Pricing

from $100.00 / 1,000 full pack audits

Unbearable IaC Audit Pack

All four Unbearable Labs audit Actors under one MCP endpoint: docker-compose (25 checks), Dockerfile (26 checks), GitHub Actions (21 checks), HU postcode validator (5 tools). Snyk-comparable IaC coverage at 10x cheaper. Pay-per-event. Built by Unbearable Labs.

Pricing

from $100.00 / 1,000 full pack audits

Rating

0.0

(0)

Developer

Noel Himer

Actor stats

Bookmarked

Total users

Monthly active users

8 days ago

Last modified

Available on

Apify Actor Store — primary
Smithery

Newsletter: Unbearable TechTips Weekly · All Actors: github.com/UnbearableDev

What's included

Package	Checks	Categories	Primary tool
Docker Compose audit	25	9	`audit_compose`
Dockerfile audit	19	5	`audit_dockerfile`
GitHub Actions audit	21	6	`audit_github_actions`
Kubernetes manifest audit	63	7	`audit_kubernetes`

Plus bundle-only tools:

audit_all — paste a dict of filenames → content; auto-detects file types and runs the right audit on each
list_all_checks — full cross-package check catalog in one call

Also includes 6 Hungarian postcode utility tools (lookup_postcode, validate_address, etc.) on the same endpoint.

Example

Call: audit_all with compose + Dockerfile content

Input:

audit_all({
    "compose": "<docker-compose.yml content>",
    "dockerfile": "<Dockerfile content>"
})

Output:

{
  "compose": {
    "findings": [
      { "check_id": "DCS-018", "severity": "high", "message": "Host Docker socket (/var/run/docker.sock) mounted" }
    ],
    "summary": { "critical": 0, "high": 1, "medium": 1, "low": 0 }
  },
  "dockerfile": {
    "findings": [
      { "check_id": "DFA-021", "severity": "high", "message": "USER root set explicitly — runs as root" }
    ],
    "summary": { "critical": 0, "high": 1, "medium": 0, "low": 0 }
  },
  "cross_domain_summary": {
    "total_findings": 3,
    "highest_severity": "high",
    "domains_with_findings": ["compose", "dockerfile"]
  }
}

Quick start (Claude Desktop)

{
  "mcpServers": {
    "iac-audit-pack": {
      "type": "http",
      "url": "https://unbearable-dev--iac-audit-pack.apify.actor/mcp",
      "headers": {
        "Authorization": "Bearer <your-apify-token>"
      }
    }
  }
}

Tool catalog

Aggregation (bundle-only)

Tool	Description
`audit_all(files, min_severity?)`	Multi-file detection + combined audit report
`list_all_checks()`	All 128 checks across all four audit packages

Docker Compose (25 checks, 9 categories)

Tool	Description
`audit_compose(compose_yaml?, compose_url?, min_severity?)`	Full 25-check audit
`check_privilege`	Privileged mode, cap_add, user namespace
`check_network`	Host networking, exposed dangerous ports
`check_secrets`	Hardcoded passwords, tokens in env vars
`check_filesystem`	Docker socket mounts, host path mounts
`check_resources`	Missing memory/CPU limits
`check_image_hygiene`	Unpinned tags, `latest` usage
`check_runtime_lifecycle`	Restart policies, healthchecks
`check_logging`	Logging driver config
`check_compose_hygiene`	Version field, service naming
`list_checks_compose(category?)`	Check catalog

Dockerfile (19 checks, 5 categories)

Tool	Description
`audit_dockerfile(dockerfile_content?, dockerfile_url?, min_severity?)`	Full 19-check audit
`check_base_image_dockerfile`	Unpinned base, `latest`, root user in FROM
`check_instructions_dockerfile`	ADD vs COPY, COPY ordering, ENV secrets
`check_security_dockerfile`	USER root, privilege escalation patterns
`check_efficiency_dockerfile`	Layer count, cache busting
`check_secrets_dockerfile`	Hardcoded secrets in RUN/ENV/ARG
`list_checks_dockerfile(category?)`	Check catalog

GitHub Actions (21 checks, 6 categories)

Tool	Description
`audit_github_actions(workflow_yaml?, workflow_url?, min_severity?)`	Full 21-check audit
`check_secrets_gha`	Leaked tokens, secret in run: blocks
`check_permissions_gha`	Overly broad write-all permissions
`check_action_pinning_gha`	Unpinned action refs (not SHA-pinned)
`check_runner_security_gha`	Self-hosted runner risks
`check_workflow_config_gha`	pull_request_target misuse, script injection
`check_supply_chain_advanced_gha`	TeamPCP-class supply-chain patterns (GHA-201..208)
`list_checks_github_actions(category?)`	Check catalog

