icdev 1.0.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- icdev/__init__.py +18 -0
- icdev/_paths.py +85 -0
- icdev/_version.py +3 -0
- icdev/data/__init__.py +1 -0
- icdev/data/args/__init__.py +1 -0
- icdev/data/args/agent_authority.yaml +61 -0
- icdev/data/args/agent_config.yaml +355 -0
- icdev/data/args/agentic_fitness.yaml +31 -0
- icdev/data/args/ai_governance_config.yaml +137 -0
- icdev/data/args/atlas_critique_config.yaml +66 -0
- icdev/data/args/bedrock_models.yaml +63 -0
- icdev/data/args/cicd_config.yaml +82 -0
- icdev/data/args/classification_config.yaml +232 -0
- icdev/data/args/cli_config.yaml +154 -0
- icdev/data/args/cloud_config.yaml +63 -0
- icdev/data/args/code_pattern_config.yaml +151 -0
- icdev/data/args/code_quality_config.yaml +47 -0
- icdev/data/args/companion_registry.yaml +202 -0
- icdev/data/args/context_config.yaml +82 -0
- icdev/data/args/csp_monitor_config.yaml +268 -0
- icdev/data/args/cui_markings.yaml +35 -0
- icdev/data/args/db_config.yaml +40 -0
- icdev/data/args/deployment_profiles.yaml +248 -0
- icdev/data/args/dev_profile_config.yaml +144 -0
- icdev/data/args/devsecops_config.yaml +286 -0
- icdev/data/args/endpoint_security_config.yaml +137 -0
- icdev/data/args/extension_config.yaml +79 -0
- icdev/data/args/file_access_tiers.yaml +88 -0
- icdev/data/args/framework_registry.yaml +415 -0
- icdev/data/args/innovation_config.yaml +431 -0
- icdev/data/args/installation_manifest.yaml +1087 -0
- icdev/data/args/llm_config.yaml +495 -0
- icdev/data/args/maintenance_config.yaml +55 -0
- icdev/data/args/memory_config.yaml +83 -0
- icdev/data/args/monitoring_config.yaml +127 -0
- icdev/data/args/mosa_config.yaml +190 -0
- icdev/data/args/nlq_config.yaml +35 -0
- icdev/data/args/observability_config.yaml +39 -0
- icdev/data/args/observability_tracing_config.yaml +170 -0
- icdev/data/args/oscal_tools_config.yaml +43 -0
- icdev/data/args/owasp_agentic_config.yaml +171 -0
- icdev/data/args/phase_registry.yaml +618 -0
- icdev/data/args/project_defaults.yaml +235 -0
- icdev/data/args/prompt_chains.yaml +163 -0
- icdev/data/args/resilience_config.yaml +50 -0
- icdev/data/args/ricoas_config.yaml +191 -0
- icdev/data/args/role_personas.yaml +362 -0
- icdev/data/args/scaling_config.yaml +176 -0
- icdev/data/args/security_gates.yaml +685 -0
- icdev/data/args/skill_injection_config.yaml +322 -0
- icdev/data/args/spec_config.yaml +53 -0
- icdev/data/args/supply_chain_config.yaml +76 -0
- icdev/data/args/translation_config.yaml +228 -0
- icdev/data/args/workflow_templates/ato_acceleration.yaml +54 -0
- icdev/data/args/workflow_templates/build_deploy.yaml +63 -0
- icdev/data/args/workflow_templates/full_compliance.yaml +43 -0
- icdev/data/args/workflow_templates/security_hardening.yaml +55 -0
- icdev/data/args/worktree_config.yaml +34 -0
- icdev/data/args/zta_config.yaml +247 -0
- icdev/data/context/__init__.py +1 -0
- icdev/data/context/agent/__init__.py +1 -0
- icdev/data/context/agent/response_schemas/__init__.py +1 -0
- icdev/data/context/agent/response_schemas/debate_position.json +46 -0
- icdev/data/context/agent/response_schemas/fitness_scorecard.json +74 -0
- icdev/data/context/agent/response_schemas/review_decision.json +39 -0
- icdev/data/context/agent/response_schemas/task_decomposition.json +82 -0
- icdev/data/context/agent/response_schemas/veto_decision.json +40 -0
- icdev/data/context/agentic/__init__.py +1 -0
- icdev/data/context/agentic/architecture_patterns.md +269 -0
- icdev/data/context/agentic/capability_registry.yaml +202 -0
- icdev/data/context/agentic/csp_mcp_registry.yaml +280 -0
- icdev/data/context/agentic/fitness_rubric.md +56 -0
- icdev/data/context/agentic/governance_baseline.md +205 -0
- icdev/data/context/ci/__init__.py +1 -0
- icdev/data/context/ci/worktree_templates.json +44 -0
- icdev/data/context/cloud/__init__.py +1 -0
- icdev/data/context/cloud/csp_service_registry.json +739 -0
- icdev/data/context/compliance/__init__.py +1 -0
- icdev/data/context/compliance/atlas_mitigations.json +293 -0
- icdev/data/context/compliance/atlas_techniques.json +833 -0
- icdev/data/context/compliance/cisa_sbd_requirements.json +432 -0
- icdev/data/context/compliance/cjis_security_policy.json +522 -0
- icdev/data/context/compliance/cmmc_practices.json +2494 -0
- icdev/data/context/compliance/cmmc_report_template.md +142 -0
- icdev/data/context/compliance/cnssi_1253_overlay.json +109 -0
- icdev/data/context/compliance/control_crosswalk.json +1914 -0
- icdev/data/context/compliance/control_families/__init__.py +1 -0
- icdev/data/context/compliance/csp_certifications.json +251 -0
- icdev/data/context/compliance/cssp_report_template.md +193 -0
- icdev/data/context/compliance/cui_templates/__init__.py +1 -0
- icdev/data/context/compliance/cui_templates/banner_block.txt +4 -0
- icdev/data/context/compliance/cui_templates/code_header.txt +8 -0
- icdev/data/context/compliance/cui_templates/document_template.md +35 -0
- icdev/data/context/compliance/data_type_framework_map.json +321 -0
- icdev/data/context/compliance/data_type_registry.json +147 -0
- icdev/data/context/compliance/dod_cssp_8530.json +463 -0
- icdev/data/context/compliance/eu_ai_act_annex_iii.json +108 -0
- icdev/data/context/compliance/export_templates/__init__.py +1 -0
- icdev/data/context/compliance/export_templates/emass_controls.csv.j2 +4 -0
- icdev/data/context/compliance/export_templates/evidence_package.md.j2 +39 -0
- icdev/data/context/compliance/export_templates/executive_summary.md.j2 +55 -0
- icdev/data/context/compliance/export_templates/poam_tracking.csv.j2 +4 -0
- icdev/data/context/compliance/fedramp_20x_ksi_schemas.json +133 -0
- icdev/data/context/compliance/fedramp_high_baseline.json +4370 -0
- icdev/data/context/compliance/fedramp_moderate_baseline.json +2183 -0
- icdev/data/context/compliance/fedramp_report_template.md +181 -0
- icdev/data/context/compliance/fips_200_areas.json +362 -0
- icdev/data/context/compliance/gao_ai_accountability.json +262 -0
- icdev/data/context/compliance/hipaa_security_rule.json +720 -0
- icdev/data/context/compliance/hitrust_csf_v11.json +930 -0
- icdev/data/context/compliance/impact_level_profiles.json +251 -0
- icdev/data/context/compliance/incident_response_template.md +1110 -0
- icdev/data/context/compliance/iso27001_2022_controls.json +750 -0
- icdev/data/context/compliance/iso27001_nist_bridge.json +382 -0
- icdev/data/context/compliance/iso42001_controls.json +254 -0
- icdev/data/context/compliance/ivv_checklist_template.md +80 -0
- icdev/data/context/compliance/ivv_report_template.md +116 -0
- icdev/data/context/compliance/ivv_requirements.json +372 -0
- icdev/data/context/compliance/mosa_crosswalk.json +327 -0
- icdev/data/context/compliance/mosa_framework.json +250 -0
- icdev/data/context/compliance/narrative_templates/AC.md.j2 +101 -0
- icdev/data/context/compliance/narrative_templates/AU.md.j2 +106 -0
- icdev/data/context/compliance/narrative_templates/IA.md.j2 +104 -0
- icdev/data/context/compliance/narrative_templates/SC.md.j2 +102 -0
- icdev/data/context/compliance/narrative_templates/SI.md.j2 +111 -0
- icdev/data/context/compliance/narrative_templates/__init__.py +1 -0
