AWS Cost Saver

GitHub stars License: MIT PRs Welcome Claude Code Plugin Version

Find what's wasting money in your AWS account.

You: "Scan my AWS for cost savings"
Claude: Found 8 issues. Potential savings: $340/month

Installation

The plugin ships with both a .claude-plugin/plugin.json (Claude Code) and a .codex-plugin/plugin.json (Codex) manifest, so the same source tree installs cleanly into either agent.

Claude Code

/plugin marketplace add prajapatimehul/claude-aws-cost-saver
/plugin install aws-cost-saver@aws-cost-saver-marketplace

Or interactively: /plugin → Marketplaces → Add Marketplace → prajapatimehul/claude-aws-cost-saver.

Codex

codex plugin marketplace add prajapatimehul/claude-aws-cost-saver

Then launch Codex and run /plugins to browse and install aws-cost-saver.

Other agents (MCP only)

Any agent that supports MCP can wire the AWS API server directly using plugins/aws-cost-saver/.mcp.json as a template. Skills live under plugins/aws-cost-saver/skills/ and can be loaded as plain Markdown.

Quick Start

/aws-cost-saver:scan

Or just ask: Scan my AWS account for cost savings

Requirements: AWS credentials configured (aws configure or SSO), uv installed.

This tool only reads data — it never modifies or deletes anything. A PreToolUse hook blocks any MCP call containing write verbs (delete, terminate, stop, create-, modify, …).

Features

• 163 checks across EC2, RDS, S3, Lambda, ECS, EKS, Aurora, SageMaker, and 30+ services
• Parallel scanning - 11 domain agents run simultaneously
• Confidence scoring - filters false positives
• Real pricing - uses AWS Cost Explorer
• Markdown reports - clean, actionable output

What's included

Commands (slash)

Command	Description
/aws-cost-saver:scan	Full cost optimization scan across 11 domains

Skills (auto-loaded)

Skill	Description
reviewing-findings	Confidence-scored review; filters false positives
validating-aws-pricing	Mandatory Pricing-API/verified-table sanity check before reporting

Subagent

aws-cost-saver:aws-cost-saver — domain-scoped scanner. Invoke 11 in parallel (one per domain) for a full account audit.

MCP server

The plugin pre-wires the AWS API MCP server (mcp__awslabs-aws-api__call_aws) in .mcp.json, launched via uvx from scripts/start-mcp.sh. A PreToolUse hook in hooks.json blocks any write/mutation command, keeping every scan read-only.

CLI

The repository also ships a standalone Python CLI (main.py) usable without a coding agent:

python main.py checks                       # list all 173 checks
python main.py check EC2-001                # detail for one check
python main.py scan-info                    # show the AWS CLI commands a scan runs
python main.py spend-hotspots --profile X   # rank scan order by real spend (Cost Explorer)
python main.py report --findings findings.json

---

Demo

Results

Before & After

Real AWS account: $105/day → $42/day after running the scanner

How it works

Step 1: Choose compliance requirements

Step 2: Parallel agents scan your account

---

Domains & Checks

Domain	Checks	Key Areas
Compute	25	EC2 idle/over-provisioned, EBS, GP2→GP3
Storage	22	S3 lifecycle, CloudWatch Logs, snapshots
Database	15	RDS idle/over-provisioned, RI coverage
Networking	15	Unused EIPs, NAT, VPC endpoints
Serverless	10	Lambda memory, unused functions
Reservations	10	RI/Savings Plans coverage
Containers	15	ECS/EKS idle, Fargate, Spot
Advanced DBs	18	Aurora, DocumentDB, Neptune, Redshift
Analytics	15	SageMaker, EMR, OpenSearch
Data Pipelines	12	Kinesis, MSK, Glue
Storage Advanced	6	FSx, AWS Backup

Troubleshooting

"MCP server not found" — Install uv: curl -LsSf https://astral.sh/uv/install.sh | sh

"AWS credentials not configured" — Run aws configure or aws sso login

"Access Denied" — Use ReadOnlyAccess policy or check permissions

License

MIT