framework-mcp 1.3.6 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/.claude/agents/mcp-developer.md +41 -0
  2. package/.claude/agents/project-orchestrator.md +43 -0
  3. package/.claude/agents/version-consistency-reviewer.md +50 -0
  4. package/COPILOT_INTEGRATION.md +49 -62
  5. package/DEPLOYMENT_GUIDE.md +48 -49
  6. package/MCP_INTEGRATION_GUIDE.md +96 -129
  7. package/MIGRATION_GUIDE_v1.4.0.md +190 -0
  8. package/README.md +149 -173
  9. package/RELEASE_NOTES_v1.3.7.md +275 -0
  10. package/RELEASE_NOTES_v1.4.0.md +178 -0
  11. package/SAFEGUARDS_VERIFICATION_LOG.md +157 -0
  12. package/dist/core/safeguard-manager.d.ts.map +1 -1
  13. package/dist/core/safeguard-manager.js +747 -1191
  14. package/dist/core/safeguard-manager.js.map +1 -1
  15. package/dist/index.d.ts +0 -1
  16. package/dist/index.d.ts.map +1 -1
  17. package/dist/index.js +1 -2
  18. package/dist/index.js.map +1 -1
  19. package/dist/interfaces/http/http-server.d.ts +0 -4
  20. package/dist/interfaces/http/http-server.d.ts.map +1 -1
  21. package/dist/interfaces/http/http-server.js +6 -113
  22. package/dist/interfaces/http/http-server.js.map +1 -1
  23. package/dist/interfaces/mcp/mcp-server.d.ts +0 -5
  24. package/dist/interfaces/mcp/mcp-server.d.ts.map +1 -1
  25. package/dist/interfaces/mcp/mcp-server.js +4 -120
  26. package/dist/interfaces/mcp/mcp-server.js.map +1 -1
  27. package/dist/shared/types.d.ts +0 -37
  28. package/dist/shared/types.d.ts.map +1 -1
  29. package/examples/example-usage.md +43 -38
  30. package/examples/llm-analysis-patterns.md +553 -0
  31. package/package.json +2 -3
  32. package/scripts/validate-documentation.sh +4 -4
  33. package/src/core/safeguard-manager.ts +729 -1173
  34. package/src/index.ts +1 -2
  35. package/src/interfaces/http/http-server.ts +6 -139
  36. package/src/interfaces/mcp/mcp-server.ts +4 -145
  37. package/src/shared/types.ts +0 -40
  38. package/swagger.json +64 -313
  39. package/dist/core/capability-analyzer.d.ts +0 -29
  40. package/dist/core/capability-analyzer.d.ts.map +0 -1
  41. package/dist/core/capability-analyzer.js +0 -568
  42. package/dist/core/capability-analyzer.js.map +0 -1
  43. package/src/core/capability-analyzer.ts +0 -708
package/swagger.json CHANGED
@@ -1,9 +1,9 @@
1
1
  {
2
2
  "openapi": "3.0.3",
3
3
  "info": {
4
- "title": "Framework MCP API - CIS Controls Capability Assessment",
5
- "description": "Microsoft Copilot-compatible API for vendor capability assessment against CIS Controls Framework v8.1 (153 safeguards). Features consolidated tool architecture with domain validation and auto-downgrade protection for accurate capability role determination (FULL, PARTIAL, FACILITATES, GOVERNANCE, VALIDATES).",
6
- "version": "1.3.6",
4
+ "title": "Framework MCP API - Pure Data Provider",
5
+ "description": "Microsoft Copilot-compatible API providing authoritative CIS Controls Framework v8.1 data (153 safeguards). Pure Data Provider architecture empowers LLMs with structured safeguards data for sophisticated, context-aware vendor capability analysis.",
6
+ "version": "1.4.0",
7
7
  "contact": {
8
8
  "name": "Framework MCP Support",
9
9
  "url": "https://github.com/therealcybermattlee/FrameworkMCP"
@@ -44,106 +44,6 @@
44
44
  }
45
45
  }
46
46
  },
47
- "/api/validate-vendor-mapping": {
48
- "post": {
49
- "summary": "Validate Vendor Capability Mapping (PRIMARY)",
50
- "description": "Primary endpoint for validating vendor capability claims against CIS safeguards with domain validation and auto-downgrade protection. Use this for evidence-based capability assessment.",
51
- "operationId": "validateVendorMapping",
52
- "tags": ["Capability Assessment"],
53
- "requestBody": {
54
- "required": true,
55
- "content": {
56
- "application/json": {
57