- icdev/data/context/compliance/narrative_templates/default.md.j2 +50 -0
- icdev/data/context/compliance/narrative_templates/executive_summary.j2 +27 -0
- icdev/data/context/compliance/narrative_templates/poam_milestone.j2 +19 -0
- icdev/data/context/compliance/narrative_templates/ssp_section.j2 +11 -0
- icdev/data/context/compliance/nist_800_171_controls.json +1552 -0
- icdev/data/context/compliance/nist_800_207_crosswalk.json +399 -0
- icdev/data/context/compliance/nist_800_207_zta.json +258 -0
- icdev/data/context/compliance/nist_800_53.json +324 -0
- icdev/data/context/compliance/nist_ai_600_1_genai.json +326 -0
- icdev/data/context/compliance/nist_ai_rmf.json +206 -0
- icdev/data/context/compliance/nist_sp_800_60_types.json +1667 -0
- icdev/data/context/compliance/omb_m25_21_high_impact_ai.json +248 -0
- icdev/data/context/compliance/omb_m26_04_unbiased_ai.json +262 -0
- icdev/data/context/compliance/owasp_agentic_asi.json +133 -0
- icdev/data/context/compliance/owasp_agentic_threats.json +285 -0
- icdev/data/context/compliance/owasp_llm_top10.json +274 -0
- icdev/data/context/compliance/pci_dss_v4.json +510 -0
- icdev/data/context/compliance/poam_template.md +117 -0
- icdev/data/context/compliance/safeai_controls.json +512 -0
- icdev/data/context/compliance/sbd_report_template.md +77 -0
- icdev/data/context/compliance/siem_config_templates/__init__.py +1 -0
- icdev/data/context/compliance/siem_config_templates/filebeat.yml +213 -0
- icdev/data/context/compliance/siem_config_templates/log_sources.json +208 -0
- icdev/data/context/compliance/soc2_trust_criteria.json +661 -0
- icdev/data/context/compliance/ssp_template.md +432 -0
- icdev/data/context/compliance/stig_templates/__init__.py +1 -0
- icdev/data/context/compliance/stig_templates/webapp_stig.json +139 -0
- icdev/data/context/compliance/xai_requirements.json +108 -0
- icdev/data/context/dashboard/__init__.py +1 -0
- icdev/data/context/dashboard/nlq_examples.json +50 -0
- icdev/data/context/dashboard/schema_descriptions.json +23 -0
- icdev/data/context/integration/__init__.py +1 -0
- icdev/data/context/integration/approval_workflows.json +32 -0
- icdev/data/context/integration/gitlab_field_mappings.json +33 -0
- icdev/data/context/integration/jira_field_mappings.json +32 -0
- icdev/data/context/integration/reqif_export_schema.json +23 -0
- icdev/data/context/integration/servicenow_field_mappings.json +22 -0
- icdev/data/context/languages/__init__.py +1 -0
- icdev/data/context/languages/framework_patterns.json +205 -0
- icdev/data/context/languages/language_registry.json +279 -0
- icdev/data/context/llm/__init__.py +1 -0
- icdev/data/context/llm/example_provider.py +86 -0
- icdev/data/context/mbse/__init__.py +1 -0
- icdev/data/context/mbse/des_report_template.md +162 -0
- icdev/data/context/mbse/des_requirements.json +411 -0
- icdev/data/context/mbse/digital_thread_patterns.json +403 -0
- icdev/data/context/mbse/reqif_schema.json +280 -0
- icdev/data/context/mbse/sysml_element_types.json +432 -0
- icdev/data/context/modernization/__init__.py +1 -0
- icdev/data/context/modernization/db_type_mappings.json +148 -0
- icdev/data/context/modernization/decomposition_patterns.json +284 -0
- icdev/data/context/modernization/framework_migration_patterns.json +359 -0
- icdev/data/context/modernization/migration_report_template.md +168 -0
- icdev/data/context/modernization/seven_rs_catalog.json +369 -0
- icdev/data/context/modernization/version_upgrade_rules.json +279 -0
- icdev/data/context/oscal/NIST_SP-800-53_rev5_catalog.json +254987 -0
- icdev/data/context/oscal/README.md +43 -0
- icdev/data/context/patterns/__init__.py +1 -0
- icdev/data/context/profiles/__init__.py +1 -0
- icdev/data/context/profiles/dod_baseline_v1.yaml +145 -0
- icdev/data/context/profiles/fedramp_baseline_v1.yaml +143 -0
- icdev/data/context/profiles/financial_baseline_v1.yaml +142 -0
- icdev/data/context/profiles/healthcare_baseline_v1.yaml +135 -0
- icdev/data/context/profiles/law_enforcement_v1.yaml +129 -0
- icdev/data/context/profiles/startup_v1.yaml +134 -0
- icdev/data/context/requirements/__init__.py +1 -0
- icdev/data/context/requirements/ambiguity_patterns.json +97 -0
- icdev/data/context/requirements/boundary_impact_rules.json +123 -0
- icdev/data/context/requirements/default_constitutions.json +67 -0
- icdev/data/context/requirements/document_extraction_rules.json +58 -0
- icdev/data/context/requirements/gap_patterns.json +108 -0
- icdev/data/context/requirements/readiness_rubric.json +78 -0
- icdev/data/context/requirements/red_alternative_patterns.json +210 -0
- icdev/data/context/requirements/safe_templates.json +72 -0
- icdev/data/context/requirements/spec_quality_checklist.json +122 -0
- icdev/data/context/simulation/__init__.py +1 -0
- icdev/data/context/simulation/architecture_patterns.json +36 -0
- icdev/data/context/simulation/coa_templates.json +38 -0
- icdev/data/context/simulation/cost_models.json +23 -0
- icdev/data/context/simulation/risk_categories.json +46 -0
- icdev/data/context/supply_chain/__init__.py +1 -0
- icdev/data/context/supply_chain/isa_templates.json +129 -0
- icdev/data/context/supply_chain/nist_800_161_controls.json +247 -0
- icdev/data/context/supply_chain/scrm_risk_matrix.json +147 -0
- icdev/data/context/templates/__init__.py +1 -0
- icdev/data/context/templates/ansible/__init__.py +1 -0
- icdev/data/context/templates/ansible/playbooks/__init__.py +1 -0
- icdev/data/context/templates/ansible/roles/__init__.py +1 -0
- icdev/data/context/templates/gitlab_ci/__init__.py +1 -0
- icdev/data/context/templates/grafana/__init__.py +1 -0
- icdev/data/context/templates/kubernetes/__init__.py +1 -0
- icdev/data/context/templates/project/__init__.py +1 -0
- icdev/data/context/templates/project/api/__init__.py +1 -0
- icdev/data/context/templates/project/cli/__init__.py +1 -0
- icdev/data/context/templates/project/data_pipeline/__init__.py +1 -0
- icdev/data/context/templates/project/iac/__init__.py +1 -0
- icdev/data/context/templates/project/javascript_frontend/__init__.py +1 -0
- icdev/data/context/templates/project/javascript_frontend/src/__init__.py +1 -0
- icdev/data/context/templates/project/javascript_frontend/tests/__init__.py +1 -0
- icdev/data/context/templates/project/microservice/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/src/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/tests/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/tests/features/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/tests/steps/__init__.py +1 -0
- icdev/data/context/templates/terraform/__init__.py +1 -0
- icdev/data/context/templates/terraform/govcloud_base/__init__.py +1 -0
- icdev/data/context/templates/terraform/modules/__init__.py +1 -0
- icdev/data/context/tone/__init__.py +1 -0
- icdev/data/context/translation/dependency_mappings.json +186 -0
- icdev/data/context/translation/type_mappings.json +149 -0
- icdev/data/docs/README.md +187 -0
- icdev/data/docs/__init__.py +1 -0
- icdev/data/docs/admin/gateway-guide.md +338 -0
- icdev/data/docs/admin/marketplace-guide.md +396 -0
- icdev/data/docs/admin/monitoring-guide.md +509 -0
- icdev/data/docs/architecture/compliance-framework.md +764 -0
