diff --git a/README.md b/README.md
index 760338d0..922f8e1a 100644
--- a/README.md
+++ b/README.md
@@ -1764,6 +1764,7 @@ Tools for conducting research, surveys, interviews, and data collection.
 - [bx33661/Wireshark-MCP](https://github.com/bx33661/Wireshark-MCP) [![Wireshark-MCP MCP server](https://glama.ai/mcp/servers/bx33661/Wireshark-MCP/badges/score.svg)](https://glama.ai/mcp/servers/bx33661/Wireshark-MCP) 🐍 🏠 - Wireshark network packet analysis MCP Server with capture, protocol stats, field extraction, and security analysis capabilities.
 - [Chimera-Protocol/csl-core](https://github.com/Chimera-Protocol/csl-core) 🐍 🏠 🍎 🪟 🐧 - Deterministic AI safety policy engine with Z3 formal verification. Write, verify, and enforce machine-verifiable constraints for AI agents via MCP.
 - [co-browser/attestable-mcp-server](https://github.com/co-browser/attestable-mcp-server) 🐍 🏠 ☁️ 🐧 - An MCP server running inside a trusted execution environment (TEE) via Gramine, showcasing remote attestation using [RA-TLS](https://gramine.readthedocs.io/en/stable/attestation.html). This allows an MCP client to verify the server before conencting.
+- [gebalamariusz/cloud-audit](https://github.com/gebalamariusz/cloud-audit) 🐍 🏠 🍎 🪟 🐧 - Open-source AWS security scanner with attack chain detection, breach cost estimation, and copy-paste remediation (CLI + Terraform). 47 checks, 16 attack chain rules. First free standalone AWS security MCP server.
 - [cyntrisec/cyntrisec-cli](https://github.com/cyntrisec/cyntrisec-cli) 🐍 🏠 - Local-first AWS security analyzer that discovers attack paths and generates remediations using graph theory.
 - [dkvdm/onepassword-mcp-server](https://github.com/dkvdm/onepassword-mcp-server) - An MCP server that enables secure credential retrieval from 1Password to be used by Agentic AI.
 - [duriantaco/skylos](https://github.com/duriantaco/skylos) [![mcp-skylos MCP server](https://glama.ai/mcp/servers/@duriantaco/mcp-skylos/badges/score.svg)](https://glama.ai/mcp/servers/@duriantaco/mcp-skylos) 🐍 🏠 🍎 🪟  🐧 - Dead code detection, security scanning, and code quality analysis for Python, TypeScript, and Go. 98% recall with fewer false positives than Vulture. Includes AI-powered remediation.