framework-mcp 1.3.5 → 1.3.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/agents/mcp-developer.md +41 -0
- package/.claude/agents/project-orchestrator.md +43 -0
- package/.claude/agents/version-consistency-reviewer.md +50 -0
- package/COPILOT_INTEGRATION.md +1 -1
- package/DEPLOYMENT_GUIDE.md +4 -4
- package/README.md +62 -61
- package/RELEASE_NOTES_v1.3.7.md +275 -0
- package/SAFEGUARDS_VERIFICATION_LOG.md +157 -0
- package/dist/core/capability-analyzer.d.ts +1 -7
- package/dist/core/capability-analyzer.d.ts.map +1 -1
- package/dist/core/capability-analyzer.js +6 -241
- package/dist/core/capability-analyzer.js.map +1 -1
- package/dist/core/safeguard-manager.d.ts.map +1 -1
- package/dist/core/safeguard-manager.js +747 -1191
- package/dist/core/safeguard-manager.js.map +1 -1
- package/dist/index.d.ts +0 -53
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +0 -1245
- package/dist/index.js.map +1 -1
- package/dist/interfaces/http/http-server.d.ts.map +1 -1
- package/dist/interfaces/http/http-server.js +6 -34
- package/dist/interfaces/http/http-server.js.map +1 -1
- package/dist/interfaces/mcp/mcp-server.d.ts +0 -1
- package/dist/interfaces/mcp/mcp-server.d.ts.map +1 -1
- package/dist/interfaces/mcp/mcp-server.js +4 -53
- package/dist/interfaces/mcp/mcp-server.js.map +1 -1
- package/dist/shared/types.d.ts +0 -37
- package/dist/shared/types.d.ts.map +1 -1
- package/examples/example-usage.md +43 -38
- package/package.json +2 -3
- package/scripts/validate-documentation.sh +4 -4
- package/src/core/capability-analyzer.ts +7 -298
- package/src/core/safeguard-manager.ts +729 -1173
- package/src/index.ts +0 -1598
- package/src/interfaces/http/http-server.ts +6 -44
- package/src/interfaces/mcp/mcp-server.ts +4 -64
- package/src/shared/types.ts +0 -40
- package/swagger.json +107 -196
|
@@ -74,47 +74,11 @@ export class FrameworkHttpServer {
|
|
|
74
74
|
uptime: Math.round((Date.now() - metrics.uptime) / 1000),
|
|
75
75
|
totalRequests: metrics.totalRequests,
|
|
76
76
|
errorCount: metrics.errorCount,
|
|
77
|
-
version: '1.3.
|
|
77
|
+
version: '1.3.7',
|
|
78
78
|
timestamp: new Date().toISOString()
|
|
79
79
|
});
|
|
80
80
|
});
|
|
81
81
|
|
|
82
|
-
// Primary validation endpoint
|
|
83
|
-
this.app.post('/api/validate-vendor-mapping', async (req, res) => {
|
|
84
|
-
try {
|
|
85
|
-
const { vendor_name, safeguard_id, claimed_capability, supporting_text } = req.body;
|
|
86
|
-
|
|
87
|
-
// Input validation
|
|
88
|
-
this.validateInput(req.body, [
|
|
89
|
-
'vendor_name',
|
|
90
|
-
'safeguard_id',
|
|
91
|
-
'claimed_capability',
|
|
92
|
-
'supporting_text'
|
|
93
|
-
]);
|
|
94
|
-
|
|
95
|
-
this.validateTextInput(supporting_text, 'Supporting text');
|
|
96
|
-
this.validateCapability(claimed_capability);
|
|
97
|
-
this.safeguardManager.validateSafeguardId(safeguard_id);
|
|
98
|
-
|
|
99
|
-
const safeguard = this.safeguardManager.getSafeguardDetails(safeguard_id);
|
|
100
|
-
if (!safeguard) {
|
|
101
|
-
return res.status(404).json(this.createErrorResponse('Safeguard not found'));
|
|
102
|
-
}
|
|
103
|
-
|
|
104
|
-
const result = this.capabilityAnalyzer.validateVendorMapping(
|
|
105
|
-
vendor_name,
|
|
106
|
-
safeguard_id,
|
|
107
|
-
claimed_capability,
|
|
108
|
-
supporting_text,
|
|
109
|
-
safeguard
|
|
110
|
-
);
|
|
111
|
-
|
|
112
|
-
res.json(result);
|
|
113
|
-
} catch (error) {
|
|
114
|
-
console.error('[HTTP Server] validate-vendor-mapping error:', error);
|
|
115
|
-
res.status(400).json(this.createErrorResponse(error instanceof Error ? error.message : 'Unknown error'));
|
|
116
|
-
}
|
|
117
|
-
});
|
|
118
82
|
|
|
119
83
|
// Capability analysis endpoint
|
|
120
84
|
this.app.post('/api/analyze-vendor-response', async (req, res) => {
|
|
@@ -205,11 +169,10 @@ export class FrameworkHttpServer {
|
|
|
205
169
|
this.app.get('/api', (req, res) => {
|
|
206
170
|
res.json({
|
|
207
171
|
name: 'Framework MCP HTTP API',
|
|
208
|
-
version: '1.3.