- icdev/data/docs/architecture/database-schema.md +689 -0
- icdev/data/docs/architecture/gotcha-framework.md +518 -0
- icdev/data/docs/architecture/multi-agent-system.md +603 -0
- icdev/data/docs/dx/README.md +106 -0
- icdev/data/docs/dx/__init__.py +1 -0
- icdev/data/docs/dx/ci-cd-integration.md +378 -0
- icdev/data/docs/dx/claude-code-guide.md +213 -0
- icdev/data/docs/dx/companion-guide.md +232 -0
- icdev/data/docs/dx/dev-profiles.md +309 -0
- icdev/data/docs/dx/icdev-yaml-spec.md +219 -0
- icdev/data/docs/dx/integration-tiers.md +279 -0
- icdev/data/docs/dx/llm-routing-guide.md +456 -0
- icdev/data/docs/dx/quickstart.md +192 -0
- icdev/data/docs/dx/sdk-reference.md +356 -0
- icdev/data/docs/dx/unified-mcp-setup.md +525 -0
- icdev/data/docs/features/__init__.py +1 -0
- icdev/data/docs/features/phase-01-gotcha-framework.md +249 -0
- icdev/data/docs/features/phase-02-atlas-build-workflow.md +223 -0
- icdev/data/docs/features/phase-03-tdd-bdd-testing.md +261 -0
- icdev/data/docs/features/phase-04-nist-compliance.md +255 -0
- icdev/data/docs/features/phase-05-security-scanning.md +229 -0
- icdev/data/docs/features/phase-06-infrastructure-deployment.md +288 -0
- icdev/data/docs/features/phase-07-code-review-gates.md +276 -0
- icdev/data/docs/features/phase-08-self-healing.md +223 -0
- icdev/data/docs/features/phase-09-monitoring-observability.md +230 -0
- icdev/data/docs/features/phase-10-dashboard-web-ui.md +218 -0
- icdev/data/docs/features/phase-11-multi-agent-architecture.md +272 -0
- icdev/data/docs/features/phase-12-integration-testing.md +228 -0
- icdev/data/docs/features/phase-13-cicd-integration.md +257 -0
- icdev/data/docs/features/phase-14-secure-by-design-ivv.md +240 -0
- icdev/data/docs/features/phase-15-maintenance-audit.md +192 -0
- icdev/data/docs/features/phase-16-ato-acceleration.md +228 -0
- icdev/data/docs/features/phase-17-multi-framework-compliance.md +223 -0
- icdev/data/docs/features/phase-18-mbse-integration.md +242 -0
- icdev/data/docs/features/phase-19-agentic-generation.md +202 -0
- icdev/data/docs/features/phase-20-fips-security-categorization.md +198 -0
- icdev/data/docs/features/phase-21-saas-multi-tenancy.md +273 -0
- icdev/data/docs/features/phase-22-federated-gotcha-marketplace.md +242 -0
- icdev/data/docs/features/phase-23-universal-compliance-platform.md +238 -0
- icdev/data/docs/features/phase-24-devsecops-pipeline-security.md +198 -0
- icdev/data/docs/features/phase-25-zero-trust-architecture.md +220 -0
- icdev/data/docs/features/phase-26-dod-mosa.md +205 -0
- icdev/data/docs/features/phase-27-cli-capabilities.md +222 -0
- icdev/data/docs/features/phase-28-remote-command-gateway.md +235 -0
- icdev/data/docs/features/phase-29-proactive-monitoring.md +212 -0
- icdev/data/docs/features/phase-30-dashboard-auth.md +215 -0
- icdev/data/docs/features/phase-31-dashboard-ux-low-impact.md +188 -0
- icdev/data/docs/features/phase-32-dashboard-ux-medium-impact.md +223 -0
- icdev/data/docs/features/phase-33-modular-installation.md +218 -0
- icdev/data/docs/features/phase-34-dev-profiles.md +239 -0
- icdev/data/docs/features/phase-35-innovation-engine.md +257 -0
- icdev/data/docs/features/phase-36-evolutionary-intelligence.md +351 -0
- icdev/data/docs/features/phase-37-mitre-atlas-integration.md +485 -0
- icdev/data/docs/features/phase-38-cloud-agnostic-architecture.md +1033 -0
- icdev/data/docs/features/phase-39-observability-operations.md +178 -0
- icdev/data/docs/features/phase-40-nlq-compliance-queries.md +176 -0
- icdev/data/docs/features/phase-41-parallel-cicd.md +169 -0
- icdev/data/docs/features/phase-42-framework-planning.md +177 -0
- icdev/data/docs/features/phase-43-cross-language-translation.md +225 -0
- icdev/data/docs/features/phase-44-innovation-adaptation.md +227 -0
- icdev/data/docs/features/phase-45-owasp-agentic-security.md +239 -0
- icdev/data/docs/features/phase-46-observability-traceability-xai.md +240 -0
- icdev/data/docs/features/phase-47-unified-mcp-gateway.md +257 -0
- icdev/data/docs/features/phase-48-ai-transparency.md +203 -0
- icdev/data/docs/features/phase-49-ai-accountability.md +243 -0
- icdev/data/docs/features/phase-50-ai-governance-intake-chat.md +195 -0
- icdev/data/docs/features/phase-51-unified-chat-dashboard.md +240 -0
- icdev/data/docs/features/phase-52-code-intelligence.md +244 -0
- icdev/data/docs/features/phase-53-fedramp-20x-owasp-asi.md +359 -0
- icdev/data/docs/features/phase-54-slsa-swft-orchestration.md +379 -0
- icdev/data/docs/features/phase-55-a2a-v03-mcp-oauth.md +322 -0
- icdev/data/docs/features/phase-56-evidence-lineage.md +352 -0
- icdev/data/docs/features/phase-57-eu-ai-act-iron-bank.md +319 -0
- icdev/data/docs/features/phase-58-creative-engine.md +370 -0
- icdev/data/docs/features/phase-59-govcon-intelligence.md +535 -0
- icdev/data/docs/features/phase-60-cpmp.md +528 -0
- icdev/data/docs/features/phase-61-orchestration-improvements.md +534 -0
- icdev/data/docs/operations/dashboard-guide.md +354 -0
- icdev/data/docs/operations/deployment-guide.md +556 -0
- icdev/data/docs/operations/saas-admin-guide.md +439 -0
- icdev/data/docs/operations/security-operations-guide.md +733 -0
- icdev/data/docs/runbooks/backup-restore.md +412 -0
- icdev/data/docs/runbooks/troubleshooting.md +499 -0
- icdev/data/features/__init__.py +1 -0
- icdev/data/features/cicd_integration.feature +41 -0
- icdev/data/features/compliance_gates.feature +46 -0
- icdev/data/features/dashboard.feature +72 -0
- icdev/data/features/environment.py +25 -0
- icdev/data/features/project_management.feature +32 -0
- icdev/data/features/requirements_intake.feature +42 -0
- icdev/data/features/saas_platform.feature +53 -0
- icdev/data/features/security_scanning.feature +36 -0
- icdev/data/features/steps/__init__.py +1 -0
- icdev/data/features/steps/cicd_steps.py +465 -0
- icdev/data/features/steps/compliance_steps.py +308 -0
- icdev/data/features/steps/dashboard_steps.py +88 -0
- icdev/data/features/steps/project_steps.py +126 -0
- icdev/data/features/steps/requirements_intake_steps.py +689 -0
- icdev/data/features/steps/saas_platform_steps.py +572 -0
- icdev/data/features/steps/security_steps.py +236 -0
- icdev/data/features/steps/testing_steps.py +226 -0
- icdev/data/features/testing_pipeline.feature +42 -0
- icdev/data/goals/__init__.py +1 -0
- icdev/data/goals/agent_management.md +144 -0
- icdev/data/goals/agentic_generation.md +345 -0
- icdev/data/goals/agentic_threat_model.md +309 -0
- icdev/data/goals/ai_accountability.md +90 -0
- icdev/data/goals/ai_governance_intake.md +132 -0
- icdev/data/goals/ai_transparency.md +76 -0
- icdev/data/goals/atlas_integration.md +405 -0
- icdev/data/goals/ato_acceleration.md +139 -0
- icdev/data/goals/boundary_supply_chain.md +206 -0
- icdev/data/goals/build_app.md +544 -0
- icdev/data/goals/cicd_integration.md +86 -0
- icdev/data/goals/claude_dir_maintenance.md +77 -0
- icdev/data/goals/cli_capabilities.md +340 -0
- icdev/data/goals/cloud_agnostic.md +312 -0
- icdev/data/goals/code_intelligence.md +197 -0
- icdev/data/goals/code_review.md +94 -0
- icdev/data/goals/compliance_workflow.md +858 -0
- icdev/data/goals/continuous_harmonization.md +140 -0
