npm - itglue-mcp - Versions diffs - 1.2.0 → 1.3.0 - Mend

itglue-mcp 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md +7 -3
package/package.json +1 -1
package/skills/account-review/SKILL.md +18 -0
package/skills/client-onboard/CLAUDE.md +5 -1
package/skills/client-onboard/SKILL.md +10 -0
package/skills/compliance-audit/CLAUDE.md +6 -1
package/skills/compliance-audit/SKILL.md +10 -0
package/skills/find-password/SKILL.md +10 -0
package/skills/incident-response/CLAUDE.md +5 -1
package/skills/incident-response/SKILL.md +10 -0
package/skills/report-generator/CLAUDE.md +7 -0
package/skills/report-generator/SKILL.md +847 -0

package/README.md CHANGED Viewed

@@ -16,8 +16,8 @@ This package connects [Claude Code](https://docs.anthropic.com/en/docs/claude-co
 **What you get:**
 - 19 tools for querying ITGlue data through natural language
-- 5 pre-built Skills that automate common MSP workflows
-- Standalone HTML report generation for QBRs and account reviews
+- 6 pre-built Skills that automate common MSP workflows
+- Standalone HTML report generation for QBRs, security assessments, and asset inventories
 - Security audit logging on every password access
 - Smart caching and rate limiting so you don't hit ITGlue's API limits
@@ -63,7 +63,7 @@ If you see a healthy status, you're all set.
 ## Installing the Skills
-The package ships with **5 Skills** - guided workflows that Claude follows to complete common MSP tasks. Skills are optional but dramatically speed up repetitive work.
+The package ships with **6 Skills** - guided workflows that Claude follows to complete common MSP tasks. Skills are optional but dramatically speed up repetitive work.
 Install them globally (available in every Claude Code session):
@@ -84,6 +84,7 @@ This works on macOS, Linux, and Windows.
 | Skill | What It Does | Time Savings |
 |-------|-------------|-------------|
 | **Account Review** | Generates a standalone HTML report covering asset inventory, credential hygiene, compliance posture, and action items. Aligned with ITIL v4 and NIST standards. Output is ready for ConnectWise tickets or QBR presentations. | 4-8 hrs → 5-10 min |
+| **Report Generator** | Generates professional HTML reports: Security Assessments (NIST CSF + CIS Controls with risk matrix) and Asset Inventories (fleet composition, documentation grade, warranty tracking). CSS-only visualizations, dark mode, print-ready. | 2-6 hrs → 5-15 min |
 | **Find Password** | Finds and retrieves a specific credential using natural language. Handles ambiguous names, multiple matches, and organization lookup automatically. | 5-10 min → <1 min |
 | **Incident Response** | Pulls everything you need during an outage: affected asset details, network interfaces, related systems, credentials, emergency contacts, and relevant docs - all in parallel. | 5-15 min → <2 min |
 | **Compliance Audit** | Runs password rotation checks, asset documentation audits, staleness detection, and data quality scoring. Produces a prioritized findings report. | 4-8 hrs → 5-10 min |
@@ -102,6 +103,9 @@ You: "Get me the WiFi password for Acme Corp"
 You: "Server down at Contoso - pull everything"
      → Activates the Incident Response skill
+You: "Generate a security assessment for Acme Corp"
+     → Activates the Report Generator skill
 ```
 ## Usage Examples

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "itglue-mcp",
-  "version": "1.2.0",
+  "version": "1.3.0",
   "description": "Model Context Protocol server for ITGlue - enables Claude Code to access MSP documentation through natural language queries",
   "main": "dist/index.js",
   "bin": {

package/skills/account-review/SKILL.md CHANGED Viewed

@@ -19,6 +19,24 @@ You are performing a comprehensive Account Review for an MSP-managed client orga
 a standalone HTML report aligned with industry frameworks: ITIL v4, NIST CSF, NIST SP 800-63B, CIS Controls,
 and MSP QBR best practices.
+## IMPORTANT: Tool Discovery
+All ITGlue tools are MCP tools. You MUST use `ToolSearch` to load them before calling them.
+**Before starting, run this ToolSearch query:**
+```
+ToolSearch(query="+itglue", max_results=5)
+```
+This loads the ITGlue MCP tools (prefixed `mcp__itglue__`). Then call them directly as tool calls — do NOT use Bash to invoke the MCP server. For example:
+- `mcp__itglue__itglue_search_organizations` (not bash)
+- `mcp__itglue__itglue_generate_report` (not bash)
+- `mcp__itglue__itglue_compliance_check` (not bash)
+If a tool isn't loaded yet, run another ToolSearch query for it (e.g., `ToolSearch(query="+itglue staleness")`).
+---
 ## Standards Reference
 ### ITIL v4 — Service Review & CMDB Audit

package/skills/client-onboard/CLAUDE.md CHANGED Viewed

@@ -3,5 +3,9 @@
 <!-- This section is auto-generated by claude-mem. Edit content outside the tags. -->
-*No recent activity*
+### Feb 10, 2026
+| ID | Time | T | Title | Read |
+|----|------|---|-------|------|
+| #11296 | 5:50 PM | 🔵 | Report Generation Architecture Analysis for ITGlue MCP Skills | ~495 |
 </claude-mem-context>

package/skills/client-onboard/SKILL.md CHANGED Viewed

@@ -13,6 +13,16 @@ version: 1.0.0
 You are helping an MSP onboard a new client to ITGlue. Follow this systematic workflow to ensure complete, consistent documentation.
