iso27001-mcp 0.8.6 → 0.8.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/index.js +60 -37
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
**Turn Claude into an ISO 27001 compliance assistant** — controls, risk register, policies, evidence tracking, SoA generation, and full audit workflows in one local encrypted MCP server.
|
|
4
4
|
|
|
5
|
-
[](https://socket.dev/npm/package/iso27001-mcp/overview/0.8.7)
|
|
6
6
|
[](https://npmjs.com/package/iso27001-mcp)
|
|
7
7
|
[](https://npmjs.com/package/iso27001-mcp)
|
|
8
8
|
[](https://github.com/Sushegaad/MCP-Server-for-ISO27001/actions/workflows/ci.yml)
|
package/dist/index.js
CHANGED
|
@@ -24797,7 +24797,7 @@ var require_package = __commonJS({
|
|
|
24797
24797
|
"package.json"(exports2, module2) {
|
|
24798
24798
|
module2.exports = {
|
|
24799
24799
|
name: "iso27001-mcp",
|
|
24800
|
-
version: "0.8.
|
|
24800
|
+
version: "0.8.7",
|
|
24801
24801
|
mcpName: "io.github.Sushegaad/iso27001-mcp",
|
|
24802
24802
|
description: "ISO 27001 compliance workspace for Claude \u2014 controls, risks, policies, evidence, audits, and SoA in one local encrypted MCP server",
|
|
24803
24803
|
license: "MIT",
|
|
@@ -33682,12 +33682,26 @@ var date = import_zod.z.string().regex(DATE_RE, "must be YYYY-MM-DD");
|
|
|
33682
33682
|
var uuid = import_zod.z.string().uuid("must be a valid UUID");
|
|
33683
33683
|
var freeText = (max = 2e3) => import_zod.z.string().min(1).max(max);
|
|
33684
33684
|
var shortText = (max = 200) => import_zod.z.string().min(1).max(max);
|
|
33685
|
-
var paginationLimit = import_zod.z.number().int().min(1).max(100).optional().default(50);
|
|
33686
|
-
var paginationOffset = import_zod.z.number().int().min(0).optional().default(0);
|
|
33685
|
+
var paginationLimit = import_zod.z.coerce.number().int().min(1).max(100).optional().default(50);
|
|
33686
|
+
var paginationOffset = import_zod.z.coerce.number().int().min(0).optional().default(0);
|
|
33687
|
+
var coerceBool = import_zod.z.preprocess(
|
|
33688
|
+
(v) => v == null ? void 0 : v === "true" ? true : v === "false" ? false : v,
|
|
33689
|
+
import_zod.z.boolean()
|
|
33690
|
+
);
|
|
33691
|
+
function normEnum(vals) {
|
|
33692
|
+
return import_zod.z.preprocess(
|
|
33693
|
+
(v) => {
|
|
33694
|
+
if (typeof v !== "string") return v;
|
|
33695
|
+
const lo = v.toLowerCase();
|
|
33696
|
+
return vals.find((o) => o.toLowerCase() === lo) ?? v;
|
|
33697
|
+
},
|
|
33698
|
+
import_zod.z.enum(vals)
|
|
33699
|
+
);
|
|
33700
|
+
}
|
|
33687
33701
|
var versionEnum = import_zod.z.enum(["2022", "2013"]);
|
|
33688
33702
|
var formatMarkdownCsvJson = import_zod.z.enum(["markdown", "csv", "json"]);
|
|
33689
33703
|
var riskLevelEnum = import_zod.z.enum(["Low", "Medium", "High", "Critical"]);
|
|
33690
|
-
var likelihood1to5 = import_zod.z.number().int().min(1).max(5);
|
|
33704
|
+
var likelihood1to5 = import_zod.z.coerce.number().int().min(1).max(5);
|
|
33691
33705
|
var roleEnum = import_zod.z.enum(["viewer", "analyst", "admin"]);
|
|
33692
33706
|
var outcomeEnum = import_zod.z.enum(["success", "denied", "error"]);
|
|
33693
33707
|
var controlStatusEnum = import_zod.z.enum([
|
|
@@ -33757,19 +33771,9 @@ var carStatusEnum = import_zod.z.enum([
|
|
|
33757
33771
|
"verified",
|
|
33758
33772
|
"closed"
|
|
33759
33773
|
]);
|
|
33760
|
-
var
|
|
33761
|
-
|
|
33762
|
-
|
|
33763
|
-
"Physical",
|
|
33764
|
-
"Technological"
|
|
33765
|
-
]);
|
|
33766
|
-
var cybersecurityConceptEnum = import_zod.z.enum([