|
|
209
|
-
description: '
|
|
172
|
+
version: '1.3.7',
|
|
173
|
+
description: 'Clean HTTP API for vendor capability assessment against CIS Controls Framework',
|
|
210
174
|
endpoints: {
|
|
211
|
-
'POST /api/
|
|
212
|
-
'POST /api/analyze-vendor-response': 'Capability role determination for vendor responses',
|
|
175
|
+
'POST /api/analyze-vendor-response': 'Primary capability analysis for vendor responses',
|
|
213
176
|
'GET /api/safeguards': 'List all available CIS safeguards',
|
|
214
177
|
'GET /api/safeguards/:id': 'Get detailed safeguard breakdown',
|
|
215
178
|
'GET /health': 'Health check endpoint',
|
|
@@ -223,7 +186,6 @@ export class FrameworkHttpServer {
|
|
|
223
186
|
'GOVERNANCE - Policy/process management',
|
|
224
187
|
'VALIDATES - Evidence collection and reporting'
|
|
225
188
|
],
|
|
226
|
-
domain_validation: 'Auto-downgrade protection for inappropriate capability claims',
|
|
227
189
|
framework: 'CIS Controls v8.1 (153 safeguards)',
|
|
228
190
|
deployment: 'DigitalOcean App Services compatible'
|
|
229
191
|
});
|
|
@@ -301,11 +263,11 @@ export class FrameworkHttpServer {
|
|
|
301
263
|
|
|
302
264
|
public start(): void {
|
|
303
265
|
this.app.listen(this.port, '0.0.0.0', () => {
|
|
304
|
-
console.log(`🚀 Framework MCP HTTP Server v1.3.
|
|
266
|
+
console.log(`🚀 Framework MCP HTTP Server v1.3.7 running on port ${this.port}`);
|
|
305
267
|
console.log(`📊 Health check: http://localhost:${this.port}/health`);
|
|
306
268
|
console.log(`📖 API docs: http://localhost:${this.port}/api`);
|
|
307
269
|
console.log(`🔧 Environment: ${process.env.NODE_ENV || 'development'}`);
|
|
308
|
-
console.log(`⚡
|
|
270
|
+
console.log(`⚡ Clean capability analysis - CIS Controls v8.1`);
|
|
309
271
|
});
|
|
310
272
|
|
|
311
273
|
// Graceful shutdown handling
|
|
@@ -20,7 +20,7 @@ export class FrameworkMcpServer {
|
|
|
20
20
|
this.server = new Server(
|
|
21
21
|
{
|
|
22
22
|
name: 'framework-analyzer',
|
|
23
|
-
version: '1.3.