- "schema": {
58
- "$ref": "#/components/schemas/VendorMappingRequest"
59
- }
60
- }
61
- }
62
- },
63
- "responses": {
64
- "200": {
65
- "description": "Validation completed successfully",
66
- "content": {
67
- "application/json": {
68
- "schema": {
69
- "$ref": "#/components/schemas/ValidationResponse"
70
- }
71
- }
72
- }
73
- },
74
- "400": {
75
- "description": "Invalid request parameters",
76
- "content": {
77
- "application/json": {
78
- "schema": {
79
- "$ref": "#/components/schemas/ErrorResponse"
80
- }
81
- }
82
- }
83
- },
84
- "404": {
85
- "description": "Safeguard not found",
86
- "content": {
87
- "application/json": {
88
- "schema": {
89
- "$ref": "#/components/schemas/ErrorResponse"
90
- }
91
- }
92
- }
93
- }
94
- }
95
- }
96
- },
97
- "/api/analyze-vendor-response": {
98
- "post": {
99
- "summary": "Analyze Vendor Response",
100
- "description": "Analyze vendor response text to determine appropriate capability role with domain validation",
101
- "operationId": "analyzeVendorResponse",
102
- "tags": ["Capability Assessment"],
103
- "requestBody": {
104
- "required": true,
105
- "content": {
106
- "application/json": {
107
- "schema": {
108
- "$ref": "#/components/schemas/AnalysisRequest"
109
- }
110
- }
111
- }
112
- },
113
- "responses": {
114
- "200": {
115
- "description": "Analysis completed successfully",
116
- "content": {
117
- "application/json": {
118
- "schema": {
119
- "$ref": "#/components/schemas/AnalysisResponse"
120
- }
121
- }
122
- }
123
- },
124
- "400": {
125
- "description": "Invalid request parameters",
126
- "content": {
127
- "application/json": {
128
- "schema": {
129
- "$ref": "#/components/schemas/ErrorResponse"
130
- }
131
- }
132
- }
133
- },
134
- "404": {
135
- "description": "Safeguard not found",
136
- "content": {
137
- "application/json": {
138
- "schema": {
139
- "$ref": "#/components/schemas/ErrorResponse"
140
- }
141
- }
142
- }
143
- }
144
- }
145
- }
146
- },
147
47
  "/api/safeguards": {
148
48
  "get": {
149
49
  "summary": "List Available Safeguards",
@@ -246,214 +146,30 @@
246
146
  }
247
147
  }
248
148
  }
249
- }
250
- },
251
- "components": {
252
- "schemas": {
253
- "CapabilityRole": {
254
- "type": "string",
255
- "enum": ["full", "partial", "facilitates", "governance", "validates"],
256
- "description": "Vendor tool capability roles:\n- FULL: Complete implementation of safeguard (requires domain-appropriate tool)\n- PARTIAL: Limited scope implementation (requires domain-appropriate tool)\n- FACILITATES: Enhancement capabilities (no tool type restrictions)\n- GOVERNANCE: Policy/process management (no tool type restrictions)\n- VALIDATES: Evidence collection and reporting (no tool type restrictions)"
257
- },
258
- "VendorMappingRequest": {
259
- "type": "object",
260
- "required": ["vendor_name", "safeguard_id", "claimed_capability", "supporting_text"],
261
- "properties": {
262
- "vendor_name": {
263
- "type": "string",
264
- "description": "Name of the vendor or tool being analyzed",
265
- "minLength": 1,
266
- "maxLength": 100,
267
- "example": "CrowdStrike Falcon"
268
- },
269
- "safeguard_id": {
270
- "type": "string",
271
- "pattern": "^[0-9]+\\.[0-9]+$",
272
- "description": "CIS safeguard ID (format: X.Y)",
273
- "example": "1.1"
274
- },
275
- "claimed_capability": {
276
- "$ref": "#/components/schemas/CapabilityRole"
277
- },
278
- "supporting_text": {
279
- "type": "string",
280
- "description": "Vendor response or documentation supporting their capability claim",
281
- "minLength": 10,
282
- "maxLength": 10000,
283
- "example": "Our platform provides comprehensive enterprise asset inventory with real-time discovery, automated classification, and continuous monitoring of all hardware and software assets across the organization."