Kubernetes (63 checks, 7 categories)

Tool	Description
`audit_kubernetes(manifest_yaml?, min_severity?)`	Full 63-check kube-linter audit
`list_checks_kubernetes(category?)`	Check catalog

HU Postcode Validator (6 tools)

Tool	Description
`validate_postcode(postcode)`	Settlement + county for a HU postcode
`lookup_postcode(postcode)`	Alias for validate_postcode
`lookup_city(city)`	All postcodes for a city (diacritic-insensitive)
`validate_address(postcode, city)`	Postcode/city pairing validation
`list_postcodes_in_county(county_name)`	All postcodes in a county
`budapest_district_lookup(district_number)`	Budapest I-XXIII to postcodes

Pricing

Free to use — hosted on Apify, bring your own Apify token.

Architecture

Package-import (not proxy): all four sub-packages are bundled directly into the Actor image. Single cold start, single billing rail, no cross-Actor latency.

Built by Noel @ Unbearable Labs — more like this in the weekly newsletter: https://unbearabletechtips.beehiiv.com

Docker Compose Security Audit

unbearable_dev/docker-compose-audit

Audits docker-compose.yml files for security misconfigurations. 25 checks across 9 categories with severity, remediation, and YAML fix snippets. Pay-per-event. MCP-native - call from Claude Desktop, Cursor, n8n, or any MCP client. Built by Unbearable Labs.

Noel Himer

Dockerfile Security & Quality Audit

unbearable_dev/dockerfile-audit

Hadolint-grade Dockerfile audit, MCP-native. 18+ checks across 5 categories (base image, instructions, security, efficiency, secrets) with severity, line numbers, remediation, and fix snippets. Pay-per-event. Call from Claude Desktop, Cursor, n8n, or any MCP client. Built by Unbearable Labs.

Noel Himer

GitHub Actions Security Audit

unbearable_dev/github-actions-audit

Audits .github/workflows/*.yml for supply-chain risks: script injection, leaked tokens, unpinned actions, broad permissions, pull_request_target pitfalls. MCP-native - call from Claude Desktop, Cursor, n8n, or any MCP client. Pay-per-event. Built by Unbearable Labs.

Noel Himer

Kubernetes Manifest Audit (kube-linter)

unbearable_dev/k8s-manifest-audit

Static audit of Kubernetes manifests via MCP. Powered by kube-linter - 63 checks across security, resources, availability, and config. Pay-per-event. Call from Claude Desktop, Cursor, n8n, or any MCP client. Built by Unbearable Labs.

Noel Himer

Hungarian Postcode & Address Validator

unbearable_dev/hu-postcode-validator

Validate Hungarian postal codes and addresses from your AI agent. Look up postcodes by city, cities by postcode, and Budapest district info. Powered by official Magyar Posta and KSH settlement data. Pennies per call. Built by Unbearable Labs.

Noel Himer

SEO Audit Tool

cerebral_aluminum/seo-audit

Audit any website SEO. Checks title, meta, headings, images, OG tags, canonical, schema. Returns score and grade.

Benny

BoostSuite MCP Server — Website Audit Tools

boost_suite/boostsuite-mcp-server

6 website audit tools for AI agents: SEO audit, GEO check, ad copy, listing optimizer, combined audit, menu translation.

Darko Herceg

iHealth Labs Scraper

mshopik/ihealth-labs-scraper

Scrape iHealth Labs and extract data on medical devices and equipment from ihealthlabs.com. Our iHealth Labs API lets you crawl product information and pricing. The saved data can be downloaded as HTML, JSON, CSV, Excel, and XML.

Mark Carter

Federal Audit Clearinghouse - Audit & Compliance

pink_comic/federal-audit-clearinghouse-single-audit-data

Search Federal Audit Clearinghouse single audit filings. Returns grantee, federal expenditures, audit findings, and compliance status. Built for grant compliance and due diligence teams. Pay per result.

Ava Torres

🏢 Enterprise MCP Gateway — 26 AI Servers in One

nexgendata/enterprise-mcp-gateway

All-in-one MCP gateway bundling 26 specialized data servers — finance, real estate, jobs, legal, news, sports, and more. One endpoint, one connection, full access. Built for AI agents at scale.