|
|
23
|
+
version: '1.3.7',
|
|
24
24
|
}
|
|
25
25
|
);
|
|
26
26
|
|
|
@@ -35,33 +35,6 @@ export class FrameworkMcpServer {
|
|
|
35
35
|
this.server.setRequestHandler(ListToolsRequestSchema, async () => {
|
|
36
36
|
return {
|
|
37
37
|
tools: [
|
|
38
|
-
{
|
|
39
|
-
name: 'validate_vendor_mapping',
|
|
40
|
-
description: 'PRIMARY: Validate vendor capability claims with domain validation and evidence analysis',
|
|
41
|
-
inputSchema: {
|
|
42
|
-
type: 'object',
|
|
43
|
-
properties: {
|
|
44
|
-
vendor_name: {
|
|
45
|
-
type: 'string',
|
|
46
|
-
description: 'Name of the vendor/tool being analyzed'
|
|
47
|
-
},
|
|
48
|
-
safeguard_id: {
|
|
49
|
-
type: 'string',
|
|
50
|
-
description: 'CIS safeguard ID (e.g., "1.1", "5.1")'
|
|
51
|
-
},
|
|
52
|
-
claimed_capability: {
|
|
53
|
-
type: 'string',
|
|
54
|
-
description: 'Claimed capability role',
|
|
55
|
-
enum: ['full', 'partial', 'facilitates', 'governance', 'validates']
|
|
56
|
-
},
|
|
57
|
-
supporting_text: {
|
|
58
|
-
type: 'string',
|
|
59
|
-
description: 'Vendor text supporting their capability claim'
|
|
60
|
-
}
|
|
61
|
-
},
|
|
62
|
-
required: ['vendor_name', 'safeguard_id', 'claimed_capability', 'supporting_text']
|
|
63
|
-
}
|
|
64
|
-
} as Tool,
|
|
65
38
|
{
|
|
66
39
|
name: 'analyze_vendor_response',
|
|
67
40
|
description: 'Determine vendor tool capability role for specific safeguard',
|
|
@@ -121,9 +94,6 @@ export class FrameworkMcpServer {
|
|
|
121
94
|
|
|
122
95
|
try {
|
|
123
96
|
switch (name) {
|
|
124
|
-
case 'validate_vendor_mapping':
|
|
125
|
-
return await this.validateVendorMapping(args);
|
|
126
|
-
|
|
127
97
|
case 'analyze_vendor_response':
|
|
128
98
|
return await this.analyzeVendorResponse(args);
|
|
129
99
|
|
|
@@ -155,36 +125,6 @@ export class FrameworkMcpServer {
|
|
|
155
125
|
});
|
|
156
126
|
}
|
|
157
127
|
|
|
158
|
-
private async validateVendorMapping(args: any) {
|
|
159
|
-
const { vendor_name = 'Unknown Vendor', safeguard_id, claimed_capability, supporting_text } = args;
|
|
160
|
-
|
|
161
|
-
// Input validation
|
|
162
|
-
this.validateTextInput(supporting_text, 'Supporting text');
|
|
163
|
-
this.validateCapability(claimed_capability);
|
|
164
|
-
this.safeguardManager.validateSafeguardId(safeguard_id);
|
|
165
|
-
|
|
166
|
-
const safeguard = this.safeguardManager.getSafeguardDetails(safeguard_id);
|
|
167
|
-
if (!safeguard) {
|
|
168
|
-
throw new Error(`Safeguard ${safeguard_id} not found`);
|
|
169
|
-
}
|
|
170
|
-
|
|
171
|
-
const validation = this.capabilityAnalyzer.validateVendorMapping(
|
|
172
|
-
vendor_name,
|
|
173
|
-
safeguard_id,
|
|
174
|
-
claimed_capability,
|
|
175
|
-
supporting_text,
|
|
176
|
-
safeguard
|
|
177
|
-
);
|
|
178
|
-
|
|
179
|
-
return {
|
|
180
|
-
content: [
|
|
181
|
-
{
|
|
182
|
-
type: 'text',
|
|
183
|
-
text: JSON.stringify(validation, null, 2),
|
|
184
|
-
},
|
|
185
|
-
],
|
|
186
|
-
};
|
|
187
|
-
}
|
|
188
128
|
|
|
189
129
|
private async analyzeVendorResponse(args: any) {
|
|
190
130
|
const { vendor_name = 'Unknown Vendor', safeguard_id, response_text } = args;
|
|
@@ -240,7 +180,7 @@ export class FrameworkMcpServer {
|
|
|
240
180
|
safeguards,
|
|
241
181
|
total: safeguards.length,
|
|
242
182
|
framework: 'CIS Controls v8.1',
|
|
243
|
-
version: '1.3.
|
|
183
|
+
version: '1.3.7'
|
|
244
184
|
}, null, 2),
|
|
245
185
|
},
|
|
246
186
|
],
|
|
@@ -294,8 +234,8 @@ export class FrameworkMcpServer {
|
|
|
294
234
|
const transport = new StdioServerTransport();
|
|
295
235
|
await this.server.connect(transport);
|
|
296
236
|
|
|
297
|
-
console.error('🤖 Framework MCP Server v1.3.