+## IMPORTANT: Tool Discovery
+All ITGlue tools are MCP tools. You MUST use `ToolSearch` to load them before calling them.
+**Before starting, run:** `ToolSearch(query="+itglue", max_results=5)`
+This loads the ITGlue MCP tools (prefixed `mcp__itglue__`). Call them directly as tool calls — do NOT use Bash. If a tool isn't loaded yet, run another ToolSearch query for it.
+---
 ## Step 1: Client Discovery
 Gather initial client information:

package/skills/compliance-audit/CLAUDE.md CHANGED Viewed

@@ -3,5 +3,10 @@
 <!-- This section is auto-generated by claude-mem. Edit content outside the tags. -->
-*No recent activity*
+### Feb 10, 2026
+| ID | Time | T | Title | Read |
+|----|------|---|-------|------|
+| #11296 | 5:50 PM | 🔵 | Report Generation Architecture Analysis for ITGlue MCP Skills | ~495 |
+| #11258 | 5:43 PM | ✅ | MCP Tool Discovery Instructions Added to Compliance Audit Skill | ~385 |
 </claude-mem-context>

package/skills/compliance-audit/SKILL.md CHANGED Viewed

@@ -13,6 +13,16 @@ version: 1.0.0
 You are performing a comprehensive compliance audit for an organization's IT documentation.
+## IMPORTANT: Tool Discovery
+All ITGlue tools are MCP tools. You MUST use `ToolSearch` to load them before calling them.
+**Before starting, run:** `ToolSearch(query="+itglue", max_results=5)`
+This loads the ITGlue MCP tools (prefixed `mcp__itglue__`). Call them directly as tool calls — do NOT use Bash. If a tool isn't loaded yet, run another ToolSearch query for it.
+---
 ## Step 1: Identify Scope
 Clarify with user:

package/skills/find-password/SKILL.md CHANGED Viewed

@@ -13,6 +13,16 @@ version: 1.0.0
 You are helping a user find a specific password from ITGlue. Follow this workflow:
+## IMPORTANT: Tool Discovery
+All ITGlue tools are MCP tools. You MUST use `ToolSearch` to load them before calling them.
+**Before starting, run:** `ToolSearch(query="+itglue", max_results=5)`
+This loads the ITGlue MCP tools (prefixed `mcp__itglue__`). Call them directly as tool calls — do NOT use Bash. If a tool isn't loaded yet, run another ToolSearch query for it.
+---
 ## Step 1: Understand the Request
 Parse the user's request to identify:

package/skills/incident-response/CLAUDE.md CHANGED Viewed

@@ -3,5 +3,9 @@
 <!-- This section is auto-generated by claude-mem. Edit content outside the tags. -->
-*No recent activity*
+### Feb 10, 2026
+| ID | Time | T | Title | Read |
+|----|------|---|-------|------|
+| #11296 | 5:50 PM | 🔵 | Report Generation Architecture Analysis for ITGlue MCP Skills | ~495 |
 </claude-mem-context>

package/skills/incident-response/SKILL.md CHANGED Viewed

@@ -13,6 +13,16 @@ version: 1.0.0
 You are helping a user respond to an IT incident/outage. Speed is critical. Gather all relevant information systematically.
+## IMPORTANT: Tool Discovery
+All ITGlue tools are MCP tools. You MUST use `ToolSearch` to load them before calling them.
+**Before starting, run:** `ToolSearch(query="+itglue", max_results=5)`
+This loads the ITGlue MCP tools (prefixed `mcp__itglue__`). Call them directly as tool calls — do NOT use Bash. If a tool isn't loaded yet, run another ToolSearch query for it.
+---
 ## Step 1: Incident Scope Assessment
 Ask clarifying questions if not provided:

package/skills/report-generator/CLAUDE.md ADDED Viewed

@@ -0,0 +1,7 @@
+<claude-mem-context>
+# Recent Activity
+<!-- This section is auto-generated by claude-mem. Edit content outside the tags. -->
+*No recent activity*
+</claude-mem-context>

package/skills/report-generator/SKILL.md ADDED Viewed

@@ -0,0 +1,847 @@
+---
+name: itglue:report-generator
+description: >
+  Use this skill when the user needs to generate a professional HTML report from ITGlue data.
+  Supports multiple report types: security assessments, asset inventories, and more.
+  Trigger examples: "generate security report for Acme", "create asset inventory for client X",
+  "security assessment report", "asset report for Contoso", "generate report for org Y",
+  "build inventory report", "NIST compliance report", "CIS controls assessment"
+  Produces standalone HTML reports with CSS-only visualizations, CVSS severity badges,
+  NIST CSF/CIS Controls alignment, and print-ready layouts. No JavaScript dependencies.
+  Reports are suitable for embedding in ConnectWise/Autotask PSA tickets.
+version: 1.0.0
+---
+# ITGlue Report Generator
+You are generating a professional, standalone HTML report from ITGlue data. This skill supports
+multiple report types — each with its own data requirements, scoring logic, and visual layout.
