[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-70748":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":23,"hasPages":23,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":46,"readmeContent":47,"aiSummary":48,"trendingCount":16,"starSnapshotCount":16,"syncStatus":49,"lastSyncTime":50,"discoverSource":51},70748,"prowler","prowler-cloud\u002Fprowler","prowler-cloud","Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.","https:\u002F\u002Fprowler.com",null,"Python",13979,2174,120,75,0,28,68,206,84,45,"Apache License 2.0",false,"master",[26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45],"aws","azure","cis-benchmark","cloud","cloudsecurity","compliance","cspm","devsecops","forensics","gcp","gdpr","hacktoberfest","hardening","iam","multi-cloud","python","security","security-audit","security-hardening","security-tools","2026-06-12 02:02:42","\u003Cp align=\"center\">\n  \u003Cimg align=\"center\" src=\"https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\u002Fblob\u002Fmaster\u002Fdocs\u002Fimg\u002Fprowler-logo-black.png#gh-light-mode-only\" width=\"50%\" height=\"50%\">\n  \u003Cimg align=\"center\" src=\"https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\u002Fblob\u002Fmaster\u002Fdocs\u002Fimg\u002Fprowler-logo-white.png#gh-dark-mode-only\" width=\"50%\" height=\"50%\">\n\u003C\u002Fp>\n\u003Cp align=\"center\">\n  \u003Cb>\u003Ci>Prowler\u003C\u002Fb> is the Open Cloud Security Platform trusted by thousands to automate security and compliance in any cloud environment. With hundreds of ready-to-use checks and compliance frameworks, Prowler delivers real-time, customizable monitoring and seamless integrations, making cloud security simple, scalable, and cost-effective for organizations of any size.\n\u003C\u002Fp>\n\u003Cp align=\"center\">\n\u003Cb>Secure ANY cloud at AI Speed at \u003Ca href=\"https:\u002F\u002Fprowler.com\">prowler.com\u003C\u002Fi>\u003C\u002Fb>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n\u003Ca href=\"https:\u002F\u002Fgoto.prowler.com\u002Fslack\">\u003Cimg width=\"30\" height=\"30\" alt=\"Prowler community on Slack\" src=\"https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\u002Fassets\u002F38561120\u002F3c8b4ec5-6849-41a5-b5e1-52bbb94af73a\">\u003C\u002Fa>\n  \u003Cbr>\n  \u003Ca href=\"https:\u002F\u002Fgoto.prowler.com\u002Fslack\">Join our Prowler community!\u003C\u002Fa>\n\u003C\u002Fp>\n\u003Chr>\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fgoto.prowler.com\u002Fslack\">\u003Cimg alt=\"Slack Shield\" src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fslack-prowler-brightgreen.svg?logo=slack\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fpypi.org\u002Fproject\u002Fprowler\u002F\">\u003Cimg alt=\"Python Version\" src=\"https:\u002F\u002Fimg.shields.io\u002Fpypi\u002Fv\u002Fprowler.svg\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fpypi.python.org\u002Fpypi\u002Fprowler\u002F\">\u003Cimg alt=\"Python Version\" src=\"https:\u002F\u002Fimg.shields.io\u002Fpypi\u002Fpyversions\u002Fprowler.svg\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fpypistats.org\u002Fpackages\u002Fprowler\">\u003Cimg alt=\"PyPI Downloads\" src=\"https:\u002F\u002Fimg.shields.io\u002Fpypi\u002Fdw\u002Fprowler.svg?label=downloads\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fhub.docker.com\u002Fr\u002Ftoniblyx\u002Fprowler\">\u003Cimg alt=\"Docker Pulls\" src=\"https:\u002F\u002Fimg.shields.io\u002Fdocker\u002Fpulls\u002Ftoniblyx\u002Fprowler\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgallery.ecr.aws\u002Fprowler-cloud\u002Fprowler\">\u003Cimg width=\"120\" height=19\" alt=\"AWS ECR Gallery\" src=\"https:\u002F\u002Fuser-images.githubusercontent.com\u002F3985464\u002F151531396-b6535a68-c907-44eb-95a1-a09508178616.png\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fcodecov.io\u002Fgh\u002Fprowler-cloud\u002Fprowler\">\u003Cimg