|
|
298
|
-
console.error('📊
|
|
237
|
+
console.error('🤖 Framework MCP Server v1.3.7 running via stdio');
|
|
238
|
+
console.error('📊 Clean capability assessment for CIS Controls v8.1');
|
|
299
239
|
}
|
|
300
240
|
}
|
|
301
241
|
|
package/src/shared/types.ts
CHANGED
|
@@ -38,31 +38,6 @@ export interface VendorAnalysis {
|
|
|
38
38
|
recommendedUse: string; // How practitioners should use this tool
|
|
39
39
|
}
|
|
40
40
|
|
|
41
|
-
export interface DomainValidationResult {
|
|
42
|
-
vendor: string;
|
|
43
|
-
safeguard_id: string;
|
|
44
|
-
safeguard_title: string;
|
|
45
|
-
claimed_capability: string;
|
|
46
|
-
validation_status: 'SUPPORTED' | 'QUESTIONABLE' | 'UNSUPPORTED';
|
|
47
|
-
confidence_score: number;
|
|
48
|
-
evidence_analysis: {
|
|
49
|
-
core_requirements_coverage: number;
|
|
50
|
-
sub_elements_coverage: number;
|
|
51
|
-
governance_alignment: number;
|
|
52
|
-
language_consistency: number;
|
|
53
|
-
};
|
|
54
|
-
domain_validation: {
|
|
55
|
-
required_tool_type: string;
|
|
56
|
-
detected_tool_type: string;
|
|
57
|
-
domain_match: boolean;
|
|
58
|
-
capability_adjusted: boolean;
|
|
59
|
-
original_claim?: string;
|
|
60
|
-
};
|
|
61
|
-
gaps_identified: string[];
|
|
62
|
-
strengths_identified: string[];
|
|
63
|
-
recommendations: string[];
|
|
64
|
-
detailed_feedback: string;
|
|
65
|
-
}
|
|
66
41
|
|
|
67
42
|
export interface PerformanceMetrics {
|
|
68
43
|
uptime: number;
|
|
@@ -87,18 +62,3 @@ export interface QualityAssessment {
|
|
|
87
62
|
|
|
88
63
|
export type CapabilityType = 'full' | 'partial' | 'facilitates' | 'governance' | 'validates';
|
|
89
64
|
|
|
90
|
-
// Domain-specific validation mapping
|
|
91
|
-
export interface DomainRequirement {
|
|
92
|
-
domain: string;
|
|
93
|
-
required_tool_types: string[];
|
|
94
|
-
description: string;
|
|
95
|
-
}
|
|
96
|
-
|
|
97
|
-
// Tool type detection weights
|
|
98
|
-
export interface ToolTypeWeights {
|
|
99
|
-
[toolType: string]: {
|
|
100
|
-
keywords: string[];
|
|
101
|
-
baseWeight: number;
|
|
102
|
-
contextBonuses: string[];
|
|
103
|
-
};
|
|
104
|
-
}
|
package/swagger.json
CHANGED
|
@@ -2,8 +2,8 @@
|
|
|
2
2
|
"openapi": "3.0.3",
|
|
3
3
|
"info": {
|
|
4
4
|
"title": "Framework MCP API - CIS Controls Capability Assessment",
|
|
5
|
-
"description": "Microsoft Copilot-compatible API for vendor capability assessment against CIS Controls Framework v8.1 (153 safeguards). Features
|
|
6
|
-
"version": "1.3.