+## IMPORTANT: Tool Discovery
+All ITGlue tools are MCP tools. You MUST use `ToolSearch` to load them before calling them.
+**Before starting, run:** `ToolSearch(query="+itglue", max_results=5)`
+This loads the ITGlue MCP tools (prefixed `mcp__itglue__`). Call them directly as tool calls — do NOT use Bash. If a tool isn't loaded yet, run another ToolSearch query for it.
+---
+## Step 1: Identify Scope
+Clarify with the user:
+- **Organization name** (required)
+- **Report type** (required — see below):
+  - `security` — Security Assessment (NIST CSF + CIS Controls)
+  - `asset-inventory` — Full Asset Inventory & Lifecycle Report
+- **Additional options** (optional):
+  - Include sensitive metadata? (default: true for security, false for asset-inventory)
+```
+itglue_search_organizations(name="[org name]")
+```
+If multiple matches, ask the user to select. Note the **organization ID**.
+---
+## Step 2: Gather Data
+Execute queries **in parallel** based on report type.
+### For `security` report:
+```
+itglue_generate_report(organization_id="[id]", report_type="full", include_sensitive=true)
+itglue_compliance_check(organization_id="[id]", checks=["passwords", "configurations", "documentation", "warranties"])
+itglue_detect_staleness(organization_id="[id]", thresholds={"passwords_days": 180, "configurations_days": 90, "documents_days": 365})
+itglue_list_passwords(organization_id="[id]", limit=100)
+itglue_list_configurations(organization_id="[id]", limit=100)
+```
+### For `asset-inventory` report:
+```
+itglue_generate_report(organization_id="[id]", report_type="full", include_sensitive=false)
+itglue_list_configurations(organization_id="[id]", limit=100)
+itglue_compliance_check(organization_id="[id]", checks=["configurations", "warranties"])
+itglue_detect_staleness(organization_id="[id]", thresholds={"configurations_days": 90})
+itglue_list_locations(organization_id="[id]")
+```
+---
+## Step 3: Analyze and Score
+### Scoring Algorithms
+#### NIST CSF Posture Score (security report)
+For each of the 5 NIST CSF functions, compute a 0-100 maturity score:
+- **Identify** (Asset Management):
+  - Config completeness: % of configs with serial + manufacturer + model
+  - Asset categorization: % of configs with a type assigned
+  - Score = average of both metrics
+- **Protect** (Access Control):
+  - Credential categorization: % of passwords with a category
+  - Username completeness: % of passwords with username field
+  - Admin credential tracking: are domain admin / firewall creds documented?
+  - Score = weighted average (40% categorization, 30% username, 30% admin tracking)
+- **Detect** (Monitoring):
+  - Staleness detection: inverse of stale config % (fresh = monitored)
+  - Document freshness: % of docs updated in past year
+  - Score = average of both
+- **Respond** (Response Planning):
+  - Contact availability: are emergency contacts documented?
+  - Location accuracy: are locations complete with addresses?
+  - SOP existence: are incident response docs present?
+  - Score = 33% each
+- **Recover** (Recovery Planning):
+  - Backup documentation: are backup configs/docs present?
+  - Warranty coverage: % of active assets with warranty data
+  - Score = average of both
+**Overall NIST CSF Score** = average of 5 function scores
+**Maturity Tiers**:
+- 0-25%: Tier 1 — Partial
+- 25-50%: Tier 2 — Risk Informed
+- 50-75%: Tier 3 — Repeatable
+- 75-100%: Tier 4 — Adaptive
+#### CIS Controls Assessment (security report)
+Evaluate 4 key CIS Controls:
+- **CIS 1 — Enterprise Asset Inventory**: % of configs with complete data (name + type + serial + manufacturer)
+- **CIS 2 — Software Asset Inventory**: presence of software-type configurations or application documentation
+- **CIS 5 — Account Management**: password categorization rate, % with usernames, admin credential documentation
+- **CIS 6 — Access Control**: credential age compliance (% within 180-day review window), infrastructure credential tracking
+Each scored 0-100. Implementation Group assignment:
+- IG1 (Basic): score < 40
+- IG2 (Moderate): score 40-70
+- IG3 (Advanced): score > 70
+#### Risk Matrix (security report)
+Classify findings into a 5x5 grid (Likelihood x Impact):
+| Risk | Criteria | Example |
+|------|----------|---------|
+| Critical (20-25) | Infrastructure creds >365d, 0% asset documentation | Domain admin pw 1000+ days old |
+| High (12-19) | Any credential >180d, missing serials on servers | Server missing serial number |
+| Medium (6-11) | Uncategorized passwords, stale configs >90d | 50 uncategorized credentials |
+| Low (1-5) | Missing notes, cosmetic data gaps | Contact without job title |
+#### Asset Health Metrics (asset-inventory report)
+- **Fleet Composition**: count by type (servers, workstations, network, other)
+- **Active Rate**: active configs / total configs
+- **Documentation Grade**: % with serial + manufacturer + model
+  - A (>90%), B (70-90%), C (50-70%), D (30-50%), F (<30%)
+- **Warranty Coverage**: % of active assets with warranty info
+- **Staleness Rate**: % of configs not updated in 90+ days
+- **Naming Convention Analysis**: detect common patterns (prefixes, domains)
+---
+## Step 4: Generate Standalone HTML
+Generate a self-contained HTML file — **all CSS inlined**, no external dependencies.