- icdev/data/goals/cross_language_translation.md +171 -0
- icdev/data/goals/dashboard.md +142 -0
- icdev/data/goals/deploy_workflow.md +390 -0
- icdev/data/goals/devsecops_workflow.md +408 -0
- icdev/data/goals/evolutionary_intelligence.md +305 -0
- icdev/data/goals/external_integration.md +113 -0
- icdev/data/goals/framework_planning.md +63 -0
- icdev/data/goals/init_project.md +235 -0
- icdev/data/goals/innovation_engine.md +199 -0
- icdev/data/goals/integration_testing.md +189 -0
- icdev/data/goals/maintenance_audit.md +196 -0
- icdev/data/goals/manifest.md +56 -0
- icdev/data/goals/mbse_integration.md +504 -0
- icdev/data/goals/modernization_workflow.md +618 -0
- icdev/data/goals/monitoring.md +126 -0
- icdev/data/goals/mosa_workflow.md +463 -0
- icdev/data/goals/multi_agent_orchestration.md +68 -0
- icdev/data/goals/nlq_compliance.md +63 -0
- icdev/data/goals/observability.md +64 -0
- icdev/data/goals/observability_traceability_xai.md +154 -0
- icdev/data/goals/owasp_agentic_security.md +395 -0
- icdev/data/goals/parallel_cicd.md +61 -0
- icdev/data/goals/requirements_intake.md +213 -0
- icdev/data/goals/sbd_ivv_workflow.md +195 -0
- icdev/data/goals/security_categorization.md +133 -0
- icdev/data/goals/security_scan.md +381 -0
- icdev/data/goals/self_healing.md +120 -0
- icdev/data/goals/simulation_engine.md +111 -0
- icdev/data/goals/tdd_workflow.md +403 -0
- icdev/data/goals/zero_trust_architecture.md +403 -0
- icdev/data/hardprompts/__init__.py +1 -0
- icdev/data/hardprompts/agent/__init__.py +1 -0
- icdev/data/hardprompts/agent/agentic_architect.md +100 -0
- icdev/data/hardprompts/agent/debate_prompt.md +32 -0
- icdev/data/hardprompts/agent/fitness_evaluation.md +48 -0
- icdev/data/hardprompts/agent/governance_review.md +214 -0
- icdev/data/hardprompts/agent/reviewer_prompt.md +34 -0
- icdev/data/hardprompts/agent/skill_design.md +172 -0
- icdev/data/hardprompts/agent/task_decomposition.md +275 -0
- icdev/data/hardprompts/agent/veto_check_prompt.md +33 -0
- icdev/data/hardprompts/architect/__init__.py +1 -0
- icdev/data/hardprompts/architect/api_design.md +283 -0
- icdev/data/hardprompts/architect/data_model.md +277 -0
- icdev/data/hardprompts/architect/system_design.md +180 -0
- icdev/data/hardprompts/builder/__init__.py +1 -0
- icdev/data/hardprompts/builder/code_generation.md +59 -0
- icdev/data/hardprompts/builder/refactor.md +58 -0
- icdev/data/hardprompts/builder/scaffold_project.md +69 -0
- icdev/data/hardprompts/builder/test_generation.md +87 -0
- icdev/data/hardprompts/ci/__init__.py +1 -0
- icdev/data/hardprompts/ci/worktree_setup.md +35 -0
- icdev/data/hardprompts/compliance/__init__.py +1 -0
- icdev/data/hardprompts/compliance/cmmc_assessment.md +63 -0
- icdev/data/hardprompts/compliance/cssp_assessment.md +75 -0
- icdev/data/hardprompts/compliance/cui_marking.md +86 -0
- icdev/data/hardprompts/compliance/fedramp_assessment.md +55 -0
- icdev/data/hardprompts/compliance/ivv_assessment.md +96 -0
- icdev/data/hardprompts/compliance/poam_generation.md +57 -0
- icdev/data/hardprompts/compliance/sbd_assessment.md +101 -0
- icdev/data/hardprompts/compliance/security_categorization.md +74 -0
- icdev/data/hardprompts/compliance/ssp_generation.md +56 -0
- icdev/data/hardprompts/compliance/stig_evaluation.md +63 -0
- icdev/data/hardprompts/dashboard/__init__.py +1 -0
- icdev/data/hardprompts/dashboard/nlq_system_prompt.md +26 -0
- icdev/data/hardprompts/infra/__init__.py +1 -0
- icdev/data/hardprompts/infra/k8s_manifests.md +118 -0
- icdev/data/hardprompts/infra/pipeline_generation.md +160 -0
- icdev/data/hardprompts/infra/terraform_generation.md +92 -0
- icdev/data/hardprompts/integration/__init__.py +1 -0
- icdev/data/hardprompts/integration/approval_review.md +17 -0
- icdev/data/hardprompts/integration/jira_mapping.md +25 -0
- icdev/data/hardprompts/integration/servicenow_mapping.md +14 -0
- icdev/data/hardprompts/knowledge/__init__.py +1 -0
- icdev/data/hardprompts/knowledge/pattern_detection.md +73 -0
- icdev/data/hardprompts/knowledge/recommendation_engine.md +90 -0
- icdev/data/hardprompts/knowledge/root_cause_analysis.md +91 -0
- icdev/data/hardprompts/maintenance/__init__.py +1 -0
- icdev/data/hardprompts/maintenance/maintenance_assessment.md +82 -0
- icdev/data/hardprompts/mbse/__init__.py +1 -0
- icdev/data/hardprompts/mbse/digital_thread.md +67 -0
- icdev/data/hardprompts/mbse/model_import.md +62 -0
- icdev/data/hardprompts/mbse/model_to_code.md +65 -0
- icdev/data/hardprompts/modernization/__init__.py +1 -0
- icdev/data/hardprompts/modernization/legacy_analysis.md +93 -0
- icdev/data/hardprompts/modernization/migration_planning.md +150 -0
- icdev/data/hardprompts/modernization/seven_r_assessment.md +107 -0
- icdev/data/hardprompts/requirements/__init__.py +1 -0
- icdev/data/hardprompts/requirements/bdd_generation.md +35 -0
- icdev/data/hardprompts/requirements/clarification_prioritization.md +29 -0
- icdev/data/hardprompts/requirements/decomposition.md +60 -0
- icdev/data/hardprompts/requirements/document_extraction.md +45 -0
- icdev/data/hardprompts/requirements/gap_detection.md +70 -0
- icdev/data/hardprompts/requirements/intake_conversation.md +101 -0
- icdev/data/hardprompts/requirements/readiness_assessment.md +39 -0
- icdev/data/hardprompts/requirements/spec_quality.md +33 -0
- icdev/data/hardprompts/requirements/traceability_analysis.md +23 -0
- icdev/data/hardprompts/security/__init__.py +1 -0
- icdev/data/hardprompts/security/endpoint_security.md +78 -0
- icdev/data/hardprompts/security/threat_model.md +70 -0
- icdev/data/hardprompts/security/vulnerability_assessment.md +81 -0
- icdev/data/hardprompts/simulation/__init__.py +1 -0
- icdev/data/hardprompts/simulation/architecture_impact.md +27 -0
- icdev/data/hardprompts/simulation/coa_alternative.md +27 -0
- icdev/data/hardprompts/simulation/coa_generation.md +25 -0
- icdev/data/hardprompts/simulation/compliance_impact.md +28 -0
- icdev/data/hardprompts/simulation/cost_estimation.md +33 -0
- icdev/data/hardprompts/simulation/risk_assessment.md +28 -0
- icdev/data/hardprompts/translation/code_translation.md +68 -0
- icdev/data/hardprompts/translation/dependency_suggestion.md +44 -0
- icdev/data/hardprompts/translation/test_translation.md +64 -0
- icdev/data/hardprompts/translation/translation_repair.md +59 -0
- icdev/py.typed +0 -0
- icdev/tools/__init__.py +1 -0
- icdev/tools/_gen_formatter.py +12 -0
- icdev/tools/a2a/__init__.py +1 -0
- icdev/tools/a2a/agent_cards/architect.json +43 -0
- icdev/tools/a2a/agent_cards/builder.json +50 -0
- icdev/tools/a2a/agent_cards/compliance.json +57 -0
- icdev/tools/a2a/agent_cards/devsecops.json +71 -0
- icdev/tools/a2a/agent_cards/infra.json +57 -0
- icdev/tools/a2a/agent_cards/integration.json +57 -0
- icdev/tools/a2a/agent_cards/knowledge.json +43 -0
- icdev/tools/a2a/agent_cards/mbse.json +57 -0
- icdev/tools/a2a/agent_cards/modernization.json +50 -0
- icdev/tools/a2a/agent_cards/monitor.json +43 -0
- icdev/tools/a2a/agent_cards/orchestrator.json +36 -0
- icdev/tools/a2a/agent_cards/requirements_analyst.json +64 -0
- icdev/tools/a2a/agent_cards/security.json +50 -0
- icdev/tools/a2a/agent_cards/simulation.json +57 -0