|
|
5
|
+
"description": "Microsoft Copilot-compatible API for vendor capability assessment against CIS Controls Framework v8.1 (153 safeguards). Features clean capability analysis architecture for accurate capability role determination (FULL, PARTIAL, FACILITATES, GOVERNANCE, VALIDATES).",
|
|
6
|
+
"version": "1.3.7",
|
|
7
7
|
"contact": {
|
|
8
8
|
"name": "Framework MCP Support",
|
|
9
9
|
"url": "https://github.com/therealcybermattlee/FrameworkMCP"
|
|
@@ -44,60 +44,10 @@
|
|
|
44
44
|
}
|
|
45
45
|
}
|
|
46
46
|
},
|
|
47
|
-
"/api/validate-vendor-mapping": {
|
|
48
|
-
"post": {
|
|
49
|
-
"summary": "Validate Vendor Capability Mapping (PRIMARY)",
|
|
50
|
-
"description": "Primary endpoint for validating vendor capability claims against CIS safeguards with domain validation and auto-downgrade protection. Use this for evidence-based capability assessment.",
|
|
51
|
-
"operationId": "validateVendorMapping",
|
|
52
|
-
"tags": ["Capability Assessment"],
|
|
53
|
-
"requestBody": {
|
|
54
|
-
"required": true,
|
|
55
|
-
"content": {
|
|
56
|
-
"application/json": {
|
|
57
|
-
"schema": {
|
|
58
|
-
"$ref": "#/components/schemas/VendorMappingRequest"
|
|
59
|
-
}
|
|
60
|
-
}
|
|
61
|
-
}
|
|
62
|
-
},
|
|
63
|
-
"responses": {
|
|
64
|
-
"200": {
|
|
65
|
-
"description": "Validation completed successfully",
|
|
66
|
-
"content": {
|
|
67
|
-
"application/json": {
|
|
68
|
-
"schema": {
|
|
69
|
-
"$ref": "#/components/schemas/ValidationResponse"
|
|
70
|
-
}
|
|
71
|
-
}
|
|
72
|
-
}
|
|
73
|
-
},
|
|
74
|
-
"400": {
|
|
75
|
-
"description": "Invalid request parameters",
|
|
76
|
-
"content": {
|
|
77
|
-
"application/json": {
|
|
78
|
-
"schema": {
|
|
79
|
-
"$ref": "#/components/schemas/ErrorResponse"
|
|
80
|
-
}
|
|
81
|
-
}
|
|
82
|
-
}
|
|
83
|
-
},
|
|
84
|
-
"404": {
|
|
85
|
-
"description": "Safeguard not found",
|
|
86
|
-
"content": {
|
|
87
|
-
"application/json": {
|
|
88
|
-
"schema": {
|
|
89
|
-
"$ref": "#/components/schemas/ErrorResponse"
|
|
90
|
-
}
|
|
91
|
-
}
|
|
92
|
-
}
|
|
93
|
-
}
|
|
94
|
-
}
|
|
95
|
-
}
|
|
96
|
-
},
|
|
97
47
|
"/api/analyze-vendor-response": {
|
|
98
48
|
"post": {
|
|
99
|
-
"summary": "Analyze Vendor Response",
|
|
100
|
-
"description": "
|
|
49
|
+
"summary": "Analyze Vendor Response (PRIMARY)",
|
|
50
|
+
"description": "Primary endpoint for analyzing vendor response text to determine appropriate capability role for CIS safeguards",
|
|
101
51
|
"operationId": "analyzeVendorResponse",
|
|
102
52
|
"tags": ["Capability Assessment"],
|
|
103
53
|
"requestBody": {
|
|
@@ -116,7 +66,7 @@
|
|
|
116
66
|
"content": {
|
|
117
67
|
"application/json": {
|
|
118
68
|
"schema": {
|
|
119
|
-
"$ref": "#/components/schemas/
|
|
69
|
+
"$ref": "#/components/schemas/VendorAnalysisResponse"
|
|
120
70
|
}
|
|
121
71
|
}
|
|
122
72
|
}
|
|
@@ -246,6 +196,26 @@
|
|
|
246
196
|
}
|
|
247
197
|
}
|
|
248
198
|
}
|
|
199
|
+
},
|
|
200
|
+
"/api": {
|
|
201
|
+
"get": {
|
|
202
|
+
"summary": "API Documentation",
|
|
203
|
+
"description": "Get API documentation and available endpoints information",
|
|
204
|
+
"operationId": "getApiDocumentation",
|
|
205
|
+
"tags": ["Monitoring"],