+The report must be suitable for:
+- Opening standalone in any browser
+- Embedding in ConnectWise/Autotask ticket HTML body
+- Printing to PDF via browser print dialog
+### Shared CSS Foundation
+Every report uses this base CSS. Copy it exactly into the `<style>` block:
+```css
+/* === CSS Custom Properties (Theme) === */
+:root {
+  /* Surfaces */
+  --bg-primary: #ffffff;
+  --bg-secondary: #f7f8fa;
+  --bg-tertiary: #edf0f4;
+  --bg-card: #ffffff;
+  /* Text */
+  --text-primary: #161616;
+  --text-secondary: #525252;
+  --text-tertiary: #8d8d8d;
+  --text-inverse: #ffffff;
+  /* Borders */
+  --border-light: #e0e0e0;
+  --border-medium: #c6c6c6;
+  /* Brand */
+  --brand-primary: #1a365d;
+  --brand-accent: #2b6cb0;
+  /* Severity — CVSS Standard */
+  --severity-critical: #9B1B30;
+  --severity-high: #DC0000;
+  --severity-medium: #FD8C00;
+  --severity-low: #FDC500;
+  --severity-pass: #00AC46;
+  --severity-info: #3182ce;
+  /* Shadows */
+  --shadow-sm: 0 1px 3px rgba(0,0,0,0.08);
+  --shadow-md: 0 4px 12px rgba(0,0,0,0.1);
+  /* Spacing */
+  --space-xs: 0.25rem;
+  --space-sm: 0.5rem;
+  --space-md: 1rem;
+  --space-lg: 1.5rem;
+  --space-xl: 2rem;
+  --space-2xl: 3rem;
+  /* Radius */
+  --radius-sm: 4px;
+  --radius-md: 8px;
+  --radius-lg: 12px;
+}
+@media (prefers-color-scheme: dark) {
+  :root {
+    --bg-primary: #161616;
+    --bg-secondary: #1e1e1e;
+    --bg-tertiary: #262626;
+    --bg-card: #1e1e1e;
+    --text-primary: #f4f4f4;
+    --text-secondary: #c6c6c6;
+    --text-tertiary: #8d8d8d;
+    --border-light: #393939;
+    --border-medium: #525252;
+    --shadow-sm: 0 1px 3px rgba(0,0,0,0.3);
+    --shadow-md: 0 4px 12px rgba(0,0,0,0.4);
+  }
+}
+/* === Base Reset & Typography === */
+*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
+body {
+  font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
+  font-size: 14px;
+  line-height: 1.6;
+  color: var(--text-primary);
+  background: var(--bg-secondary);
+  -webkit-font-smoothing: antialiased;
+}
+.report-container {
+  max-width: 1100px;
+  margin: 0 auto;
+  padding: var(--space-xl);
+}
+h1 { font-size: 1.75rem; font-weight: 700; color: var(--brand-primary); margin-bottom: var(--space-sm); }
+h2 { font-size: 1.25rem; font-weight: 600; color: var(--text-primary); margin: var(--space-2xl) 0 var(--space-md); padding-bottom: var(--space-sm); border-bottom: 2px solid var(--border-light); }
+h3 { font-size: 1rem; font-weight: 600; color: var(--text-secondary); margin: var(--space-lg) 0 var(--space-sm); }
+/* === Card Component === */
+.card {
+  background: var(--bg-card);
+  border: 1px solid var(--border-light);
+  border-radius: var(--radius-md);
+  padding: var(--space-lg);
+  box-shadow: var(--shadow-sm);
+  margin-bottom: var(--space-md);
+}
+/* === Grid Layouts === */
+.grid-2 { display: grid; grid-template-columns: repeat(auto-fit, minmax(280px, 1fr)); gap: var(--space-md); }
+.grid-3 { display: grid; grid-template-columns: repeat(auto-fit, minmax(220px, 1fr)); gap: var(--space-md); }
+.grid-4 { display: grid; grid-template-columns: repeat(auto-fit, minmax(180px, 1fr)); gap: var(--space-md); }
+.grid-5 { display: grid; grid-template-columns: repeat(auto-fit, minmax(160px, 1fr)); gap: var(--space-md); }
+.grid-6 { display: grid; grid-template-columns: repeat(auto-fit, minmax(140px, 1fr)); gap: var(--space-md); }
+/* === KPI Score Card === */
+.kpi-card {
+  background: var(--bg-card);
+  border: 1px solid var(--border-light);
+  border-radius: var(--radius-md);
+  padding: var(--space-lg);
+  text-align: center;
+  box-shadow: var(--shadow-sm);
+}
+.kpi-card .kpi-value {
+  font-size: 2rem;
+  font-weight: 700;
+  line-height: 1.2;
+}
+.kpi-card .kpi-label {
+  font-size: 0.75rem;
+  font-weight: 600;
+  text-transform: uppercase;
+  letter-spacing: 0.05em;
+  color: var(--text-tertiary);
+  margin-top: var(--space-xs);
+}
+/* === Severity Badges === */
+.badge {
+  display: inline-block;
+  padding: 2px 10px;
+  border-radius: 12px;
+  font-size: 0.7rem;
+  font-weight: 700;
+  text-transform: uppercase;