src=\"https:\u002F\u002Fcodecov.io\u002Fgh\u002Fprowler-cloud\u002Fprowler\u002Fgraph\u002Fbadge.svg?token=OflBGsdpDl\"\u002F>\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Finsights.linuxfoundation.org\u002Fproject\u002Fprowler-cloud-prowler\">\u003Cimg src=\"https:\u002F\u002Finsights.linuxfoundation.org\u002Fapi\u002Fbadge\u002Fhealth-score?project=prowler-cloud-prowler\"\u002F>\u003C\u002Fa>\n\u003C\u002Fp>\n\u003Cp align=\"center\">\n    \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\u002Freleases\">\u003Cimg alt=\"Version\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002Fprowler-cloud\u002Fprowler\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\u002Freleases\">\u003Cimg alt=\"Version\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Frelease-date\u002Fprowler-cloud\u002Fprowler\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\">\u003Cimg alt=\"Contributors\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fcontributors-anon\u002Fprowler-cloud\u002Fprowler\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\u002Fissues\">\u003Cimg alt=\"Issues\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues\u002Fprowler-cloud\u002Fprowler\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\">\u003Cimg alt=\"License\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002Fprowler-cloud\u002Fprowler\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002FToniBlyx\">\u003Cimg alt=\"Twitter\" src=\"https:\u002F\u002Fimg.shields.io\u002Ftwitter\u002Ffollow\u002Ftoniblyx?style=social\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fprowlercloud\">\u003Cimg alt=\"Twitter\" src=\"https:\u002F\u002Fimg.shields.io\u002Ftwitter\u002Ffollow\u002Fprowlercloud?style=social\">\u003C\u002Fa>\n\u003C\u002Fp>\n\u003Chr>\n\u003Cp align=\"center\">\n  \u003Cimg align=\"center\" src=\"\u002Fdocs\u002Fimg\u002Fprowler-cloud.gif\" width=\"100%\" height=\"100%\">\n\u003C\u002Fp>\n\n# Description\n\n**Prowler** is the world’s most widely used _Open-Source Cloud Security Platform_ that automates security and compliance across **any cloud environment**. With hundreds of ready-to-use security checks, remediation guidance, and compliance frameworks, Prowler is built to _“Secure ANY Cloud at AI Speed”_. Prowler delivers **AI-driven**, **customizable**, and **easy-to-use** assessments, dashboards, reports, and integrations, making cloud security **simple**, **scalable**, and **cost-effective** for organizations of any size.\n\nProwler includes hundreds of built-in controls to ensure compliance with standards and frameworks, including:\n\n- **Prowler ThreatScore:** Weighted risk prioritization scoring that helps you focus on the most critical security findings first\n- **Industry Standards:** CIS, NIST 800, NIST CSF, CISA, and MITRE ATT&CK\n- **Regulatory Compliance and Governance:** RBI, FedRAMP, PCI-DSS, and NIS2\n- **Frameworks for Sensitive Data and Privacy:** GDPR, HIPAA, and FFIEC\n- **Frameworks for Organizational Governance and Quality Control:** SOC2, GXP, and ISO 27001\n- **Cloud-Specific Frameworks:** AWS Foundational Technical Review (FTR), AWS Well-Architected Framework, and BSI C5\n- **National Security Standards:** ENS (Spanish National Security Scheme) and KISA ISMS-P (Korean)\n- **Custom Security Frameworks:** Tailored to your needs\n\n## Prowler App \u002F Prowler Cloud\n\nProwler App \u002F [Prowler Cloud](https:\u002F\u002Fcloud.prowler.com\u002F) is a web-based application that simplifies running Prowler across your cloud provider accounts. It provides a user-friendly interface to visualize the results and streamline your security assessments.