|
|
206
|
+
"responses": {
|
|
207
|
+
"200": {
|
|
208
|
+
"description": "API documentation and endpoints",
|
|
209
|
+
"content": {
|
|
210
|
+
"application/json": {
|
|
211
|
+
"schema": {
|
|
212
|
+
"$ref": "#/components/schemas/ApiDocumentationResponse"
|
|
213
|
+
}
|
|
214
|
+
}
|
|
215
|
+
}
|
|
216
|
+
}
|
|
217
|
+
}
|
|
218
|
+
}
|
|
249
219
|
}
|
|
250
220
|
},
|
|
251
221
|
"components": {
|
|
@@ -253,36 +223,7 @@
|
|
|
253
223
|
"CapabilityRole": {
|
|
254
224
|
"type": "string",
|
|
255
225
|
"enum": ["full", "partial", "facilitates", "governance", "validates"],
|
|
256
|
-
"description": "Vendor tool capability roles:\n- FULL: Complete implementation of safeguard
|
|
257
|
-
},
|
|
258
|
-
"VendorMappingRequest": {
|
|
259
|
-
"type": "object",
|
|
260
|
-
"required": ["vendor_name", "safeguard_id", "claimed_capability", "supporting_text"],
|
|
261
|
-
"properties": {
|
|
262
|
-
"vendor_name": {
|
|
263
|
-
"type": "string",
|
|
264
|
-
"description": "Name of the vendor or tool being analyzed",
|
|
265
|
-
"minLength": 1,
|
|
266
|
-
"maxLength": 100,
|
|
267
|
-
"example": "CrowdStrike Falcon"
|
|
268
|
-
},
|
|
269
|
-
"safeguard_id": {
|
|
270
|
-
"type": "string",
|
|
271
|
-
"pattern": "^[0-9]+\\.[0-9]+$",
|
|
272
|
-
"description": "CIS safeguard ID (format: X.Y)",
|
|
273
|
-
"example": "1.1"
|
|
274
|
-
},
|
|
275
|
-
"claimed_capability": {
|
|
276
|
-
"$ref": "#/components/schemas/CapabilityRole"
|
|
277
|
-
},
|
|
278
|
-
"supporting_text": {
|
|
279
|
-
"type": "string",
|
|
280
|
-
"description": "Vendor response or documentation supporting their capability claim",
|
|
281
|
-
"minLength": 10,
|
|
282
|
-
"maxLength": 10000,
|
|
283
|
-
"example": "Our platform provides comprehensive enterprise asset inventory with real-time discovery, automated classification, and continuous monitoring of all hardware and software assets across the organization."
|
|
284
|
-
}
|
|
285
|
-
}
|
|
226
|
+
"description": "Vendor tool capability roles:\n- FULL: Complete implementation of safeguard\n- PARTIAL: Limited scope implementation\n- FACILITATES: Enhancement capabilities that enable better/faster/stronger implementation\n- GOVERNANCE: Policy/process management and oversight\n- VALIDATES: Evidence collection, audit, and reporting"
|
|
286
227
|
},
|
|
287
228
|
"AnalysisRequest": {
|
|
288
229
|
"type": "object",
|
|
@@ -310,147 +251,78 @@
|
|
|
310
251
|
}
|
|
311
252
|
}
|
|
312
253
|
},
|
|
313
|
-
"
|
|
254
|
+
"VendorAnalysisResponse": {
|
|
314
255
|
"type": "object",
|
|
315
256
|
"properties": {
|
|
316
|
-
"
|
|
257
|
+
"vendor": {
|
|
317
258
|
"type": "string",
|
|
318
|
-
"
|
|
259
|
+
"description": "Name of the vendor or tool",
|
|
260
|
+
"example": "Microsoft Defender"
|
|
319
261
|
},
|
|
320
|
-
"
|
|
262
|
+
"safeguardId": {
|
|
321
263
|
"type": "string",
|
|
322
|
-
"
|
|
323
|
-
|
|
324
|
-
"claimed_capability": {
|
|
325
|
-
"$ref": "#/components/schemas/CapabilityRole"
|
|
326
|
-
},
|
|
327
|
-
"validated_capability": {
|
|
328
|
-
"$ref": "#/components/schemas/CapabilityRole"
|
|
264
|
+
"description": "CIS safeguard ID",
|
|
265
|
+
"example": "5.1"
|
|
329
266