|
|
33767
|
-
"Identify",
|
|
33768
|
-
"Protect",
|
|
33769
|
-
"Detect",
|
|
33770
|
-
"Respond",
|
|
33771
|
-
"Recover"
|
|
33772
|
-
]);
|
|
33774
|
+
var normTheme = normEnum(["Organizational", "People", "Physical", "Technological"]);
|
|
33775
|
+
var normCybersecConcept = normEnum(["Identify", "Protect", "Detect", "Respond", "Recover"]);
|
|
33776
|
+
var normControlType = normEnum(["Preventive", "Detective", "Corrective"]);
|
|
33773
33777
|
var GetControlSchema = import_zod.z.object({
|
|
33774
33778
|
control_id: import_zod.z.string().min(1).max(20),
|
|
33775
33779
|
version: versionEnum.optional()
|
|
@@ -33777,17 +33781,17 @@ var GetControlSchema = import_zod.z.object({
|
|
|
33777
33781
|
var ListControlsSchema = import_zod.z.object({
|
|
33778
33782
|
version: versionEnum.optional(),
|
|
33779
33783
|
theme: import_zod.z.string().max(100).optional(),
|
|
33780
|
-
control_type:
|
|
33781
|
-
new_in_2022:
|
|
33782
|
-
cybersecurity_concept:
|
|
33783
|
-
include_guidance:
|
|
33784
|
+
control_type: normControlType.optional(),
|
|
33785
|
+
new_in_2022: coerceBool.optional(),
|
|
33786
|
+
cybersecurity_concept: normCybersecConcept.optional(),
|
|
33787
|
+
include_guidance: coerceBool.optional().default(false),
|
|
33784
33788
|
limit: paginationLimit,
|
|
33785
33789
|
offset: paginationOffset
|
|
33786
33790
|
});
|
|
33787
33791
|
var SearchControlsSchema = import_zod.z.object({
|
|
33788
33792
|
query: freeText(200),
|
|
33789
33793
|
version: versionEnum.optional(),
|
|
33790
|
-
limit: import_zod.z.number().int().min(1).max(50).optional().default(10),
|
|
33794
|
+
limit: import_zod.z.coerce.number().int().min(1).max(50).optional().default(10),
|
|
33791
33795
|
offset: paginationOffset
|
|
33792
33796
|
});
|
|
33793
33797
|
var GetControlAttributesSchema = import_zod.z.object({
|
|
@@ -33802,7 +33806,7 @@ var CompareVersionsSchema = import_zod.z.object({
|
|
|
33802
33806
|
);
|
|
33803
33807
|
var GetClauseRequirementSchema = import_zod.z.object({
|
|
33804
33808
|
clause_id: import_zod.z.string().min(1).max(10),
|
|
33805
|
-
include_sub_clauses:
|
|
33809
|
+
include_sub_clauses: coerceBool.optional().default(false)
|
|
33806
33810
|
});
|
|
33807
33811
|
var ListClauseRequirementsSchema = import_zod.z.object({
|
|
33808
33812
|
parent_id: import_zod.z.string().max(10).optional()
|
|
@@ -33811,7 +33815,7 @@ var CreateGapAssessmentSchema = import_zod.z.object({
|
|
|
33811
33815
|
name: shortText(200),
|
|
33812
33816
|
scope: freeText(2e3).optional(),
|
|
33813
33817
|
isms_version: versionEnum.optional().default("2022"),
|
|
33814
|
-
themes_in_scope: import_zod.z.array(
|
|
33818
|
+
themes_in_scope: import_zod.z.array(normTheme).optional(),
|
|
33815
33819
|
exclude_controls: import_zod.z.array(import_zod.z.string().max(20)).optional(),
|
|
33816
33820
|
exclude_justification: freeText(1e3).optional()
|
|
33817
33821
|
});
|
|
@@ -33837,7 +33841,7 @@ var ExportGapReportSchema = import_zod.z.object({
|
|
|
33837
33841
|
});
|
|
33838
33842
|
var GenerateRemediationRoadmapSchema = import_zod.z.object({
|
|
33839
33843
|
assessment_id: uuid,
|
|
33840
|
-
timeline_weeks: import_zod.z.number().int().min(1).max(52).optional().default(12)
|
|
33844
|
+
timeline_weeks: import_zod.z.coerce.number().int().min(1).max(52).optional().default(12)
|
|
33841
33845
|
});
|
|
33842
33846
|
var ArchiveGapAssessmentSchema = import_zod.z.object({
|
|
33843
33847
|