- icdev/tools/a2a/agent_cards/supply_chain.json +50 -0
- icdev/tools/a2a/agent_client.py +349 -0
- icdev/tools/a2a/agent_registry.py +412 -0
- icdev/tools/a2a/agent_server.py +579 -0
- icdev/tools/a2a/task.py +200 -0
- icdev/tools/agent/__init__.py +2 -0
- icdev/tools/agent/a2a_agent_card_generator.py +285 -0
- icdev/tools/agent/a2a_discovery_server.py +250 -0
- icdev/tools/agent/agent_executor.py +529 -0
- icdev/tools/agent/agent_memory.py +557 -0
- icdev/tools/agent/agent_models.py +51 -0
- icdev/tools/agent/atlas_critique.py +908 -0
- icdev/tools/agent/authority.py +443 -0
- icdev/tools/agent/bedrock_client.py +1075 -0
- icdev/tools/agent/collaboration.py +871 -0
- icdev/tools/agent/dispatcher_mode.py +665 -0
- icdev/tools/agent/mailbox.py +575 -0
- icdev/tools/agent/prompt_chain_executor.py +1064 -0
- icdev/tools/agent/session_purpose.py +350 -0
- icdev/tools/agent/skill_router.py +638 -0
- icdev/tools/agent/skill_selector.py +486 -0
- icdev/tools/agent/team_orchestrator.py +1108 -0
- icdev/tools/agent/token_tracker.py +290 -0
- icdev/tools/analysis/__init__.py +1 -0
- icdev/tools/analysis/code_analyzer.py +780 -0
- icdev/tools/analysis/runtime_feedback.py +389 -0
- icdev/tools/audit/__init__.py +1 -0
- icdev/tools/audit/audit_logger.py +196 -0
- icdev/tools/audit/audit_query.py +157 -0
- icdev/tools/audit/decision_recorder.py +72 -0
- icdev/tools/builder/__init__.py +1 -0
- icdev/tools/builder/agentic_fitness.py +534 -0
- icdev/tools/builder/agentic_test_templates/test_a2a_callback.py +117 -0
- icdev/tools/builder/agentic_test_templates/test_a2a_lifecycle.feature +52 -0
- icdev/tools/builder/agentic_test_templates/test_agent_card.feature +37 -0
- icdev/tools/builder/agentic_test_templates/test_agent_health.py +128 -0
- icdev/tools/builder/agentic_test_templates/test_memory_system.feature +50 -0
- icdev/tools/builder/agentic_test_templates/test_skill_execution.feature +40 -0
- icdev/tools/builder/app_blueprint.py +1583 -0
- icdev/tools/builder/child_app_generator.py +2852 -0
- icdev/tools/builder/claude_md_generator.py +1734 -0
- icdev/tools/builder/code_generator.py +3703 -0
- icdev/tools/builder/db_init_generator.py +1709 -0
- icdev/tools/builder/dev_profile_manager.py +954 -0
- icdev/tools/builder/formatter.py +768 -0
- icdev/tools/builder/goal_adapter.py +592 -0
- icdev/tools/builder/gotcha_validator.py +812 -0
- icdev/tools/builder/language_support.py +441 -0
- icdev/tools/builder/linter.py +976 -0
- icdev/tools/builder/profile_detector.py +657 -0
- icdev/tools/builder/profile_md_generator.py +723 -0
- icdev/tools/builder/scaffolder.py +1590 -0
- icdev/tools/builder/scaffolder_extended.py +1771 -0
- icdev/tools/builder/test_writer.py +950 -0
- icdev/tools/ci/__init__.py +2 -0
- icdev/tools/ci/connectors/__init__.py +2 -0
- icdev/tools/ci/connectors/base_connector.py +80 -0
- icdev/tools/ci/connectors/connector_registry.py +188 -0
- icdev/tools/ci/connectors/mattermost_connector.py +159 -0
- icdev/tools/ci/connectors/slack_connector.py +197 -0
- icdev/tools/ci/core/__init__.py +2 -0
- icdev/tools/ci/core/air_gap_detector.py +115 -0
- icdev/tools/ci/core/comment_handler.py +192 -0
- icdev/tools/ci/core/conversation_manager.py +479 -0
- icdev/tools/ci/core/event_envelope.py +500 -0
- icdev/tools/ci/core/event_router.py +443 -0
- icdev/tools/ci/core/failure_parser.py +397 -0
- icdev/tools/ci/core/recovery_engine.py +527 -0
- icdev/tools/ci/modules/__init__.py +2 -0
- icdev/tools/ci/modules/agent.py +271 -0
- icdev/tools/ci/modules/git_ops.py +175 -0
- icdev/tools/ci/modules/state.py +117 -0
- icdev/tools/ci/modules/vcs.py +303 -0
- icdev/tools/ci/modules/workflow_ops.py +295 -0
- icdev/tools/ci/modules/worktree.py +340 -0
- icdev/tools/ci/pipeline_config_generator.py +558 -0
- icdev/tools/ci/triggers/__init__.py +2 -0
- icdev/tools/ci/triggers/gitlab_task_monitor.py +330 -0
- icdev/tools/ci/triggers/poll_trigger.py +237 -0
- icdev/tools/ci/triggers/webhook_server.py +356 -0
- icdev/tools/ci/workflows/__init__.py +2 -0
- icdev/tools/ci/workflows/icdev_build.py +140 -0
- icdev/tools/ci/workflows/icdev_comply.py +284 -0
- icdev/tools/ci/workflows/icdev_document.py +152 -0
- icdev/tools/ci/workflows/icdev_e2e.py +188 -0
- icdev/tools/ci/workflows/icdev_patch.py +186 -0
- icdev/tools/ci/workflows/icdev_plan.py +202 -0
- icdev/tools/ci/workflows/icdev_plan_build.py +41 -0
- icdev/tools/ci/workflows/icdev_plan_build_test.py +46 -0
- icdev/tools/ci/workflows/icdev_plan_build_test_review.py +47 -0
- icdev/tools/ci/workflows/icdev_review.py +126 -0
- icdev/tools/ci/workflows/icdev_sdlc.py +261 -0
- icdev/tools/ci/workflows/icdev_test.py +240 -0
- icdev/tools/cli/__init__.py +1 -0
- icdev/tools/cli/output_formatter.py +756 -0
- icdev/tools/cli_formatter.py +42 -0
- icdev/tools/cloud/__init__.py +11 -0
- icdev/tools/cloud/cloud_mode_manager.py +364 -0
- icdev/tools/cloud/csp_changelog.py +383 -0
- icdev/tools/cloud/csp_health_checker.py +268 -0
- icdev/tools/cloud/csp_monitor.py +951 -0
- icdev/tools/cloud/iam_provider.py +593 -0
- icdev/tools/cloud/kms_provider.py +346 -0
- icdev/tools/cloud/monitoring_provider.py +628 -0
- icdev/tools/cloud/provider_factory.py +376 -0
- icdev/tools/cloud/region_validator.py +345 -0
- icdev/tools/cloud/registry_provider.py +563 -0
- icdev/tools/cloud/secrets_provider.py +486 -0
- icdev/tools/cloud/storage_provider.py +446 -0
- icdev/tools/compat/__init__.py +21 -0
- icdev/tools/compat/cli_harmonizer.py +251 -0
- icdev/tools/compat/datetime_utils.py +18 -0
- icdev/tools/compat/db_utils.py +160 -0
- icdev/tools/compat/platform_utils.py +123 -0
- icdev/tools/compliance/__init__.py +1 -0
- icdev/tools/compliance/accountability_manager.py +397 -0
- icdev/tools/compliance/ai_accountability_audit.py +294 -0
- icdev/tools/compliance/ai_impact_assessor.py +273 -0
- icdev/tools/compliance/ai_incident_response.py +301 -0
- icdev/tools/compliance/ai_inventory_manager.py +239 -0
- icdev/tools/compliance/ai_reassessment_scheduler.py +256 -0
- icdev/tools/compliance/ai_transparency_audit.py +248 -0
- icdev/tools/compliance/atlas_assessor.py +278 -0
- icdev/tools/compliance/atlas_report_generator.py +1211 -0
- icdev/tools/compliance/base_assessor.py +597 -0
- icdev/tools/compliance/cato_monitor.py +1385 -0
- icdev/tools/compliance/cato_scheduler.py +699 -0
- icdev/tools/compliance/cjis_assessor.py +76 -0
- icdev/tools/compliance/classification_manager.py +1353 -0
- icdev/tools/compliance/cmmc_assessor.py +1491 -0
- icdev/tools/compliance/cmmc_report_generator.py +1100 -0
- icdev/tools/compliance/compliance_detector.py +463 -0
- icdev/tools/compliance/compliance_exporter.py +427 -0
- icdev/tools/compliance/compliance_status.py +825 -0
- icdev/tools/compliance/control_mapper.py +505 -0
- icdev/tools/compliance/crosswalk_engine.py +1203 -0
- icdev/tools/compliance/cssp_assessor.py +1045 -0
- icdev/tools/compliance/cssp_evidence_collector.py +729 -0
- icdev/tools/compliance/cssp_report_generator.py +1116 -0
- icdev/tools/compliance/cui_marker.py +388 -0
- icdev/tools/compliance/diagram_validator.py +600 -0
- icdev/tools/compliance/emass/__init__.py +2 -0
- icdev/tools/compliance/emass/emass_client.py +840 -0
- icdev/tools/compliance/emass/emass_export.py +777 -0
