NSAuditor AI Enterprise 0.18.2 — Cloud Audit “Evidence Gaps” Now Visible End-to-End Through the MCP Transport
NSAuditor AI EE 0.18.2 surfaces the “we couldn’t verify this” evidence-gaps end-to-end across AWS, Azure, and GCP — so an incomplete scan never reads as a clean one.
NSAuditor AI Enterprise 0.18.2 is live on npm, paired with Community Edition 0.2.3 and agent-skill 0.2.3. The headline is a piece of transport-layer truth-telling: the “we couldn’t verify this” evidence-gaps the cloud plugins emit are now visible end-to-end across AWS, Azure, and GCP — so an incomplete scan can never quietly read as a clean one.
The problem: honest disclosures that nobody could see
The recent GCP-hardening cycles taught the engine to fail closed — to emit an honest evidence-gap (“posture UNVERIFIED — do not read as clean”) whenever a scan couldn’t read every input: a region errored, a response was truncated, or a call hit AccessDenied. That is exactly the behavior an audit tool should have.
But through the Claude Desktop / MCP transport, those gaps were effectively invisible. They were emitted at LOW/INFO severity, so a reviewer on the other end of the transport saw only a silent “LOW: N” count over a surface the scanner never actually read. An incomplete scan could be mistaken for a clean result — the single most dangerous failure mode for an audit tool.
What changed in 0.18.2
- The collector (CE 0.2.3). The MCP
scan_cloudsummary now gathers every gap-marked finding into a per-providerevidenceGapsarray — severity-agnostic and independent of the CRITICAL/HIGH cap — and renders a dedicated “Evidence gaps (unverified)” section. The tool description now tells the agent to read these as “unverified posture, NOT clean.” Counts and the CRITICAL/HIGH list are unchanged; the change is purely additive. - The producer contract + 5-plugin retrofit (EE 0.18.2). A collector is only as good as the markers it receives. A new CI producer-contract fails the build if any cloud plugin discloses an evidence-gap as plain prose without the machine-readable marker. It flagged five plugins that did exactly that — AWS S3 (1020), Azure Storage / NSG / Key Vault (1220/1221/1222), and AWS IAM (1030) — and each was retrofitted. AWS-S3, Azure, and IAM gaps now surface via MCP too (GCP already did).
- Read-only security hardening. The source scanners behind the producer-contract and behind the read-only enforcement check lacked a regex-literal parsing state, so a regex containing a lone quote could desync the scanner. In the read-only check’s case that could have masked a real mutating cloud call. A regex-literal state was added to all three scanners; the 28-plugin read-only verdict is unchanged. The read-only promise is now enforced by a correct scanner.
- Licensing / IP-protection. A proprietary
LICENSEnow ships at the package root, the full EULA ships inside the npm tarball with strengthened anti-reuse, confidentiality / trade-secret, and ownership clauses, and every shipped source file carries a proprietary copyright header. No behavior change.
Why it matters
An audit tool’s worst failure is the false-clean — a “you’re secure” verdict over a surface it never read. The 0.18.x cycles taught the engine to fail closed and disclose those gaps; 0.18.2 makes sure the human (or AI agent) on the other end of the transport actually sees them, across all three clouds. The producer-contract makes that property durable: a future plugin that forgets to mark a gap fails the build.
Plugin count is unchanged at 28; all six compliance matrices are unchanged (SOC 2 · HIPAA · NIST CSF 2.0 · PCI DSS v4.0.1 · ISO/IEC 27001:2022 · CIS Controls v8). This is transport-layer and packaging hardening — no new controls.
Availability
npm i -g nsauditor-ai@latest (Community Edition) + @nsasoft/nsauditor-ai-ee@latest (Enterprise, licensed). Learn more at nsauditor.com/ai/enterprise.