+  letter-spacing: 0.04em;
+}
+.badge-critical { background: var(--severity-critical); color: #fff; }
+.badge-high     { background: var(--severity-high); color: #fff; }
+.badge-medium   { background: var(--severity-medium); color: #fff; }
+.badge-low      { background: var(--severity-low); color: #1a1a1a; }
+.badge-pass     { background: var(--severity-pass); color: #fff; }
+.badge-info     { background: var(--severity-info); color: #fff; }
+/* === Progress Bar === */
+.progress-bar {
+  background: var(--bg-tertiary);
+  border-radius: 6px;
+  height: 10px;
+  overflow: hidden;
+  margin: var(--space-xs) 0;
+}
+.progress-bar .fill {
+  height: 100%;
+  border-radius: 6px;
+  transition: width 0.3s;
+}
+.fill-critical { background: var(--severity-critical); }
+.fill-high     { background: var(--severity-high); }
+.fill-medium   { background: var(--severity-medium); }
+.fill-low      { background: var(--severity-low); }
+.fill-pass     { background: var(--severity-pass); }
+.fill-info     { background: var(--severity-info); }
+.fill-brand    { background: var(--brand-accent); }
+/* === Donut Chart (CSS conic-gradient) === */
+.donut-chart {
+  width: 120px;
+  height: 120px;
+  border-radius: 50%;
+  position: relative;
+  margin: 0 auto;
+}
+.donut-chart::before {
+  content: '';
+  position: absolute;
+  top: 25%;
+  left: 25%;
+  width: 50%;
+  height: 50%;
+  border-radius: 50%;
+  background: var(--bg-card);
+}
+.donut-label {
+  position: absolute;
+  top: 50%;
+  left: 50%;
+  transform: translate(-50%, -50%);
+  font-size: 1.25rem;
+  font-weight: 700;
+  z-index: 1;
+}
+/* === Bar Chart (CSS Grid) === */
+.bar-chart {
+  display: flex;
+  align-items: flex-end;
+  gap: var(--space-sm);
+  height: 160px;
+  padding: var(--space-md) 0;
+  border-bottom: 2px solid var(--border-light);
+}
+.bar-chart .bar {
+  flex: 1;
+  min-width: 40px;
+  background: var(--brand-accent);
+  border-radius: var(--radius-sm) var(--radius-sm) 0 0;
+  position: relative;
+  display: flex;
+  align-items: flex-start;
+  justify-content: center;
+}
+.bar-chart .bar-value {
+  position: absolute;
+  top: -20px;
+  font-size: 0.75rem;
+  font-weight: 700;
+  color: var(--text-primary);
+}
+.bar-chart .bar-label {
+  position: absolute;
+  bottom: -22px;
+  font-size: 0.65rem;
+  color: var(--text-secondary);
+  text-align: center;
+  white-space: nowrap;
+}
+/* === Radial Gauge (conic-gradient score) === */
+.gauge {
+  width: 100px;
+  height: 100px;
+  border-radius: 50%;
+  position: relative;
+  margin: 0 auto var(--space-sm);
+}
+.gauge::before {
+  content: '';
+  position: absolute;
+  top: 20%;
+  left: 20%;
+  width: 60%;
+  height: 60%;
+  border-radius: 50%;
+  background: var(--bg-card);
+}
+.gauge-label {
+  position: absolute;
+  top: 50%;
+  left: 50%;
+  transform: translate(-50%, -50%);
+  font-size: 1rem;
+  font-weight: 700;
+  z-index: 1;
+}
+/* === Tables === */
+table {
+  width: 100%;
+  border-collapse: collapse;
+  font-size: 0.85rem;
+  margin: var(--space-md) 0;
+}
+thead th {
+  background: var(--bg-tertiary);
+  padding: 10px 12px;
+  text-align: left;
+  font-weight: 600;
+  font-size: 0.75rem;
+  text-transform: uppercase;
+  letter-spacing: 0.04em;
+  color: var(--text-secondary);
+  border-bottom: 2px solid var(--border-medium);
+  position: sticky;
+  top: 0;
+}
+tbody td {
+  padding: 8px 12px;
+  border-bottom: 1px solid var(--border-light);
+  vertical-align: top;
+}
+tbody tr:nth-child(even) { background: var(--bg-secondary); }
+tbody tr:hover { background: var(--bg-tertiary); }
+/* === Risk Matrix (5x5) === */
+.risk-matrix {
+  display: grid;
+  grid-template-columns: auto repeat(5, 1fr);
+  grid-template-rows: repeat(5, 48px) auto;
+  gap: 2px;
+  max-width: 500px;
+  margin: var(--space-md) auto;
+  font-size: 0.7rem;
+  text-align: center;
+}
+.risk-matrix .rm-cell {
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  border-radius: var(--radius-sm);
+  font-weight: 600;
+  color: #fff;
+}
+.rm-critical { background: var(--severity-critical); }
+.rm-high     { background: var(--severity-high); }