- icdev/tools/compliance/emass/emass_sync.py +826 -0
- icdev/tools/compliance/eu_ai_act_classifier.py +194 -0
- icdev/tools/compliance/evidence_collector.py +468 -0
- icdev/tools/compliance/fairness_assessor.py +316 -0
- icdev/tools/compliance/fedramp_assessor.py +1808 -0
- icdev/tools/compliance/fedramp_authorization_packager.py +137 -0
- icdev/tools/compliance/fedramp_ksi_generator.py +355 -0
- icdev/tools/compliance/fedramp_report_generator.py +1128 -0
- icdev/tools/compliance/fips199_categorizer.py +881 -0
- icdev/tools/compliance/fips200_validator.py +315 -0
- icdev/tools/compliance/gao_ai_assessor.py +231 -0
- icdev/tools/compliance/gao_evidence_builder.py +308 -0
- icdev/tools/compliance/hipaa_assessor.py +78 -0
- icdev/tools/compliance/hitrust_assessor.py +49 -0
- icdev/tools/compliance/incident_response_plan.py +718 -0
- icdev/tools/compliance/iso27001_assessor.py +92 -0
- icdev/tools/compliance/iso42001_assessor.py +114 -0
- icdev/tools/compliance/ivv_assessor.py +2327 -0
- icdev/tools/compliance/ivv_report_generator.py +1662 -0
- icdev/tools/compliance/model_card_generator.py +297 -0
- icdev/tools/compliance/mosa_assessor.py +117 -0
- icdev/tools/compliance/multi_regime_assessor.py +451 -0
- icdev/tools/compliance/narrative_generator.py +1013 -0
- icdev/tools/compliance/nist_800_207_assessor.py +191 -0
- icdev/tools/compliance/nist_ai_600_1_assessor.py +188 -0
- icdev/tools/compliance/nist_ai_rmf_assessor.py +110 -0
- icdev/tools/compliance/nist_lookup.py +245 -0
- icdev/tools/compliance/omb_m25_21_assessor.py +228 -0
- icdev/tools/compliance/omb_m26_04_assessor.py +188 -0
- icdev/tools/compliance/oscal_catalog_adapter.py +395 -0
- icdev/tools/compliance/oscal_generator.py +2170 -0
- icdev/tools/compliance/oscal_tools.py +1182 -0
- icdev/tools/compliance/owasp_agentic_assessor.py +226 -0
- icdev/tools/compliance/owasp_asi_assessor.py +200 -0
- icdev/tools/compliance/owasp_llm_assessor.py +244 -0
- icdev/tools/compliance/pci_dss_assessor.py +80 -0
- icdev/tools/compliance/pi_compliance_tracker.py +1461 -0
- icdev/tools/compliance/poam_generator.py +405 -0
- icdev/tools/compliance/resolve_marking.py +283 -0
- icdev/tools/compliance/sbd_assessor.py +2068 -0
- icdev/tools/compliance/sbd_report_generator.py +1236 -0
- icdev/tools/compliance/sbom_generator.py +1008 -0
- icdev/tools/compliance/siem_config_generator.py +674 -0
- icdev/tools/compliance/slsa_attestation_generator.py +490 -0
- icdev/tools/compliance/soc2_assessor.py +77 -0
- icdev/tools/compliance/ssp_generator.py +573 -0
- icdev/tools/compliance/stig_checker.py +727 -0
- icdev/tools/compliance/swft_evidence_bundler.py +337 -0
- icdev/tools/compliance/system_card_generator.py +309 -0
- icdev/tools/compliance/traceability_matrix.py +1281 -0
- icdev/tools/compliance/universal_classification_manager.py +1172 -0
- icdev/tools/compliance/xacta/__init__.py +2 -0
- icdev/tools/compliance/xacta/xacta_client.py +449 -0
- icdev/tools/compliance/xacta/xacta_export.py +557 -0
- icdev/tools/compliance/xacta/xacta_sync.py +333 -0
- icdev/tools/compliance/xai_assessor.py +231 -0
- icdev/tools/dashboard/__init__.py +1 -0
- icdev/tools/dashboard/api/__init__.py +1 -0
- icdev/tools/dashboard/api/_pipeline_state.py +17 -0
- icdev/tools/dashboard/api/activity.py +206 -0
- icdev/tools/dashboard/api/admin.py +176 -0
- icdev/tools/dashboard/api/agents.py +53 -0
- icdev/tools/dashboard/api/ai_accountability.py +163 -0
- icdev/tools/dashboard/api/ai_transparency.py +198 -0
- icdev/tools/dashboard/api/audit.py +58 -0
- icdev/tools/dashboard/api/batch.py +666 -0
- icdev/tools/dashboard/api/chat.py +241 -0
- icdev/tools/dashboard/api/cicd.py +219 -0
- icdev/tools/dashboard/api/code_quality.py +223 -0
- icdev/tools/dashboard/api/compliance.py +171 -0
- icdev/tools/dashboard/api/cpmp.py +915 -0
- icdev/tools/dashboard/api/diagrams.py +65 -0
- icdev/tools/dashboard/api/events.py +250 -0
- icdev/tools/dashboard/api/evidence.py +99 -0
- icdev/tools/dashboard/api/fedramp_20x.py +77 -0
- icdev/tools/dashboard/api/govcon.py +1095 -0
- icdev/tools/dashboard/api/intake.py +1171 -0
- icdev/tools/dashboard/api/lineage.py +163 -0
- icdev/tools/dashboard/api/metrics.py +155 -0
- icdev/tools/dashboard/api/nlq.py +72 -0
- icdev/tools/dashboard/api/orchestration.py +472 -0
- icdev/tools/dashboard/api/oscal.py +183 -0
- icdev/tools/dashboard/api/prod_audit.py +183 -0
- icdev/tools/dashboard/api/projects.py +191 -0
- icdev/tools/dashboard/api/proposals.py +1084 -0
- icdev/tools/dashboard/api/traces.py +363 -0
- icdev/tools/dashboard/api/usage.py +234 -0
- icdev/tools/dashboard/app.py +1986 -0
- icdev/tools/dashboard/auth.py +500 -0
- icdev/tools/dashboard/byok.py +245 -0
- icdev/tools/dashboard/chat_manager.py +675 -0
- icdev/tools/dashboard/config.py +116 -0
- icdev/tools/dashboard/diagram_definitions.py +642 -0
- icdev/tools/dashboard/nlq_processor.py +323 -0
- icdev/tools/dashboard/phase_loader.py +136 -0
- icdev/tools/dashboard/sse_manager.py +89 -0
- icdev/tools/dashboard/state_tracker.py +267 -0
- icdev/tools/dashboard/static/css/style.css +706 -0
- icdev/tools/dashboard/static/css/ux.css +2047 -0
- icdev/tools/dashboard/static/js/activity.js +322 -0
- icdev/tools/dashboard/static/js/api.js +161 -0
- icdev/tools/dashboard/static/js/batch.js +814 -0
- icdev/tools/dashboard/static/js/charts.js +618 -0
- icdev/tools/dashboard/static/js/chat.js +1514 -0
- icdev/tools/dashboard/static/js/kanban.js +113 -0
- icdev/tools/dashboard/static/js/live.js +569 -0
- icdev/tools/dashboard/static/js/mermaid-icdev.js +332 -0
- icdev/tools/dashboard/static/js/proposals.js +588 -0
- icdev/tools/dashboard/static/js/shortcuts.js +544 -0
- icdev/tools/dashboard/static/js/tables.js +652 -0
- icdev/tools/dashboard/static/js/tour.js +524 -0
- icdev/tools/dashboard/static/js/ux.js +942 -0
- icdev/tools/dashboard/templates/404.html +10 -0
- icdev/tools/dashboard/templates/activity.html +80 -0
- icdev/tools/dashboard/templates/admin/users.html +144 -0
- icdev/tools/dashboard/templates/ai_accountability.html +235 -0
- icdev/tools/dashboard/templates/ai_transparency.html +263 -0
- icdev/tools/dashboard/templates/base.html +104 -0
- icdev/tools/dashboard/templates/batch.html +23 -0
- icdev/tools/dashboard/templates/chat.html +332 -0
- icdev/tools/dashboard/templates/children.html +149 -0
- icdev/tools/dashboard/templates/cicd.html +253 -0
- icdev/tools/dashboard/templates/code_quality.html +214 -0
- icdev/tools/dashboard/templates/cpmp/cor_detail.html +220 -0
- icdev/tools/dashboard/templates/cpmp/cor_portal.html +91 -0
- icdev/tools/dashboard/templates/cpmp/deliverable_detail.html +197 -0
- icdev/tools/dashboard/templates/cpmp/detail.html +578 -0
- icdev/tools/dashboard/templates/cpmp/portfolio.html +202 -0
- icdev/tools/dashboard/templates/dev_profiles.html +304 -0
- icdev/tools/dashboard/templates/diagrams.html +224 -0
- icdev/tools/dashboard/templates/events/timeline.html +232 -0
- icdev/tools/dashboard/templates/evidence.html +134 -0
- icdev/tools/dashboard/templates/fedramp_20x.html +207 -0
- icdev/tools/dashboard/templates/gateway.html +244 -0
- icdev/tools/dashboard/templates/govcon/capabilities.html +135 -0
