MCP.so
ログイン

MCP Compliance

@grafana

MCP Compliance について

An mcp server to support compliance operations in AI agents

基本情報

カテゴリ

その他

ランタイム

go

トランスポート

stdio

公開者

grafana

設定

標準の設定はありません

このサーバーの README には解析可能な MCP 設定ブロックが含まれていません。インストール手順はリポジトリをご確認ください。

リポジトリ

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is MCP Compliance?

MCP Compliance is a toolset that provides CLI tools and an MCP server for LLM agents to interact with FedRAMP compliance data. It is designed for users going through the compliance journey of understanding, implementing, and evidencing security controls.

How to use MCP Compliance?

Clone the repository, run make deploy-local to build and deploy the binary, then configure your agent (Cursor or Claude Desktop) to use the MCP server. Detailed instructions are in the Getting Started Guide.

Key features of MCP Compliance

  • CLI tools for processing and querying FedRAMP baseline data
  • MCP server exposing compliance data to LLM agents
  • Tools: get_control, search_controls, list_control_families, get_control_evidence_guidance
  • Supports FedRAMP Rev 5 HIGH and MODERATE baselines
  • Provides evidence guidance for specific controls

Use cases of MCP Compliance

  • Understand security control requirements and applicability to your system
  • Design and implement controls to meet compliance requirements
  • Collect and document evidence to demonstrate compliance
  • Search and retrieve control details programmatically via an LLM agent

FAQ from MCP Compliance

What compliance program does MCP Compliance support?

It supports FedRAMP, using official baselines from the GSA FedRAMP Automation repository.

What tools does MCP Compliance provide?

It provides CLI tools for processing baseline data and an MCP server with tools like get_control, search_controls, and get_control_evidence_guidance.

Where does the compliance data come from?

The data is sourced from the official GSA FedRAMP Automation GitHub repository for Rev 5 HIGH and MODERATE baselines.

Is MCP Compliance production-ready?

No, the project is missing automation of evidence collection and secure data storage; that is planned for a future roadmap iteration.

How do I configure an agent to use the MCP server?

After building and deploying locally, see the Getting Started Guide at docs/getting_started.md for configuration details.

コメント

「その他」の他のコンテンツ