284
- }
285
- }
286
- },
287
- "AnalysisRequest": {
288
- "type": "object",
289
- "required": ["vendor_name", "safeguard_id", "response_text"],
290
- "properties": {
291
- "vendor_name": {
292
- "type": "string",
293
- "description": "Name of the vendor",
294
- "minLength": 1,
295
- "maxLength": 100,
296
- "example": "Microsoft Defender"
297
- },
298
- "safeguard_id": {
299
- "type": "string",
300
- "pattern": "^[0-9]+\\.[0-9]+$",
301
- "description": "CIS safeguard ID",
302
- "example": "5.1"
303
- },
304
- "response_text": {
305
- "type": "string",
306
- "description": "Vendor response text to analyze for capability determination",
307
- "minLength": 10,
308
- "maxLength": 10000,
309
- "example": "We provide centralized account management with role-based access controls, automated provisioning and deprovisioning, and integration with Active Directory for enterprise identity management."
310
- }
311
- }
312
- },
313
- "ValidationResponse": {
314
- "type": "object",
315
- "properties": {
316
- "vendor_name": {
317
- "type": "string",
318
- "example": "CrowdStrike Falcon"
319
- },
320
- "safeguard_id": {
321
- "type": "string",
322
- "example": "1.1"
323
- },
324
- "claimed_capability": {
325
- "$ref": "#/components/schemas/CapabilityRole"
326
- },
327
- "validated_capability": {
328
- "$ref": "#/components/schemas/CapabilityRole"
329
- },
330
- "validation_status": {
331
- "type": "string",
332
- "enum": ["SUPPORTED", "QUESTIONABLE", "UNSUPPORTED"],
333
- "description": "Overall validation result"
334
- },
335
- "confidence_score": {
336
- "type": "number",
337
- "minimum": 0,
338
- "maximum": 100,
339
- "description": "Confidence percentage in the assessment"
340
- },
341
- "domain_validation": {
342
- "type": "object",
343
- "properties": {
344
- "tool_type": {
345
- "type": "string",
346
- "description": "Detected tool type category"
347
- },
348
- "domain_appropriate": {
349
- "type": "boolean",
350
- "description": "Whether tool type is appropriate for claimed capability"
351
- },
352
- "auto_downgrade_applied": {
353
- "type": "boolean",
354
- "description": "Whether capability was auto-downgraded due to domain mismatch"
355
- }
356
- }
357
- },
358
- "evidence_analysis": {
359
- "type": "object",
360
- "properties": {
361
- "core_requirements_score": {
362
- "type": "number",
363
- "minimum": 0,
364
- "maximum": 100
365
- },
366
- "governance_elements_score": {
367
- "type": "number",
368
- "minimum": 0,
369
- "maximum": 100
370
- },
371
- "sub_elements_score": {
372
- "type": "number",
373
- "minimum": 0,
374
- "maximum": 100
375
- },
376
- "language_consistency_score": {
377
- "type": "number",
378
- "minimum": 0,
379
- "maximum": 100
380
- }
381
- }
382
- },
383
- "reasoning": {
384
- "type": "string",
385
- "description": "Detailed explanation of the validation decision"
386
- },
387
- "recommendations": {
388
- "type": "array",
389
- "items": {
390
- "type": "string"
391
- },
392
- "description": "Actionable recommendations for capability improvement"
393
- },
394
- "timestamp": {
395