assessment_id: uuid,
|
|
@@ -33855,7 +33859,7 @@ var CreateRiskSchema = import_zod.z.object({
|
|
|
33855
33859
|
});
|
|
33856
33860
|
var GetRiskSchema = import_zod.z.object({
|
|
33857
33861
|
risk_id: uuid,
|
|
33858
|
-
include_treatments:
|
|
33862
|
+
include_treatments: coerceBool.optional().default(false)
|
|
33859
33863
|
});
|
|
33860
33864
|
var UpdateRiskSchema = import_zod.z.object({
|
|
33861
33865
|
risk_id: uuid,
|
|
@@ -33907,12 +33911,12 @@ var CreatePolicySchema = import_zod.z.object({
|
|
|
33907
33911
|
// falls back to org profile if omitted
|
|
33908
33912
|
owner: shortText(200),
|
|
33909
33913
|
approver: shortText(200).optional(),
|
|
33910
|
-
review_cycle_months: import_zod.z.number().int().min(1).max(36).optional().default(12),
|
|
33914
|
+
review_cycle_months: import_zod.z.coerce.number().int().min(1).max(36).optional().default(12),
|
|
33911
33915
|
effective_date: date
|
|
33912
33916
|
});
|
|
33913
33917
|
var GetPolicySchema = import_zod.z.object({
|
|
33914
33918
|
policy_id: uuid,
|
|
33915
|
-
include_versions:
|
|
33919
|
+
include_versions: coerceBool.optional().default(false)
|
|
33916
33920
|
});
|
|
33917
33921
|
var UpdatePolicySchema = import_zod.z.object({
|
|
33918
33922
|
policy_id: uuid,
|
|
@@ -33926,7 +33930,7 @@ var ListPoliciesSchema = import_zod.z.object({
|
|
|
33926
33930
|
status: policyStatusEnum.optional(),
|
|
33927
33931
|
type: policyTypeEnum.optional(),
|
|
33928
33932
|
owner: shortText(200).optional(),
|
|
33929
|
-
overdue_only:
|
|
33933
|
+
overdue_only: coerceBool.optional().default(false),
|
|
33930
33934
|
limit: paginationLimit,
|
|
33931
33935
|
offset: paginationOffset
|
|
33932
33936
|
});
|
|
@@ -33937,7 +33941,7 @@ var GenerateSoaSchema = import_zod.z.object({
|
|
|
33937
33941
|
var UpdateSoaEntrySchema = import_zod.z.object({
|
|
33938
33942
|
soa_id: uuid,
|
|
33939
33943
|
control_id: import_zod.z.string().min(1).max(20),
|
|
33940
|
-
included:
|
|
33944
|
+
included: coerceBool,
|
|
33941
33945
|
justification: freeText(1e3),
|
|
33942
33946
|
status: controlStatusEnum.optional(),
|
|
33943
33947
|
responsible_party: shortText(200).optional()
|
|
@@ -33976,7 +33980,7 @@ var UpdateCorrectiveActionSchema = import_zod.z.object({
|
|
|
33976
33980
|
due_date: date.optional(),
|
|
33977
33981
|
status: carStatusEnum.optional(),
|
|
33978
33982
|
root_cause: freeText(2e3).optional(),
|
|
33979
|
-
effectiveness_verified:
|
|
33983
|
+
effectiveness_verified: coerceBool.optional(),
|
|
33980
33984
|
evidence_ref: shortText(200).optional()
|
|
33981
33985
|
});
|
|
33982
33986
|
var GenerateAuditReportSchema = import_zod.z.object({
|
|
@@ -34010,7 +34014,7 @@ var LinkJiraTicketSchema = import_zod.z.object({
|
|
|
34010
34014
|
);
|
|
34011
34015
|
var LinkGithubIssueSchema = import_zod.z.object({
|
|
34012
34016
|
evidence_id: uuid,
|
|
34013
|
-
issue_number: import_zod.z.number().int().positive().optional(),
|
|
34017
|
+
issue_number: import_zod.z.coerce.number().int().positive().optional(),
|
|
34014
34018
|
title: shortText(200).optional(),
|
|
34015
34019
|
body: freeText(2e3).optional()
|
|
34016
34020
|
}).refine(
|
|
@@ -34046,7 +34050,7 @@ var SetOrganizationProfileSchema = import_zod.z.object({
|
|
|
34046
34050
|
isms_manager: shortText(200).optional(),
|
|
34047
34051
|
internal_auditor: shortText(200).optional()
|
|
34048
34052
|
}).optional(),
|
|
34049
|
-
review_cadence_months: import_zod.z.number().int().min(1).max(36).optional().default(12),