- icdev/tools/dashboard/templates/govcon/pipeline.html +214 -0
- icdev/tools/dashboard/templates/govcon/requirements.html +120 -0
- icdev/tools/dashboard/templates/index.html +254 -0
- icdev/tools/dashboard/templates/lineage.html +141 -0
- icdev/tools/dashboard/templates/login.html +51 -0
- icdev/tools/dashboard/templates/monitoring/overview.html +193 -0
- icdev/tools/dashboard/templates/orchestration/dashboard.html +545 -0
- icdev/tools/dashboard/templates/oscal.html +263 -0
- icdev/tools/dashboard/templates/phases.html +150 -0
- icdev/tools/dashboard/templates/prod_audit.html +280 -0
- icdev/tools/dashboard/templates/profile.html +183 -0
- icdev/tools/dashboard/templates/projects/detail.html +583 -0
- icdev/tools/dashboard/templates/projects/list.html +47 -0
- icdev/tools/dashboard/templates/proposals/detail.html +1253 -0
- icdev/tools/dashboard/templates/proposals/list.html +179 -0
- icdev/tools/dashboard/templates/proposals/section_detail.html +193 -0
- icdev/tools/dashboard/templates/provenance.html +181 -0
- icdev/tools/dashboard/templates/query/nlq.html +234 -0
- icdev/tools/dashboard/templates/quick_paths.html +69 -0
- icdev/tools/dashboard/templates/traces.html +155 -0
- icdev/tools/dashboard/templates/translation_detail.html +199 -0
- icdev/tools/dashboard/templates/translations.html +162 -0
- icdev/tools/dashboard/templates/usage.html +225 -0
- icdev/tools/dashboard/templates/wizard.html +539 -0
- icdev/tools/dashboard/templates/xai.html +208 -0
- icdev/tools/dashboard/ux_helpers.py +962 -0
- icdev/tools/dashboard/websocket.py +81 -0
- icdev/tools/db/__init__.py +1 -0
- icdev/tools/db/backup.py +312 -0
- icdev/tools/db/backup_manager.py +832 -0
- icdev/tools/db/init_icdev_db.py +5900 -0
- icdev/tools/db/migrate.py +178 -0
- icdev/tools/db/migration_runner.py +549 -0
- icdev/tools/db/migrations/001_baseline/meta.json +9 -0
- icdev/tools/db/migrations/001_baseline/up.py +68 -0
- icdev/tools/db/migrations/002_memory_enhancements/down.sql +8 -0
- icdev/tools/db/migrations/002_memory_enhancements/meta.json +9 -0
- icdev/tools/db/migrations/002_memory_enhancements/up.py +118 -0
- icdev/tools/db/migrations/003_dev_profiles/meta.json +8 -0
- icdev/tools/db/migrations/003_dev_profiles/up.py +93 -0
- icdev/tools/db/migrations/004_innovation_engine/down.py +19 -0
- icdev/tools/db/migrations/004_innovation_engine/up.py +227 -0
- icdev/tools/db/migrations/005_phase_37_ai_security/down.py +19 -0
- icdev/tools/db/migrations/005_phase_37_ai_security/up.py +258 -0
- icdev/tools/db/migrations/006_phase_36_evolution/down.py +21 -0
- icdev/tools/db/migrations/006_phase_36_evolution/up.py +323 -0
- icdev/tools/db/migrations/007_phase_38_cloud/down.py +14 -0
- icdev/tools/db/migrations/007_phase_38_cloud/up.py +110 -0
- icdev/tools/db/migrations/008_phase36_37_integration/up.py +55 -0
- icdev/tools/db/migrations/__init__.py +2 -0
- icdev/tools/devsecops/__init__.py +2 -0
- icdev/tools/devsecops/attestation_manager.py +458 -0
- icdev/tools/devsecops/network_segmentation_generator.py +614 -0
- icdev/tools/devsecops/pdp_config_generator.py +1256 -0
- icdev/tools/devsecops/pipeline_security_generator.py +484 -0
- icdev/tools/devsecops/policy_generator.py +653 -0
- icdev/tools/devsecops/profile_manager.py +388 -0
- icdev/tools/devsecops/service_mesh_generator.py +1073 -0
- icdev/tools/devsecops/zta_maturity_scorer.py +368 -0
- icdev/tools/devsecops/zta_terraform_generator.py +1303 -0
- icdev/tools/dx/__init__.py +3 -0
- icdev/tools/dx/companion.py +266 -0
- icdev/tools/dx/instruction_generator.py +753 -0
- icdev/tools/dx/mcp_config_generator.py +282 -0
- icdev/tools/dx/skill_translator.py +425 -0
- icdev/tools/dx/tool_detector.py +144 -0
- icdev/tools/extensions/__init__.py +21 -0
- icdev/tools/extensions/builtins/010_ai_governance_chat.py +277 -0
- icdev/tools/extensions/builtins/__init__.py +2 -0
- icdev/tools/extensions/extension_manager.py +455 -0
- icdev/tools/infra/__init__.py +1 -0
- icdev/tools/infra/ansible_generator.py +869 -0
- icdev/tools/infra/dockerfile_generator.py +361 -0
- icdev/tools/infra/infra_status.py +393 -0
- icdev/tools/infra/ironbank_metadata_generator.py +411 -0
- icdev/tools/infra/k8s_generator.py +1002 -0
- icdev/tools/infra/pipeline_generator.py +832 -0
- icdev/tools/infra/rollback.py +400 -0
- icdev/tools/infra/terraform_generator.py +1142 -0
- icdev/tools/infra/terraform_generator_azure.py +1254 -0
- icdev/tools/infra/terraform_generator_gcp.py +953 -0
- icdev/tools/infra/terraform_generator_ibm.py +360 -0
- icdev/tools/infra/terraform_generator_oci.py +919 -0
- icdev/tools/infra/terraform_generator_onprem.py +319 -0
- icdev/tools/innovation/__init__.py +8 -0
- icdev/tools/innovation/competitive_intel.py +492 -0
- icdev/tools/innovation/innovation_manager.py +681 -0
- icdev/tools/innovation/introspective_analyzer.py +774 -0
- icdev/tools/innovation/register_external_patterns.py +440 -0
- icdev/tools/innovation/signal_ranker.py +1038 -0
- icdev/tools/innovation/solution_generator.py +697 -0
- icdev/tools/innovation/standards_monitor.py +466 -0
- icdev/tools/innovation/trend_detector.py +1046 -0
- icdev/tools/innovation/triage_engine.py +1149 -0
- icdev/tools/innovation/web_scanner.py +894 -0
- icdev/tools/installer/__init__.py +1 -0
- icdev/tools/installer/compliance_configurator.py +637 -0
- icdev/tools/installer/installer.py +1711 -0
- icdev/tools/installer/module_registry.py +805 -0
- icdev/tools/installer/platform_setup.py +961 -0
- icdev/tools/integration/__init__.py +2 -0
- icdev/tools/integration/approval_manager.py +561 -0
- icdev/tools/integration/doors_exporter.py +627 -0
- icdev/tools/integration/gitlab_connector.py +784 -0
- icdev/tools/integration/jira_connector.py +774 -0
- icdev/tools/integration/servicenow_connector.py +693 -0
- icdev/tools/knowledge/__init__.py +1 -0
- icdev/tools/knowledge/knowledge_ingest.py +293 -0
- icdev/tools/knowledge/pattern_detector.py +693 -0
- icdev/tools/knowledge/recommendation_engine.py +461 -0
- icdev/tools/knowledge/self_heal_analyzer.py +504 -0
- icdev/tools/llm/__init__.py +72 -0
- icdev/tools/llm/anthropic_provider.py +170 -0
- icdev/tools/llm/azure_openai_provider.py +338 -0
- icdev/tools/llm/bedrock_provider.py +315 -0
- icdev/tools/llm/embedding_provider.py +438 -0
- icdev/tools/llm/gemini_provider.py +381 -0
- icdev/tools/llm/ibm_watsonx_provider.py +232 -0
- icdev/tools/llm/oci_genai_provider.py +462 -0
- icdev/tools/llm/ollama_provider.py +340 -0
- icdev/tools/llm/openai_provider.py +225 -0
- icdev/tools/llm/provider.py +355 -0
- icdev/tools/llm/provider_sdk.py +175 -0
- icdev/tools/llm/router.py +780 -0
- icdev/tools/llm/vertex_ai_provider.py +374 -0
- icdev/tools/maintenance/__init__.py +2 -0
- icdev/tools/maintenance/dependency_scanner.py +1030 -0
- icdev/tools/maintenance/maintenance_auditor.py +815 -0
- icdev/tools/maintenance/remediation_engine.py +966 -0
- icdev/tools/maintenance/vulnerability_checker.py +987 -0
- icdev/tools/mbse/__init__.py +3 -0
- icdev/tools/mbse/des_assessor.py +1186 -0
- icdev/tools/mbse/des_report_generator.py +800 -0
- icdev/tools/mbse/diagram_extractor.py +811 -0
- icdev/tools/mbse/digital_thread.py +1665 -0
- icdev/tools/mbse/model_code_generator.py +1122 -0