- "type": "string",
396
- "format": "date-time"
397
- }
398
- }
399
- },
400
- "AnalysisResponse": {
401
- "type": "object",
402
- "properties": {
403
- "vendor_name": {
404
- "type": "string"
405
- },
406
- "safeguard_id": {
407
- "type": "string"
408
- },
409
- "determined_capability": {
410
- "$ref": "#/components/schemas/CapabilityRole"
411
- },
412
- "confidence_score": {
413
- "type": "number",
414
- "minimum": 0,
415
- "maximum": 100
416
- },
417
- "domain_validation": {
418
- "type": "object",
419
- "properties": {
420
- "tool_type": {
421
- "type": "string"
422
- },
423
- "domain_appropriate": {
424
- "type": "boolean"
425
- }
426
- }
427
- },
428
- "analysis_details": {
429
- "type": "object",
430
- "properties": {
431
- "core_coverage": {
432
- "type": "number",
433
- "minimum": 0,
434
- "maximum": 100
435
- },
436
- "implementation_depth": {
437
- "type": "number",
438
- "minimum": 0,
439
- "maximum": 100
440
- },
441
- "governance_support": {
442
- "type": "number",
443
- "minimum": 0,
444
- "maximum": 100
149
+ },
150
+ "/api": {
151
+ "get": {
152
+ "summary": "API Documentation",
153
+ "description": "Get API documentation and available endpoints information",
154
+ "operationId": "getApiDocumentation",
155
+ "tags": ["Monitoring"],
156
+ "responses": {
157
+ "200": {
158
+ "description": "API documentation and endpoints",
159
+ "content": {
160
+ "application/json": {
161
+ "schema": {
162
+ "$ref": "#/components/schemas/ApiDocumentationResponse"
163
+ }
445
164
  }
446
165
  }
447
- },
448
- "reasoning": {
449
- "type": "string"
450
- },
451
- "timestamp": {
452
- "type": "string",
453
- "format": "date-time"
454
166
  }
455
167
  }
456
- },
168
+ }
169
+ }
170
+ },
171
+ "components": {
172
+ "schemas": {
457
173
  "SafeguardListResponse": {
458
174
  "type": "object",
459
175
  "properties": {
@@ -563,7 +279,7 @@
563
279
  },
564
280
  "version": {
565
281
  "type": "string",
566
- "example": "1.3.4"
282
+ "example": "1.4.0"
567
283
  },
568
284
  "timestamp": {
569
285
  "type": "string",
@@ -599,6 +315,45 @@
599
315
  }
600
316
  }
601
317
  },
318
+ "ApiDocumentationResponse": {
319
+ "type": "object",
320
+ "properties": {
321
+ "name": {
322
+ "type": "string",
323
+ "example": "Framework MCP HTTP API"
324
+ },
325
+ "version": {
326
+ "type": "string",
327
+ "example": "1.4.0"
328
+ },
329
+ "description": {
330
+ "type": "string",
331
+ "example": "Pure Data Provider API serving authoritative CIS Controls Framework data for LLM-driven analysis"
332
+ },
333
+ "endpoints": {
334
+ "type": "object",
335
+ "additionalProperties": {
336
+ "type": "string"
337
+ },
338
+ "description": "Available API endpoints and their descriptions"
339
+ },
340
+ "capabilities": {
341
+ "type": "array",
342
+ "items": {
343
+ "type": "string"
344
+ },
345
+ "description": "Supported capability types"
346
+ },
347
+ "framework": {
348
+ "type": "string",
349
+ "example": "CIS Controls v8.1 (153 safeguards)"
350
+ },
351
+ "deployment": {
352
+ "type": "string",
353