+.rm-medium   { background: var(--severity-medium); }
+.rm-low      { background: #a8d08d; color: #1a1a1a; }
+.rm-label    { font-weight: 600; color: var(--text-secondary); display: flex; align-items: center; justify-content: center; font-size: 0.65rem; }
+/* === Summary Boxes === */
+.summary-critical { border-left: 4px solid var(--severity-critical); background: #fef2f2; }
+.summary-warning  { border-left: 4px solid var(--severity-medium); background: #fff8f0; }
+.summary-success  { border-left: 4px solid var(--severity-pass); background: #f0fdf4; }
+@media (prefers-color-scheme: dark) {
+  .summary-critical { background: #2d1215; }
+  .summary-warning  { background: #2d2010; }
+  .summary-success  { background: #0d2818; }
+}
+/* === Header === */
+.report-header {
+  background: var(--brand-primary);
+  color: #fff;
+  padding: var(--space-xl) var(--space-2xl);
+  border-radius: var(--radius-lg);
+  margin-bottom: var(--space-xl);
+}
+.report-header h1 { color: #fff; margin: 0; }
+.report-header .subtitle { opacity: 0.85; font-size: 0.9rem; margin-top: var(--space-xs); }
+.report-header .meta { opacity: 0.7; font-size: 0.75rem; margin-top: var(--space-sm); }
+/* === Footer === */
+.report-footer {
+  text-align: center;
+  padding: var(--space-xl) 0;
+  margin-top: var(--space-2xl);
+  border-top: 1px solid var(--border-light);
+  font-size: 0.75rem;
+  color: var(--text-tertiary);
+}
+/* === Print Styles === */
+@media print {
+  body { background: #fff; font-size: 11pt; }
+  .report-container { max-width: 100%; padding: 0; }
+  .report-header { break-after: avoid; }
+  .card, table, .bar-chart { break-inside: avoid; }
+  h2 { break-after: avoid; }
+  .no-print { display: none; }
+  thead th { background: #f0f0f0 !important; -webkit-print-color-adjust: exact; print-color-adjust: exact; }
+  tbody tr:nth-child(even) { background: #f8f8f8 !important; -webkit-print-color-adjust: exact; print-color-adjust: exact; }
+  .badge, .fill-critical, .fill-high, .fill-medium, .fill-low, .fill-pass, .fill-info, .fill-brand,
+  .badge-critical, .badge-high, .badge-medium, .badge-low, .badge-pass, .badge-info,
+  .rm-critical, .rm-high, .rm-medium, .rm-low,
+  .summary-critical, .summary-warning, .summary-success,
+  .gauge, .donut-chart, .report-header {
+    -webkit-print-color-adjust: exact;
+    print-color-adjust: exact;
+  }
+}
+```
+---
+## Report Type: `security` — Security Assessment Report
+### Required Sections
+#### 1. Header
+- Organization name, type, ITGlue ID
+- Report type: "Security Assessment"
+- Standards reference: "Aligned with NIST CSF 2.0, CIS Controls v8, NIST SP 800-63B Rev 4"
+- Report generation timestamp
+- "Built for Productivity by sully" branding
+#### 2. Executive Summary (3 color-coded boxes)
+- **Critical Findings** (red `summary-critical`): Top 3-5 most severe security issues. Lead with infrastructure credential risks and compliance gaps.
+- **Recommendations** (amber `summary-warning`): Prioritized remediation steps with specific asset/credential names.
+- **Strengths** (green `summary-success`): What's well-documented. Acknowledge strong areas.
+#### 3. NIST CSF Posture Dashboard
+Display 5 radial gauges in a `grid-5` layout, one per NIST function:
+- Identify, Protect, Detect, Respond, Recover
+- Each gauge uses `conic-gradient`:
+  - Score portion colored by severity (pass/low/medium/high/critical based on %)
+  - Remaining portion `var(--bg-tertiary)`
+- Below gauges: **Overall Maturity Tier** (Tier 1-4) with description
+- Below tier: text explaining what each score means
+Gauge color thresholds:
+- 75-100%: `var(--severity-pass)` (green)
+- 50-74%: `var(--severity-medium)` (orange)
+- 25-49%: `var(--severity-high)` (red)
+- 0-24%: `var(--severity-critical)` (dark red)
+#### 4. CIS Controls Assessment
+For each of the 4 assessed controls (CIS 1, 2, 5, 6):
+- **Score** with progress bar
+- **Implementation Group** badge (IG1/IG2/IG3)
+- **Key findings** for that control
+- **Specific gaps** with affected item counts
+Layout: `grid-2` with a card per control.
