I craft unique cereal names, stories, and ridiculously cute Cereal Baby images.
Public
hackathon-12-MCP遵守
2025-03-08
MCP服务器支持AI代理中的合规操作
3 years
Works with Finder
3
Github Watches
1
Github Forks
1
Github Stars
MCP Compliance
A project for compliance that provides CLI tools and an MCP server for agents to interact with compliance data.
Overview
The FedRAMP Compliance MCP Server is designed to support users throughout their compliance journey, which consists of three main phases:
- Understanding - Learning about security controls, their requirements, and how they apply to your system
- Implementing - Designing and implementing controls in your system to meet compliance requirements
- Evidencing - Collecting and documenting evidence to demonstrate compliance with controls
This project provides tools for working with FedRAMP compliance data, including:
- CLI tools for processing and querying FedRAMP baseline data
- An MCP server that exposes compliance data to LLM agents
Roadmap
This project is missing the automation of evidence collection. There needs to be a way to securely store what may be sensitive data in a shared location that provides the proper ACLs and data protection. This is intended to be added in a future hackathon or additional roadmap time.
Easy Button Quick Start
For the quickest setup:
# Create the directory for the MCP compliance binary
mkdir -p ~/.mcp-compliance/bin
# Add to your PATH (add this to your .bashrc or .zshrc for persistence)
export PATH=$PATH:~/.mcp-compliance/bin
# Clone the repository
git clone https://github.com/grafana/hackathon-12-mcp-compliance.git
cd hackathon-12-mcp-compliance
# Build and deploy locally
make deploy-local
Now you can configure your agent (Cursor or Claude Desktop) to use the MCP compliance server. See the Getting Started Guide for configuration details.
Documentation
- Getting Started Guide - Instructions for setting up and using the project
- Concept of Operations - Detailed explanation of system architecture and data flow
MCP Server
The MCP server provides the following tools for LLM agents:
-
get_control: Get detailed information about a specific control -
get_control_family: Get all controls in a specific family -
list_control_families: List all control families in a program -
search_controls: Search for controls by keyword -
get_control_evidence_guidance: Get detailed guidance for evidence about a specific control
Data Sources
The FedRAMP baseline files are sourced from the official GSA FedRAMP Automation GitHub repository:
相关推荐
Confidential guide on numerology and astrology, based of GG33 Public information
A geek-themed horoscope generator blending Bitcoin prices, tech jargon, and astrological whimsy.
Oede knorrepot die vasthoudt an de goeie ouwe tied van 't boerenleven
A world class elite tech co-founder entrepreneur, expert in software development, entrepreneurship, marketing, coaching style leadership and aligned with ambition for excellence, global market penetration and worldy perspectives.
A medical specialist offering assistance grounded in clinical guidelines. Disclaimer: This is intended for research and is NOT safe for clinical use!
Reviews
1
(1)
user_kBgCDJKf
2025-04-16
I've been using hackathon-12-mcp-compliance by grafana, and it's simply outstanding! The integration and compliance features have significantly streamlined our processes. The repository is well-structured, making it easy to follow. Kudos to grafana for providing such a robust tool. Highly recommend it to anyone looking for reliable compliance solutions!