\n\n![Prowler App](docs\u002Fimages\u002Fproducts\u002Foverview.png)\n![Risk Pipeline](docs\u002Fimages\u002Fproducts\u002Frisk-pipeline.png)\n![Threat Map](docs\u002Fimages\u002Fproducts\u002Fthreat-map.png)\n\n\n>For more details, refer to the [Prowler App Documentation](https:\u002F\u002Fdocs.prowler.com\u002Fprojects\u002Fprowler-open-source\u002Fen\u002Flatest\u002F#prowler-app-installation)\n\n## Prowler CLI\n\n```console\nprowler \u003Cprovider>\n```\n![Prowler CLI Execution](docs\u002Fimg\u002Fshort-display.png)\n\n\n## Prowler Dashboard\n\n```console\nprowler dashboard\n```\n![Prowler Dashboard](docs\u002Fimages\u002Fproducts\u002Fdashboard.png)\n\n\n## Attack Paths\n\nAttack Paths automatically extends every completed AWS scan with a Neo4j graph that combines Cartography's cloud inventory with Prowler findings. The feature runs in the API worker after each scan and therefore requires:\n\n- An accessible Neo4j instance (the Docker Compose files already ships a `neo4j` service).\n- The following environment variables so Django and Celery can connect:\n\n  | Variable | Description | Default |\n  | --- | --- | --- |\n  | `NEO4J_HOST` | Hostname used by the API containers. | `neo4j` |\n  | `NEO4J_PORT` | Bolt port exposed by Neo4j. | `7687` |\n  | `NEO4J_USER` \u002F `NEO4J_PASSWORD` | Credentials with rights to create per-tenant databases. | `neo4j` \u002F `neo4j_password` |\n\nEvery AWS provider scan will enqueue an Attack Paths ingestion job automatically. Other cloud providers will be added in future iterations.\n\n\n# Prowler at a Glance\n> [!Tip]\n> For the most accurate and up-to-date information about checks, services, frameworks, and categories, visit [**Prowler Hub**](https:\u002F\u002Fhub.prowler.com).\n\n\n| Provider | Checks | Services | [Compliance Frameworks](https:\u002F\u002Fdocs.prowler.com\u002Fprojects\u002Fprowler-open-source\u002Fen\u002Flatest\u002Ftutorials\u002Fcompliance\u002F) | [Categories](https:\u002F\u002Fdocs.prowler.com\u002Fprojects\u002Fprowler-open-source\u002Fen\u002Flatest\u002Ftutorials\u002Fmisc\u002F#categories) | Support | Interface |\n|---|---|---|---|---|---|---|\n| AWS | 595 | 84 | 43 | 17 | Official | UI, API, CLI |\n| Azure | 167 | 22 | 19 | 16 | Official | UI, API, CLI |\n| GCP | 102 | 18 | 17 | 12 | Official | UI, API, CLI |\n| Kubernetes | 83 | 7 | 7 | 11 | Official | UI, API, CLI |\n| GitHub | 24 | 3 | 1 | 5 | Official | UI, API, CLI |\n| M365 | 101 | 10 | 4 | 10 | Official | UI, API, CLI |\n| OCI | 51 | 14 | 4 | 10 | Official | UI, API, CLI |\n| Alibaba Cloud | 61 | 9 | 4 | 9 | Official | UI, API, CLI |\n| Cloudflare | 29 | 3 | 0 | 5 | Official | UI, API, CLI |\n| IaC | [See `trivy` docs.](https:\u002F\u002Ftrivy.dev\u002Flatest\u002Fdocs\u002Fcoverage\u002Fiac\u002F) | N\u002FA | N\u002FA | N\u002FA | Official | UI, API, CLI |\n| MongoDB Atlas | 10 | 3 | 0 | 8 | Official | UI, API, CLI |\n| LLM | [See `promptfoo` docs.](https:\u002F\u002Fwww.promptfoo.dev\u002Fdocs\u002Fred-team\u002Fplugins\u002F) | N\u002FA | N\u002FA | N\u002FA | Official | CLI |\n| Image | N\u002FA | N\u002FA | N\u002FA | N\u002FA | Official | CLI, API |\n| Google Workspace | 25 | 4 | 2 | 4 | Official | UI, API, CLI |\n| OpenStack | 34 | 5 | 0 | 9 | Official | UI, API, CLI |\n| Vercel | 26 | 6 | 0 | 5 | Official | UI, API, CLI |\n| Okta | 1 | 1 | 0 | 1 | Official | CLI |\n| NHN | 6 | 2 | 1 | 0 | Unofficial | CLI |\n\n> [!Note]\n> The numbers in the table are updated periodically.\n\n\n\n> [!Note]\n> Use the following commands to list Prowler's available checks, services, compliance frameworks, and categories:\n> - `prowler \u003Cprovider> --list-checks`\n> - `prowler \u003Cprovider> --list-services`\n> - `prowler \u003Cprovider> --list-compliance`\n> - `prowler \u003Cprovider> --list-categories`\n\n# 💻 Installation\n\n## Prowler App\n\nProwler App offers flexible installation methods tailored to various environments:\n\n> For detailed instructions on using Prowler App, refer to the [Prowler App Usage Guide](https:\u002F\u002Fdocs.prowler.com\u002Fprojects\u002Fprowler-open-source\u002Fen\u002Flatest\u002Ftutorials\u002Fprowler-app\u002F).