|
},
|
|
330
|
-
"
|
|
267
|
+
"safeguardTitle": {
|
|
331
268
|
"type": "string",
|
|
332
|
-
"
|
|
333
|
-
"
|
|
269
|
+
"description": "Title of the CIS safeguard",
|
|
270
|
+
"example": "Establish and Maintain an Inventory of Accounts"
|
|
334
271
|
},
|
|
335
|
-
"
|
|
336
|
-
"
|
|
337
|
-
"
|
|
338
|
-
"maximum": 100,
|
|
339
|
-
"description": "Confidence percentage in the assessment"
|
|
272
|
+
"capability": {
|
|
273
|
+
"$ref": "#/components/schemas/CapabilityRole",
|
|
274
|
+
"description": "Primary capability categorization"
|
|
340
275
|
},
|
|
341
|
-
"
|
|
276
|
+
"capabilities": {
|
|
342
277
|
"type": "object",
|
|
278
|
+
"description": "Detailed capability breakdown",
|
|
343
279
|
"properties": {
|
|
344
|
-
"
|
|
345
|
-
"type": "string",
|
|
346
|
-
"description": "Detected tool type category"
|
|
347
|
-
},
|
|
348
|
-
"domain_appropriate": {
|
|
280
|
+
"full": {
|
|
349
281
|
"type": "boolean",
|
|
350
|
-
"description": "
|
|
282
|
+
"description": "Directly implements the core safeguard functionality"
|
|
351
283
|
},
|
|
352
|
-
"
|
|
284
|
+
"partial": {
|
|
353
285
|
"type": "boolean",
|
|
354
|
-
"description": "
|
|
355
|
-
}
|
|
356
|
-
}
|
|
357
|
-
},
|
|
358
|
-
"evidence_analysis": {
|
|
359
|
-
"type": "object",
|
|
360
|
-
"properties": {
|
|
361
|
-
"core_requirements_score": {
|
|
362
|
-
"type": "number",
|
|
363
|
-
"minimum": 0,
|
|
364
|
-
"maximum": 100
|
|
286
|
+
"description": "Implements limited aspects of the safeguard"
|
|
365
287
|
},
|
|
366
|
-
"
|
|
367
|
-
"type": "
|
|
368
|
-
"
|
|
369
|
-
"maximum": 100
|
|
288
|
+
"facilitates": {
|
|
289
|
+
"type": "boolean",
|
|
290
|
+
"description": "Enhances or enables safeguard implementation by others"
|
|
370
291
|
},
|
|
371
|
-
"
|
|
372
|
-
"type": "
|
|
373
|
-
"
|
|
374
|
-
"maximum": 100
|
|
292
|
+
"governance": {
|
|
293
|
+
"type": "boolean",
|
|
294
|
+
"description": "Provides policy, process, and oversight capabilities"
|
|
375
295
|
},
|
|
376
|
-
"
|
|
377
|
-
"type": "
|
|
378
|
-
"
|
|
379
|
-
"maximum": 100
|
|
296
|
+
"validates": {
|
|
297
|
+
"type": "boolean",
|
|
298
|
+
"description": "Provides evidence, audit, and validation reporting"
|
|
380
299
|
}
|
|
381
300
|
}
|
|
382
301
|
},
|
|
302
|
+
"confidence": {
|
|
303
|
+
"type": "number",
|
|
304
|
+
"minimum": 0,
|
|
305
|
+
"maximum": 100,
|
|
306
|
+
"description": "Confidence score in the assessment"
|
|
307
|
+
},
|
|
383
308
|
"reasoning": {
|
|
384
309
|
"type": "string",
|
|
385
|
-
"description": "Detailed explanation of the
|
|
310
|
+
"description": "Detailed explanation of the capability determination"
|
|
386
311
|
},
|
|
387
|
-
"
|
|
312
|
+
"evidence": {
|
|
388
313
|
"type": "array",
|
|
389
314
|
"items": {
|
|
390
315
|
"type": "string"
|
|
391
316
|
},
|
|
392
|
-
"description": "
|
|
317
|
+
"description": "Evidence supporting the capability assessment"
|
|
393
318
|
},
|
|
394
|
-
"
|
|
319
|
+
"toolCapabilityDescription": {
|
|
395
320
|
"type": "string",
|
|
396
|
-
"
|
|
397
|
-
}
|
|
398
|
-
}
|
|
399
|
-
},
|
|
400
|
-
"AnalysisResponse": {
|
|
401
|
-
"type": "object",
|
|
402
|
-
"properties": {
|
|
403
|
-