+#### 5. Risk Matrix
+Render a 5x5 grid with:
+- Y-axis: Likelihood (Almost Certain → Rare, top to bottom)
+- X-axis: Impact (Negligible → Catastrophic, left to right)
+- Color cells: Critical (dark red), High (red), Medium (orange), Low (green)
+- Below the matrix: table of actual findings mapped to their risk position
+```html
+<!-- Risk Matrix HTML Pattern -->
+<div class="risk-matrix">
+  <!-- Y-axis labels (left column) -->
+  <div class="rm-label">Almost Certain</div>
+  <div class="rm-cell rm-medium">5</div><div class="rm-cell rm-high">10</div><div class="rm-cell rm-high">15</div><div class="rm-cell rm-critical">20</div><div class="rm-cell rm-critical">25</div>
+  <div class="rm-label">Likely</div>
+  <div class="rm-cell rm-low">4</div><div class="rm-cell rm-medium">8</div><div class="rm-cell rm-high">12</div><div class="rm-cell rm-high">16</div><div class="rm-cell rm-critical">20</div>
+  <div class="rm-label">Possible</div>
+  <div class="rm-cell rm-low">3</div><div class="rm-cell rm-medium">6</div><div class="rm-cell rm-medium">9</div><div class="rm-cell rm-high">12</div><div class="rm-cell rm-high">15</div>
+  <div class="rm-label">Unlikely</div>
+  <div class="rm-cell rm-low">2</div><div class="rm-cell rm-low">4</div><div class="rm-cell rm-medium">6</div><div class="rm-cell rm-medium">8</div><div class="rm-cell rm-high">10</div>
+  <div class="rm-label">Rare</div>
+  <div class="rm-cell rm-low">1</div><div class="rm-cell rm-low">2</div><div class="rm-cell rm-low">3</div><div class="rm-cell rm-low">4</div><div class="rm-cell rm-medium">5</div>
+  <!-- X-axis labels (bottom row) -->
+  <div class="rm-label"></div>
+  <div class="rm-label">Negligible</div><div class="rm-label">Minor</div><div class="rm-label">Moderate</div><div class="rm-label">Major</div><div class="rm-label">Catastrophic</div>
+</div>
+```
+#### 6. Credential Security Analysis
+- **Stale Credentials Table**: Top 15 most critical stale passwords with name, category, days since update, severity badge
+  - Critical: infrastructure creds (domain admin, firewall, RADIUS) >365 days
+  - High: any credential >180 days
+  - Medium: >90 days for admin-class credentials
+- **Password Categorization**: donut chart showing categorized vs uncategorized split
+- **Credential Distribution**: bar chart by category (Network, Server, Cloud, Application, etc.)
+- **Username Completeness**: progress bar showing % with username documented
+- **NIST SP 800-63B Note**: "Per NIST SP 800-63B Rev 4, time-based mandatory rotation is no longer recommended. Credentials flagged here are for review, not automatic rotation. Change only upon evidence of compromise."
+#### 7. Configuration Security Posture
+- **Documentation Gaps Summary**: cards showing counts of missing serial numbers, missing manufacturer, missing model
+- **Active vs Inactive Assets**: donut chart with active/inactive/decommissioned split
+- **Stale Configurations**: count and % of configs not updated in 90+ days
+- **Root Cause Analysis**: if >80% configs stale, note possible RMM sync failure
+#### 8. Compliance Findings Table
+Full table of all compliance findings with columns:
+- #, Finding, Severity (badge), Category, Affected Items, Framework Reference
+- Sort by severity (Critical first)
+- Framework reference maps to NIST CSF function or CIS Control number
+#### 9. Remediation Roadmap
+Prioritized action plan in 3 tiers:
+**Immediate (0-7 days)**: Critical and high-severity findings
+**Short-term (7-30 days)**: Medium-severity findings
+**Long-term (30-90 days)**: Low-severity and continuous improvement
+Each action item: numbered, specific description, priority badge, framework reference.
+#### 10. Footer
+- "Built for Productivity by sully"
+- Generation timestamp, ITGlue MCP version reference
+- Disclaimer: "This report contains metadata only. No password values are included."
+---
+## Report Type: `asset-inventory` — Asset Inventory & Lifecycle Report
+### Required Sections
+#### 1. Header
+- Organization name, type, ITGlue ID
+- Report type: "Asset Inventory & Lifecycle Report"
+- Report generation timestamp
+- "Built for Productivity by sully" branding
+#### 2. Fleet Summary KPIs
+`grid-6` layout with KPI cards:
+- Total Assets
+- Active Assets
+- Inactive Assets
+- Servers
+- Workstations
+- Network Devices
+#### 3. Asset Composition
+- **Bar chart**: count by configuration type (servers, workstations, switches, firewalls, APs, printers, other)
+- **Donut chart**: active vs inactive split
+- Each bar colored by `var(--brand-accent)`, with value labels
+#### 4. Documentation Grade
+Overall documentation grade (A-F) displayed prominently:
+- A (>90%): All fields complete — exemplary documentation
+- B (70-90%): Most fields complete — good standing
+- C (50-70%): Significant gaps — needs attention
+- D (30-50%): Major gaps — remediation required
+- F (<30%): Documentation critically incomplete
+Breakdown progress bars:
+- Serial Number coverage: X%
+- Manufacturer coverage: X%
+- Model coverage: X%
+- Type assignment: X%
+- Notes/description: X%
+#### 5. Server Inventory
+Full table of all server-type configurations:
+- Name, Manufacturer, Model, Serial Number, Status, Last Updated
+- Missing fields highlighted with `badge-medium` "Missing" badge
+- Sorted by name
+#### 6. Workstation Fleet
+- **Summary stats**: total, active, inactive, naming convention detected
+- **Table**: Name, Serial, Status, Last Updated (truncate to first 25, note remaining count)
+- **Naming Convention Analysis**: detect common prefixes/patterns, note outliers
+#### 7. Network Infrastructure
+Table of all network devices (firewalls, switches, APs, routers):
+- Name, Type, Manufacturer, Model, Serial, Status
+- Flag any network device missing manufacturer or serial (these are critical for warranty/support)
+#### 8. Asset Staleness Analysis
+- **Staleness donut chart**: fresh (<90d) vs stale (90-180d) vs very stale (>180d)
+- **Staleness by type**: bar chart showing stale % per configuration type
+- **Most Stale Assets table**: top 10 by days since last update
+#### 9. Warranty & Lifecycle (if data available)
+- Assets with warranty data: count and %
+- Expiring soon (<90 days): list
+- Expired: list
+- No warranty data: count
+- If no warranty data exists at all, note this as a gap and recommend tracking
+#### 10. Location Distribution
+If locations available:
+- Card per location showing asset count at each
+- Flag locations with 0 documented assets (potential gap)
+#### 11. Recommendations
+Prioritized action items for improving asset documentation:
+- Missing serial numbers (by asset type)
+- Missing manufacturer/model
+- Stale assets needing review
+- Warranty tracking gaps
+- Documentation grade improvement path (current grade → target grade with specific actions)
+#### 12. Footer
+- "Built for Productivity by sully"
+- Generation timestamp
+- Total assets in scope
+---
+## Step 5: Save the Report
+Save the HTML file to the `reports/` directory:
+```
+Write to: reports/[org-short-name]-[report-type].html
+```
+Examples:
+- `reports/acme-corp-security.html`
+- `reports/contoso-asset-inventory.html`
+Use lowercase, hyphenated organization name. If the org has a short_name in ITGlue, prefer that.