\n\n### Docker Compose\n\n**Requirements**\n\n* `Docker Compose` installed: https:\u002F\u002Fdocs.docker.com\u002Fcompose\u002Finstall\u002F.\n\n**Commands**\n\n``` console\nVERSION=$(curl -s https:\u002F\u002Fapi.github.com\u002Frepos\u002Fprowler-cloud\u002Fprowler\u002Freleases\u002Flatest | jq -r .tag_name)\ncurl -sLO \"https:\u002F\u002Fraw.githubusercontent.com\u002Fprowler-cloud\u002Fprowler\u002Frefs\u002Ftags\u002F${VERSION}\u002Fdocker-compose.yml\"\n# Environment variables can be customized in the .env file. Using default values in production environments is not recommended.\ncurl -sLO \"https:\u002F\u002Fraw.githubusercontent.com\u002Fprowler-cloud\u002Fprowler\u002Frefs\u002Ftags\u002F${VERSION}\u002F.env\"\ndocker compose up -d\n```\n\n> [!WARNING]\n> 🔒 For a secure setup, the API auto-generates a unique key pair, `DJANGO_TOKEN_SIGNING_KEY` and `DJANGO_TOKEN_VERIFYING_KEY`, and stores it in `~\u002F.config\u002Fprowler-api` (non-container) or the bound Docker volume in `_data\u002Fapi` (container). Never commit or reuse static\u002Fdefault keys. To rotate keys, delete the stored key files and restart the API.\n\nOnce configured, access the Prowler App at http:\u002F\u002Flocalhost:3000. Sign up using your email and password to get started.\n\n### Common Issues with Docker Pull Installation\n\n> [!Note]\n  If you want to use AWS role assumption (e.g., with the \"Connect assuming IAM Role\" option), you may need to mount your local `.aws` directory into the container as a volume (e.g., `- \"${HOME}\u002F.aws:\u002Fhome\u002Fprowler\u002F.aws:ro\"`). There are several ways to configure credentials for Docker containers. See the [Troubleshooting](.\u002Fdocs\u002Ftroubleshooting.mdx) section for more details and examples.\n\nYou can find more information in the [Troubleshooting](.\u002Fdocs\u002Ftroubleshooting.mdx) section.\n\n\n### From GitHub\n\n**Requirements**\n\n* `git` installed.\n* `uv` installed: [uv installation](https:\u002F\u002Fdocs.astral.sh\u002Fuv\u002Fgetting-started\u002Finstallation\u002F).\n* `pnpm` installed: [pnpm installation](https:\u002F\u002Fpnpm.io\u002Finstallation).\n* `Docker Compose` installed: https:\u002F\u002Fdocs.docker.com\u002Fcompose\u002Finstall\u002F.\n\n**Commands to run the API**\n\n``` console\ngit clone https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\ncd prowler\u002Fapi\nuv sync\nsource .venv\u002Fbin\u002Factivate\nset -a\nsource .env\ndocker compose up postgres valkey -d\ncd src\u002Fbackend\npython manage.py migrate --database admin\ngunicorn -c config\u002Fguniconf.py config.wsgi:application\n```\n\n> After completing the setup, access the API documentation at http:\u002F\u002Flocalhost:8080\u002Fapi\u002Fv1\u002Fdocs.\n\n**Commands to run the API Worker**\n\n``` console\ngit clone https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\ncd prowler\u002Fapi\nuv sync\nsource .venv\u002Fbin\u002Factivate\nset -a\nsource .env\ncd src\u002Fbackend\npython -m celery -A config.celery worker -l info -E\n```\n\n**Commands to run the API Scheduler**\n\n``` console\ngit clone https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\ncd prowler\u002Fapi\nuv sync\nsource .venv\u002Fbin\u002Factivate\nset -a\nsource .env\ncd src\u002Fbackend\npython -m celery -A config.celery beat -l info --scheduler django_celery_beat.schedulers:DatabaseScheduler\n```\n\n**Commands to run the UI**\n\n``` console\ngit clone https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\ncd prowler\u002Fui\npnpm install\npnpm run build\npnpm start\n```\n\n> Once configured, access the Prowler App at http:\u002F\u002Flocalhost:3000. Sign up using your email and password to get started.\n\n**Pre-commit Hooks Setup**\n\nSome pre-commit hooks require tools installed on your system:\n\n1. **Install [TruffleHog](https:\u002F\u002Fgithub.com\u002Ftrufflesecurity\u002Ftrufflehog#install)** (secret scanning) — see the [official installation options](https:\u002F\u002Fgithub.com\u002Ftrufflesecurity\u002Ftrufflehog#install).