Notifications
Clear all
Topic starter
09/06/2026 11:52 pm
TL;DR: AI usefulness now depends on ground truth, not just natural-language access to fragmented findings, as Orca Security says its AI Skills Hub now connects Claude, Codex, and Cursor to a unified cloud security data model through MCP, so teams can query exposure, triage alerts, and generate remediation outputs without leaving existing tools.
NHIMG editorial — what this means for AI and NHI governance
Questions worth separating out
Q: How should security teams govern MCP-connected AI tools that access cloud security data?
A: Treat MCP-connected AI as governed data access, not informal chat.
Q: What breaks when AI assistants reason over fragmented cloud security data?
A: Fragmented data creates contradictory or incomplete conclusions because the model cannot reliably connect asset exposure, identity context, and attack paths.
Q: How can teams tell whether AI security workflows are actually reliable?
A: Check whether the workflow produces consistent results from the same underlying evidence and whether it preserves the relationship between findings, identities, and assets.
Practitioner guidance
- Validate the data boundary before enabling AI access Map which cloud inventories, alerts, identity records, and audit logs an MCP-connected assistant can query, then restrict that scope to the minimum needed for the workflow.
- Test grounded-answer quality against real security cases Use known exposure scenarios, overprivileged identities, and recent alerts to verify whether the assistant preserves identity, asset, and attack-path relationships when answering.
- Separate workflow automation from decision authority Classify agent skills as governed workflows rather than autonomous decision-makers unless the product explicitly grants runtime independence.
What's in the full announcement
Orca Security's full research covers the operational detail this post intentionally leaves for the source:
- The exact skill-by-skill workflow design for alert triage, impact analysis, and identity review.
- Natural-language trigger patterns that map to cloud security tasks without query-language authoring.
- Examples of remediation outputs written directly to Terraform, CloudFormation, ARM/Bicep, Pulumi, CLI, and step-by-step formats.
- The open-source skill library structure, including implementation logic and test suites for extending workflows.
👉 Read Orca Security's analysis of MCP-connected AI skills for cloud security workflows →
MCP security workflows in Orca's AI Skills Hub: what changes now?
Explore further
10/06/2026 2:24 am
Grounded AI security workflows depend on coherent identity context, not just more data. Orca’s announcement highlights the central failure mode in many security AI integrations: they expose fragments, then ask a model to reason across gaps. That produces outputs that sound confident but can miss the relationship between an EC2 instance, its IAM role, and the attack path that makes the finding material. Practitioners should treat grounded context as the prerequisite for usable AI in cloud security, not an optional enhancement.
A few things that frame the scale:
- 53% of MCP servers expose credentials through hard-coded values in configuration files, according to The State of MCP Server Security 2025.
- That same research found 24,008 unique secrets were exposed in MCP configuration files in 2025 alone.
A question worth separating out:
Q: Should organisations let AI write remediation code directly from security findings?
A: Only when the code is treated as a draft that still requires review, testing, and deployment governance. AI can accelerate translation from finding to fix, but it should not be allowed to bypass change control or access review. The safest pattern is generated output plus a human approval step before any infrastructure change.
👉 Read our full editorial: Orca's AI Skills Hub shows how MCP closes the data-action gap
