at scale.