\n\n2. **Install [Hadolint](https:\u002F\u002Fgithub.com\u002Fhadolint\u002Fhadolint#install)** (Dockerfile linting) — see the [official installation options](https:\u002F\u002Fgithub.com\u002Fhadolint\u002Fhadolint#install).\n\n## Prowler CLI\n### Pip package\nProwler CLI is available as a project in [PyPI](https:\u002F\u002Fpypi.org\u002Fproject\u002Fprowler-cloud\u002F). Consequently, it can be installed using pip with Python >=3.10, \u003C3.13:\n\n```console\npip install prowler\nprowler -v\n```\n>For further guidance, refer to [https:\u002F\u002Fdocs.prowler.com](https:\u002F\u002Fdocs.prowler.com\u002Fprojects\u002Fprowler-open-source\u002Fen\u002Flatest\u002F#prowler-cli-installation)\n\n### Containers\n\n**Available Versions of Prowler CLI**\n\nThe following versions of Prowler CLI are available, depending on your requirements:\n\n- `latest`: Synchronizes with the `master` branch. Note that this version is not stable.\n- `v4-latest`: Synchronizes with the `v4` branch. Note that this version is not stable.\n- `v3-latest`: Synchronizes with the `v3` branch. Note that this version is not stable.\n- `\u003Cx.y.z>` (release): Stable releases corresponding to specific versions. You can find the complete list of releases [here](https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\u002Freleases).\n- `stable`: Always points to the latest release.\n- `v4-stable`: Always points to the latest release for v4.\n- `v3-stable`: Always points to the latest release for v3.\n\nThe container images are available here:\n- Prowler CLI:\n    - [DockerHub](https:\u002F\u002Fhub.docker.com\u002Fr\u002Fprowlercloud\u002Fprowler\u002Ftags)\n    - [AWS Public ECR](https:\u002F\u002Fgallery.ecr.aws\u002Fprowler-cloud\u002Fprowler)\n- Prowler App:\n    - [DockerHub - Prowler UI](https:\u002F\u002Fhub.docker.com\u002Fr\u002Fprowlercloud\u002Fprowler-ui\u002Ftags)\n    - [DockerHub - Prowler API](https:\u002F\u002Fhub.docker.com\u002Fr\u002Fprowlercloud\u002Fprowler-api\u002Ftags)\n\n### From GitHub\n\nPython >=3.10, \u003C3.13 is required with [uv](https:\u002F\u002Fdocs.astral.sh\u002Fuv\u002F):\n\n``` console\ngit clone https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler\ncd prowler\nuv sync\nsource .venv\u002Fbin\u002Factivate\npython prowler-cli.py -v\n```\n> [!IMPORTANT]\n> To clone Prowler on Windows, configure Git to support long file paths by running the following command: `git config core.longpaths true`.\n\n# 🛡️ GitHub Action\n\nThe official **Prowler GitHub Action** runs Prowler scans in your GitHub workflows using the official [`prowlercloud\u002Fprowler`](https:\u002F\u002Fhub.docker.com\u002Fr\u002Fprowlercloud\u002Fprowler) Docker image. Scans run on any [supported provider](https:\u002F\u002Fdocs.prowler.com\u002Fuser-guide\u002Fproviders\u002F), with optional [`--push-to-cloud`](https:\u002F\u002Fdocs.prowler.com\u002Fuser-guide\u002Ftutorials\u002Fprowler-app-import-findings) to send findings to Prowler Cloud and optional SARIF upload so findings show up in the repo's **Security → Code scanning** tab and as inline PR annotations.\n\n```yaml\nname: Prowler IaC Scan\non:\n  pull_request:\n\npermissions:\n  contents: read\n  security-events: write\n  actions: read\n\njobs:\n  prowler:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions\u002Fcheckout@v4\n\n      - uses: prowler-cloud\u002Fprowler@5.25\n        with:\n          provider: iac\n          output-formats: sarif json-ocsf\n          upload-sarif: true\n          flags: --severity critical high\n```\n\nFull configuration, per-provider authentication, and SARIF examples: [Prowler GitHub Action tutorial](docs\u002Fuser-guide\u002Ftutorials\u002Fprowler-app-github-action.mdx). Marketplace listing: [Prowler Security Scan](https:\u002F\u002Fgithub.com\u002Fmarketplace\u002Factions\u002Fprowler-security-scan).