+Inform the user the file can be:
+1. Opened in any browser
+2. Embedded in a ConnectWise/Autotask ticket HTML body
+3. Printed to PDF via browser print dialog (Ctrl+P / Cmd+P)
+## Step 6: Summarize Findings
+Present a concise summary after generating:
+```markdown
+## Report Generated: [Report Type] — [Organization Name]
+**Report**: reports/[filename].html ([size]KB)
+**Type**: [Security Assessment / Asset Inventory]
+### Key Metrics
+| Metric | Value | Status |
+|--------|-------|--------|
+| [metric 1] | X | [badge] |
+| [metric 2] | Y | [badge] |
+| ... | ... | ... |
+### Top 3 Findings
+1. [Most critical finding]
+2. [Second most critical]
+3. [Third most critical]
+### Recommended Next Steps
+1. [First action]
+2. [Second action]
+3. [Third action]
+```
+---
+## Example Workflows
+### Security Assessment
+```
+User: "Generate a security report for QC Graphics"
+1. ToolSearch(query="+itglue", max_results=5)
+2. itglue_search_organizations(name="QC Graphics")
+   → ID: 5717181
+3. [Parallel - 5 queries:]
+   a. itglue_generate_report(organization_id="5717181", report_type="full", include_sensitive=true)
+   b. itglue_compliance_check(organization_id="5717181", checks=["passwords","configurations","documentation","warranties"])
+   c. itglue_detect_staleness(organization_id="5717181", thresholds={"passwords_days":180,"configurations_days":90,"documents_days":365})
+   d. itglue_list_passwords(organization_id="5717181", limit=100)
+   e. itglue_list_configurations(organization_id="5717181", limit=100)
+4. Compute: NIST CSF scores, CIS Controls assessment, risk matrix, credential analysis
+5. Generate HTML → reports/qcg-security.html
+6. Present summary with NIST maturity tier + top 3 findings
+```
+### Asset Inventory
+```
+User: "Create an asset inventory for Crebrid"
+1. ToolSearch(query="+itglue", max_results=5)
+2. itglue_search_organizations(name="Crebrid")
+   → ID: 5717166, Short Name: Wildcat Lending
+3. [Parallel - 5 queries:]
+   a. itglue_generate_report(organization_id="5717166", report_type="full", include_sensitive=false)
+   b. itglue_list_configurations(organization_id="5717166", limit=100)
+   c. itglue_compliance_check(organization_id="5717166", checks=["configurations","warranties"])
+   d. itglue_detect_staleness(organization_id="5717166", thresholds={"configurations_days":90})
+   e. itglue_list_locations(organization_id="5717166")
+4. Compute: fleet composition, documentation grade, staleness analysis, warranty coverage
+5. Generate HTML → reports/wildcat-lending-asset-inventory.html
+6. Present summary with documentation grade + fleet stats
+```
+---
+## Design Quality Standards
+- **File size target**: <50KB per report
+- **Zero JavaScript**: all visualizations CSS-only
+- **Zero external dependencies**: no CDN links, no Google Fonts, no external images
+- **WCAG AA**: 4.5:1 contrast ratios on all text, semantic HTML, ARIA labels on charts
+- **Responsive**: works on desktop (1100px) and mobile (320px+)
+- **Print-ready**: @media print styles with page-break controls
+- **Dark mode**: automatic via `prefers-color-scheme` CSS custom property overrides
+- **Professional tone**: enterprise-quality typography, spacing, and color usage
+## Error Handling
+- **Organization not found**: Try partial name search. If still ambiguous, list matches and ask user.
+- **Missing data sections**: Render the section with "No data available" message instead of omitting it.
+- **Large orgs (>100 configs)**: Note "Results limited to first 100 items" in report. Suggest filtered follow-up queries.
+- **API errors**: Report which data source failed, generate report with available data, note gaps.
+## Success Metrics
+- **Traditional manual report**: 2-6 hours depending on type
+- **With this skill**: 5-15 minutes automated
+- **Time savings**: 80-90% reduction
+- **Consistency**: Standardized sections ensure no critical areas missed across clients