Crml Code
@Faux16
About Crml Code
No overview available yet
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"crml": {
"command": "python3",
"args": [
"-m",
"crml_mcp.server"
],
"env": {
"OPENAI_API_KEY": "<YOUR_OPENAI_API_KEY>"
}
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Crml Code?
Crml Code is an open, declarative, engine-agnostic language for describing cyber risk models as code (Risk as Code). It provides a YAML/JSON format for scenarios, portfolios, telemetry mappings, simulation pipelines, and output requirements. It is maintained by Zeron Research Labs and CyberSec Consulting LLC and intended for security, risk, and compliance professionals.
How to use Crml Code?
Install via pip (pip install crml-engine for CLI, or crml-lang for language library). Use the CLI: crml-lang validate <file> and crml simulate <file> --runs 10000. Alternatively, use the Python API from crml_lang and crml_engine packages. A web UI (CRML Studio) is available in the web/ directory and started with npm run dev.
Key features of Crml Code
- Control effectiveness modeling (including defense-in-depth)
- Median‑based parameterization for lognormal distributions
- Multi‑currency support with automatic conversion
- Auto‑calibration of distributions from loss data
- Strict JSON Schema validation before simulation
- Implementation‑agnostic (works with any compliant engine)
- Human‑readable YAML for easy review and audit
Use cases of Crml Code
- Version‑controlling cyber risk models in Git for peer review
- Consistently quantifying risk across business units and tools
- Producing repeatable, audit‑ready evidence of risk calculations
- Exchanging models with partners, insurers, or regulators without spreadsheets
FAQ from Crml Code
What runtime dependencies does Crml Code require?
Python 3.9+ and the packages crml-lang and/or crml-engine. Optionally, add SCF support with crml-lang[scf].
Where do my risk models live?
All models are stored as local YAML files (e.g., in risk/models/). The server does not host or store data centrally.
Is Crml Code tied to a specific quantification engine?
No, it is engine‑agnostic. Any compliant simulation engine can consume the same CRML documents.
How does validation work?
Models are validated against JSON Schema via the crml-lang validate command or the validate() function in Python. Errors are reported before simulation.
What transport or authentication does the server use?
The server is a set of CLI tools and a web UI (CRML Studio). No authentication or remote transport is described; all operations are local.
More Developer Tools MCP servers
Serena
oraiosA powerful MCP toolkit for coding, providing semantic retrieval and editing capabilities - the IDE for your agent
Burp Suite MCP Server Extension
PortSwiggerMCP Server for Burp
JetBrains MCP Proxy Server
JetBrainsA model context protocol server to work with JetBrains IDEs: IntelliJ, PyCharm, WebStorm, etc. Also, works with Android Studio
MCP Unity Editor (Game Engine)
CoderGamesterModel Context Protocol (MCP) plugin to connect with Unity Editor — designed for Cursor, Claude Code, Codex, Windsurf and other IDEs
Grafana MCP server
grafanaMCP server for Grafana
Comments