\n\n# ✏️ High level architecture\n\n## Prowler App\n**Prowler App** is composed of four key components:\n\n- **Prowler UI**: A web-based interface, built with Next.js, providing a user-friendly experience for executing Prowler scans and visualizing results.\n- **Prowler API**: A backend service, developed with Django REST Framework, responsible for running Prowler scans and storing the generated results.\n- **Prowler SDK**: A Python SDK designed to extend the functionality of the Prowler CLI for advanced capabilities.\n- **Prowler MCP Server**: A Model Context Protocol server that provides AI tools for Lighthouse, the AI-powered security assistant. This is a critical dependency for Lighthouse functionality.\n\n![Prowler App Architecture](docs\u002Fimages\u002Fproducts\u002Fprowler-app-architecture.png)\n\n\u003C!-- Diagram source: docs\u002Fimages\u002Fproducts\u002Fprowler-app-architecture.mmd — edit there, re-render at https:\u002F\u002Fmermaid.live, and replace the PNG. -->\n\n\n## Prowler CLI\n\n**Running Prowler**\n\nProwler can be executed across various environments, offering flexibility to meet your needs. It can be run from:\n\n- Your own workstation\n\n- A Kubernetes Job\n\n- Google Compute Engine\n\n- Azure Virtual Machines (VMs)\n\n- Amazon EC2 instances\n\n- AWS Fargate or other container platforms\n\n- CloudShell\n\nAnd many more environments.\n\n![Architecture](docs\u002Fimg\u002Farchitecture.png)\n\n# 🤖 AI Skills for Development\n\nProwler includes a comprehensive set of **AI Skills** that help AI coding assistants understand Prowler's codebase patterns and conventions.\n\n## What are AI Skills?\n\nSkills are structured instructions that give AI assistants the context they need to write code that follows Prowler's standards. They include:\n\n- **Coding patterns** for each component (SDK, API, UI, MCP Server)\n- **Testing conventions** (pytest, Playwright)\n- **Architecture guidelines** (Clean Architecture, RLS patterns)\n- **Framework-specific rules** (React 19, Next.js 15, Django DRF, Tailwind 4)\n\n## Available Skills\n\n| Category | Skills |\n|----------|--------|\n| **Generic** | `typescript`, `react-19`, `nextjs-15`, `tailwind-4`, `playwright`, `pytest`, `django-drf`, `zod-4`, `zustand-5`, `ai-sdk-5` |\n| **Prowler** | `prowler`, `prowler-api`, `prowler-ui`, `prowler-mcp`, `prowler-sdk-check`, `prowler-test-ui`, `prowler-test-api`, `prowler-test-sdk`, `prowler-compliance`, `prowler-provider`, `prowler-pr`, `prowler-docs` |\n\n## Setup\n\n```bash\n.\u002Fskills\u002Fsetup.sh\n```\n\nThis configures skills for AI coding assistants that follow the [agentskills.io](https:\u002F\u002Fagentskills.io) standard:\n\n| Tool | Configuration |\n|------|---------------|\n| **Claude Code** | `.claude\u002Fskills\u002F` (symlink) |\n| **OpenCode** | `.claude\u002Fskills\u002F` (symlink) |\n| **Codex (OpenAI)** | `.codex\u002Fskills\u002F` (symlink) |\n| **GitHub Copilot** | `.github\u002Fskills\u002F` (symlink) |\n| **Gemini CLI** | `.gemini\u002Fskills\u002F` (symlink) |\n\n> **Note:** Restart your AI coding assistant after running setup to load the skills.\n> Gemini CLI requires `experimental.skills` enabled in settings.\n\n# 📖 Documentation\n\nFor installation instructions, usage details, tutorials, and the Developer Guide, visit https:\u002F\u002Fdocs.prowler.com\u002F\n\n# 📃 License\n\nProwler is licensed under the Apache License 2.0.\n\nA copy of the License is available at \u003Chttp:\u002F\u002Fwww.apache.org\u002Flicenses\u002FLICENSE-2.0>\n","Prowler 是一个广泛使用的开源云安全平台，能够自动化处理任何云环境中的安全和合规性问题。它提供了数百种现成的安全检查和合规框架，支持实时、可定制的监控，并且可以无缝集成到现有的工具链中，使得云安全变得简单、可扩展且成本效益高。基于 Python 开发，Prowler 适用于 AWS、Azure 和 GCP 等多云环境，特别适合需要增强云基础设施安全性和满足行业标准（如CIS基准、GDPR等）的企业使用。",2,"2026-06-11 03:33:57","high_star"]