|
|
34053
|
+
review_cadence_months: import_zod.z.coerce.number().int().min(1).max(36).optional().default(12),
|
|
34050
34054
|
logo_url: import_zod.z.string().url().max(2e3).optional(),
|
|
34051
34055
|
primary_color: import_zod.z.string().regex(/^#[0-9a-fA-F]{6}$/, "must be 6-digit hex e.g. #1e3a5f").optional(),
|
|
34052
34056
|
document_footer: import_zod.z.string().max(500).optional(),
|
|
@@ -34078,12 +34082,12 @@ var CreateProcedureSchema = import_zod.z.object({
|
|
|
34078
34082
|
approver: shortText(200).optional(),
|
|
34079
34083
|
policy_id: uuid.optional(),
|
|
34080
34084
|
related_controls: import_zod.z.array(import_zod.z.string().max(20)).optional(),
|
|
34081
|
-
review_cycle_months: import_zod.z.number().int().min(1).max(36).optional().default(12),
|
|
34085
|
+
review_cycle_months: import_zod.z.coerce.number().int().min(1).max(36).optional().default(12),
|
|
34082
34086
|
effective_date: date
|
|
34083
34087
|
});
|
|
34084
34088
|
var GetProcedureSchema = import_zod.z.object({
|
|
34085
34089
|
procedure_id: uuid,
|
|
34086
|
-
include_versions:
|
|
34090
|
+
include_versions: coerceBool.optional().default(false)
|
|
34087
34091
|
});
|
|
34088
34092
|
var UpdateProcedureSchema = import_zod.z.object({
|
|
34089
34093
|
procedure_id: uuid,
|
|
@@ -34098,7 +34102,7 @@ var ListProceduresSchema = import_zod.z.object({
|
|
|
34098
34102
|
procedure_type: procedureTypeEnum.optional(),
|
|
34099
34103
|
status: procedureStatusEnum.optional(),
|
|
34100
34104
|
policy_id: uuid.optional(),
|
|
34101
|
-
overdue_only:
|
|
34105
|
+
overdue_only: coerceBool.optional().default(false),
|
|
34102
34106
|
limit: paginationLimit,
|
|
34103
34107
|
offset: paginationOffset
|
|
34104
34108
|
});
|
|
@@ -37517,12 +37521,31 @@ function handleListEvidenceDocuments(args2) {
|
|
|
37517
37521
|
}
|
|
37518
37522
|
|
|
37519
37523
|
// src/tools/index.ts
|
|
37524
|
+
function unwrapFieldSchema(field) {
|
|
37525
|
+
if (field instanceof import_zod2.z.ZodEffects) {
|
|
37526
|
+
return unwrapFieldSchema(field.innerType());
|
|
37527
|
+
}
|
|
37528
|
+
if (field instanceof import_zod2.z.ZodOptional) {
|
|
37529
|
+
return unwrapFieldSchema(field.unwrap()).optional();
|
|
37530
|
+
}
|
|
37531
|
+
if (field instanceof import_zod2.z.ZodDefault) {
|
|
37532
|
+
const inner = unwrapFieldSchema(field.removeDefault());
|
|
37533
|
+
const defValue = field._def.defaultValue();
|
|
37534
|
+
return inner.optional().default(defValue);
|
|
37535
|
+
}
|
|
37536
|
+
return field;
|
|
37537
|
+
}
|
|
37520
37538
|
function extractShape(schema) {
|
|
37521
37539
|
let s = schema;
|
|
37522
37540
|
while (s instanceof import_zod2.z.ZodEffects) {
|
|
37523
37541
|
s = s.innerType();
|
|
37524
37542
|
}
|
|
37525
|
-
|
|
37543
|
+
const rawShape = s.shape;
|
|
37544
|
+
const cleanShape = {};
|
|
37545
|
+
for (const [key, val] of Object.entries(rawShape)) {
|
|
37546
|
+
cleanShape[key] = unwrapFieldSchema(val);
|
|
37547
|
+
}
|
|
37548
|
+
return cleanShape;
|
|
37526
37549
|
}
|
|
37527
37550
|
function ok13(data) {
|
|
37528
37551
|
return {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "iso27001-mcp",
|
|
3
|
-
"version": "0.8.
|
|
3
|
+
"version": "0.8.7",
|
|
4
4
|
"mcpName": "io.github.Sushegaad/iso27001-mcp",
|
|
5
5
|
"description": "ISO 27001 compliance workspace for Claude — controls, risks, policies, evidence, audits, and SoA in one local encrypted MCP server",
|
|
6
6
|
"license": "MIT",
|