"vendor_name": {
|
|
404
|
-
"type": "string"
|
|
405
|
-
},
|
|
406
|
-
"safeguard_id": {
|
|
407
|
-
"type": "string"
|
|
408
|
-
},
|
|
409
|
-
"determined_capability": {
|
|
410
|
-
"$ref": "#/components/schemas/CapabilityRole"
|
|
411
|
-
},
|
|
412
|
-
"confidence_score": {
|
|
413
|
-
"type": "number",
|
|
414
|
-
"minimum": 0,
|
|
415
|
-
"maximum": 100
|
|
321
|
+
"description": "Description of what type of tool this is and its role"
|
|
416
322
|
},
|
|
417
|
-
"
|
|
418
|
-
"type": "object",
|
|
419
|
-
"properties": {
|
|
420
|
-
"tool_type": {
|
|
421
|
-
"type": "string"
|
|
422
|
-
},
|
|
423
|
-
"domain_appropriate": {
|
|
424
|
-
"type": "boolean"
|
|
425
|
-
}
|
|
426
|
-
}
|
|
427
|
-
},
|
|
428
|
-
"analysis_details": {
|
|
429
|
-
"type": "object",
|
|
430
|
-
"properties": {
|
|
431
|
-
"core_coverage": {
|
|
432
|
-
"type": "number",
|
|
433
|
-
"minimum": 0,
|
|
434
|
-
"maximum": 100
|
|
435
|
-
},
|
|
436
|
-
"implementation_depth": {
|
|
437
|
-
"type": "number",
|
|
438
|
-
"minimum": 0,
|
|
439
|
-
"maximum": 100
|
|
440
|
-
},
|
|
441
|
-
"governance_support": {
|
|
442
|
-
"type": "number",
|
|
443
|
-
"minimum": 0,
|
|
444
|
-
"maximum": 100
|
|
445
|
-
}
|
|
446
|
-
}
|
|
447
|
-
},
|
|
448
|
-
"reasoning": {
|
|
449
|
-
"type": "string"
|
|
450
|
-
},
|
|
451
|
-
"timestamp": {
|
|
323
|
+
"recommendedUse": {
|
|
452
324
|
"type": "string",
|
|
453
|
-
"
|
|
325
|
+
"description": "How practitioners should use this tool for the safeguard"
|
|
454
326
|
}
|
|
455
327
|
}
|
|
456
328
|
},
|
|
@@ -563,7 +435,7 @@
|
|
|
563
435
|
},
|
|
564
436
|
"version": {
|
|
565
437
|
"type": "string",
|
|
566
|
-
"example": "1.3.
|
|
438
|
+
"example": "1.3.7"
|
|
567
439
|
},
|
|
568
440
|
"timestamp": {
|
|
569
441
|
"type": "string",
|
|
@@ -599,6 +471,45 @@
|
|
|
599
471
|
}
|
|
600
472
|
}
|
|
601
473
|
},
|
|
474
|
+
"ApiDocumentationResponse": {
|
|
475
|
+
"type": "object",
|
|
476
|
+
"properties": {
|
|
477
|
+
"name": {
|
|
478
|
+
"type": "string",
|
|
479
|
+
"example": "Framework MCP HTTP API"
|
|
480
|
+
},
|
|
481
|
+
"version": {
|
|
482
|
+
"type": "string",
|
|
483
|
+
"example": "1.3.7"
|
|
484
|
+
},
|
|
485
|
+
"description": {
|
|
486
|
+
"type": "string",
|
|
487
|
+
"example": "Clean HTTP API for vendor capability assessment against CIS Controls Framework"
|
|
488
|
+
},
|
|
489
|
+
"endpoints": {
|
|
490
|
+
"type": "object",
|
|
491
|
+
"additionalProperties": {
|
|
492
|
+
"type": "string"
|
|
493
|
+
},
|
|
494
|
+
"description": "Available API endpoints and their descriptions"
|
|
495
|
+
},
|
|
496
|
+
"capabilities": {
|
|
497
|
+
"type": "array",
|
|
498
|
+
"items": {
|
|
499
|
+
"type": "string"
|
|
500
|
+
},
|
|
501
|
+
"description": "Supported capability types"
|
|
502
|
+
},
|
|
503
|
+
"framework": {
|
|
504
|
+
"type": "string",
|
|
505
|
+
"example": "CIS Controls v8.1 (153 safeguards)"
|
|
506
|
+
},
|
|
507
|
+
"deployment": {
|
|
508
|
+
"type": "string",
|
|
509
|
+
"example": "DigitalOcean App Services compatible"
|
|
510
|
+
}
|
|
511
|
+
}
|
|
512
|
+
},
|
|
602
513
|
"ErrorResponse": {
|
|
603
514
|
"type": "object",
|
|
604
515
|
"properties": {
|