+ "example": "DigitalOcean App Services compatible"
354
+ }
355
+ }
356
+ },
602
357
  "ErrorResponse": {
603
358
  "type": "object",
604
359
  "properties": {
@@ -619,13 +374,9 @@
619
374
  }
620
375
  },
621
376
  "tags": [
622
- {
623
- "name": "Capability Assessment",
624
- "description": "Primary API endpoints for vendor capability assessment against CIS Controls"
625
- },
626
377
  {
627
378
  "name": "Safeguards",
628
- "description": "CIS Controls safeguards information and details"
379
+ "description": "Authoritative CIS Controls safeguards data for LLM-driven analysis"
629
380
  },
630
381
  {
631
382
  "name": "Monitoring",
@@ -1,29 +0,0 @@
1
- import { SafeguardElement, VendorAnalysis, DomainValidationResult, PerformanceMetrics } from '../shared/types.js';
2
- export declare class CapabilityAnalyzer {
3
- private cache;
4
- private performanceMetrics;
5
- constructor();
6
- performCapabilityAnalysis(vendorName: string, safeguard: SafeguardElement, responseText: string): VendorAnalysis;
7
- validateVendorMapping(vendorName: string, safeguardId: string, claimedCapability: string, supportingText: string, safeguard: SafeguardElement): DomainValidationResult;
8
- private determineClaimedCapability;
9
- private getImplementationIndicators;
10
- private assessCapabilityQuality;
11
- private assessImplementationQuality;
12
- private assessFacilitationQuality;
13
- private assessGovernanceQuality;
14
- private assessValidationQuality;
15
- private generateCapabilityAnalysis;
16
- private generateToolCapabilityDescription;
17
- private generateRecommendedUse;
18
- private detectToolType;
19
- private validateDomainMatch;
20
- private assessCapabilityClaimAlignment;
21
- private generateValidationFeedback;
22
- private calculateKeywordScore;
23
- private calculateElementCoverage;
24
- private recordToolExecution;
25
- private logPerformanceStats;
26
- private cleanupExpiredCache;
27
- getPerformanceMetrics(): PerformanceMetrics;
28
- }
29
- //# sourceMappingURL=capability-analyzer.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"capability-analyzer.d.ts","sourceRoot":"","sources":["../../src/core/capability-analyzer.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,cAAc,EACd,sBAAsB,EACtB,kBAAkB,EAMnB,MAAM,oBAAoB,CAAC;AAiE5B,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,KAAK,CAA+B;IAC5C,OAAO,CAAC,kBAAkB,CAAqB;;IAmBxC,yBAAyB,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,GAAG,cAAc;IA2BhH,qBAAqB,CAC1B,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,iBAAiB,EAAE,MAAM,EACzB,cAAc,EAAE,MAAM,EACtB,SAAS,EAAE,gBAAgB,GAC1B,sBAAsB;IA6EzB,OAAO,CAAC,0BAA0B;IAmDlC,OAAO,CAAC,2BAA2B;IAanC,OAAO,CAAC,uBAAuB;IAoC/B,OAAO,CAAC,2BAA2B;IAmCnC,OAAO,CAAC,yBAAyB;IA6BjC,OAAO,CAAC,uBAAuB;IA6B/B,OAAO,CAAC,uBAAuB;IA6B/B,OAAO,CAAC,0BAA0B;IAgClC,OAAO,CAAC,iCAAiC;IAmBzC,OAAO,CAAC,sBAAsB;IAY9B,OAAO,CAAC,cAAc;IA+BtB,OAAO,CAAC,mBAAmB;IAoC3B,OAAO,CAAC,8BAA8B;IA8CtC,OAAO,CAAC,0BAA0B;IA2BlC,OAAO,CAAC,qBAAqB;IAU7B,OAAO,CAAC,wBAAwB;IAUhC,OAAO,CAAC,mBAAmB;IAoB3B,OAAO,CAAC,mBAAmB;IAe3B,OAAO,CAAC,mBAAmB;IAkBpB,qBAAqB,IAAI,kBAAkB;CAGnD"}