- icdev/tools/mbse/model_control_mapper.py +420 -0
- icdev/tools/mbse/pi_model_tracker.py +1093 -0
- icdev/tools/mbse/reqif_parser.py +1483 -0
- icdev/tools/mbse/sync_engine.py +1805 -0
- icdev/tools/mbse/xmi_parser.py +1573 -0
- icdev/tools/mcp/__init__.py +1 -0
- icdev/tools/mcp/base_server.py +535 -0
- icdev/tools/mcp/builder_server.py +725 -0
- icdev/tools/mcp/compliance_server.py +1407 -0
- icdev/tools/mcp/context_indexer.py +199 -0
- icdev/tools/mcp/context_server.py +305 -0
- icdev/tools/mcp/core_server.py +679 -0
- icdev/tools/mcp/devsecops_server.py +432 -0
- icdev/tools/mcp/gap_handlers.py +1079 -0
- icdev/tools/mcp/gateway_server.py +339 -0
- icdev/tools/mcp/generate_registry.py +623 -0
- icdev/tools/mcp/infra_server.py +264 -0
- icdev/tools/mcp/innovation_server.py +316 -0
- icdev/tools/mcp/integration_server.py +527 -0
- icdev/tools/mcp/knowledge_server.py +429 -0
- icdev/tools/mcp/maintenance_server.py +248 -0
- icdev/tools/mcp/marketplace_server.py +499 -0
- icdev/tools/mcp/mbse_server.py +398 -0
- icdev/tools/mcp/modernization_server.py +496 -0
- icdev/tools/mcp/observability_server.py +354 -0
- icdev/tools/mcp/requirements_server.py +415 -0
- icdev/tools/mcp/simulation_server.py +468 -0
- icdev/tools/mcp/standalone/__init__.py +2 -0
- icdev/tools/mcp/standalone/builder.py +59 -0
- icdev/tools/mcp/standalone/compliance.py +59 -0
- icdev/tools/mcp/standalone/core.py +59 -0
- icdev/tools/mcp/standalone/knowledge.py +59 -0
- icdev/tools/mcp/standalone/maintenance.py +59 -0
- icdev/tools/mcp/supply_chain_server.py +476 -0
- icdev/tools/mcp/tool_registry.py +2008 -0
- icdev/tools/mcp/unified_server.py +158 -0
- icdev/tools/memory/__init__.py +2 -0
- icdev/tools/memory/auto_capture.py +347 -0
- icdev/tools/memory/embed_memory.py +158 -0
- icdev/tools/memory/history_compressor.py +334 -0
- icdev/tools/memory/hybrid_search.py +236 -0
- icdev/tools/memory/maintenance_cron.py +289 -0
- icdev/tools/memory/memory_consolidation.py +444 -0
- icdev/tools/memory/memory_db.py +133 -0
- icdev/tools/memory/memory_read.py +102 -0
- icdev/tools/memory/memory_write.py +222 -0
- icdev/tools/memory/semantic_search.py +139 -0
- icdev/tools/memory/time_decay.py +435 -0
- icdev/tools/modernization/__init__.py +3 -0
- icdev/tools/modernization/architecture_extractor.py +734 -0
- icdev/tools/modernization/compliance_bridge.py +1499 -0
- icdev/tools/modernization/db_migration_planner.py +1385 -0
- icdev/tools/modernization/doc_generator.py +1428 -0
- icdev/tools/modernization/framework_migrator.py +1525 -0
- icdev/tools/modernization/legacy_analyzer.py +1948 -0
- icdev/tools/modernization/migration_code_generator.py +1639 -0
- icdev/tools/modernization/migration_report_generator.py +1653 -0
- icdev/tools/modernization/migration_tracker.py +1726 -0
- icdev/tools/modernization/monolith_decomposer.py +1508 -0
- icdev/tools/modernization/seven_r_assessor.py +1658 -0
- icdev/tools/modernization/strangler_fig_manager.py +1705 -0
- icdev/tools/modernization/ui_analyzer.py +771 -0
- icdev/tools/modernization/version_migrator.py +1392 -0
- icdev/tools/monitor/__init__.py +1 -0
- icdev/tools/monitor/alert_correlator.py +495 -0
- icdev/tools/monitor/auto_resolver.py +612 -0
- icdev/tools/monitor/health_checker.py +509 -0
- icdev/tools/monitor/heartbeat_daemon.py +792 -0
- icdev/tools/monitor/log_analyzer.py +516 -0
- icdev/tools/monitor/metric_collector.py +496 -0
- icdev/tools/mosa/__init__.py +10 -0
- icdev/tools/mosa/icd_generator.py +370 -0
- icdev/tools/mosa/modular_design_analyzer.py +683 -0
- icdev/tools/mosa/mosa_code_enforcer.py +349 -0
- icdev/tools/mosa/tsp_generator.py +265 -0
- icdev/tools/observability/__init__.py +100 -0
- icdev/tools/observability/genai_attributes.py +88 -0
- icdev/tools/observability/instrumentation.py +140 -0
- icdev/tools/observability/mlflow_exporter.py +194 -0
- icdev/tools/observability/otel_tracer.py +168 -0
- icdev/tools/observability/provenance/__init__.py +3 -0
- icdev/tools/observability/provenance/prov_recorder.py +324 -0
- icdev/tools/observability/shap/__init__.py +3 -0
- icdev/tools/observability/shap/agent_shap.py +275 -0
- icdev/tools/observability/sqlite_tracer.py +361 -0
- icdev/tools/observability/trace_context.py +205 -0
- icdev/tools/observability/tracer.py +230 -0
- icdev/tools/orchestration/__init__.py +2 -0
- icdev/tools/orchestration/workflow_composer.py +361 -0
- icdev/tools/project/__init__.py +1 -0
- icdev/tools/project/manifest_loader.py +418 -0
- icdev/tools/project/project_create.py +350 -0
- icdev/tools/project/project_list.py +174 -0
- icdev/tools/project/project_scaffold.py +1715 -0
- icdev/tools/project/project_status.py +479 -0
- icdev/tools/project/session_context_builder.py +757 -0
- icdev/tools/project/validate_manifest.py +55 -0
- icdev/tools/registry/__init__.py +10 -0
- icdev/tools/registry/absorption_engine.py +832 -0
- icdev/tools/registry/capability_evaluator.py +668 -0
- icdev/tools/registry/child_registry.py +617 -0
- icdev/tools/registry/cross_pollinator.py +1065 -0
- icdev/tools/registry/genome_manager.py +671 -0
- icdev/tools/registry/learning_collector.py +912 -0
- icdev/tools/registry/propagation_manager.py +942 -0
- icdev/tools/registry/staging_manager.py +742 -0
- icdev/tools/registry/telemetry_collector.py +423 -0
- icdev/tools/requirements/__init__.py +1 -0
- icdev/tools/requirements/ai_governance_scorer.py +208 -0
- icdev/tools/requirements/boundary_analyzer.py +1293 -0
- icdev/tools/requirements/clarification_engine.py +618 -0
- icdev/tools/requirements/complexity_scorer.py +387 -0
- icdev/tools/requirements/consistency_analyzer.py +803 -0
- icdev/tools/requirements/constitution_manager.py +605 -0
- icdev/tools/requirements/decomposition_engine.py +778 -0
- icdev/tools/requirements/document_extractor.py +1016 -0
- icdev/tools/requirements/elicitation_techniques.py +519 -0
- icdev/tools/requirements/gap_detector.py +271 -0
- icdev/tools/requirements/intake_engine.py +2188 -0
- icdev/tools/requirements/prd_generator.py +847 -0
- icdev/tools/requirements/prd_validator.py +595 -0
- icdev/tools/requirements/readiness_scorer.py +313 -0
- icdev/tools/requirements/spec_organizer.py +1029 -0
- icdev/tools/requirements/spec_quality_checker.py +1097 -0
- icdev/tools/requirements/traceability_builder.py +579 -0
- icdev/tools/resilience/__init__.py +34 -0
- icdev/tools/resilience/circuit_breaker.py +340 -0
- icdev/tools/resilience/correlation.py +150 -0
- icdev/tools/resilience/errors.py +81 -0
- icdev/tools/resilience/retry.py +95 -0
- icdev/tools/schemas/__init__.py +27 -0
- icdev/tools/schemas/chat.py +61 -0
- icdev/tools/schemas/compliance.py +56 -0
- icdev/tools/schemas/core.py +85 -0
- icdev/tools/schemas/innovation.py +37 -0
- icdev/tools/schemas/validation.py +109 -0
- icdev/tools/sdk/__init__.py +3 -0
- icdev/tools/sdk/icdev_client.py +218 -0
- icdev/tools/security/__init__.py +1 -0
- icdev/tools/security/agent_output_validator.py +330 -0
- icdev/tools/security/agent_trust_scorer.py +466 -0
- icdev/tools/security/ai_bom_generator.py +725 -0
- icdev/tools/security/ai_telemetry_logger.py +469 -0
- icdev/tools/security/atlas_red_team.py +543 -0
- icdev/tools/security/code_pattern_scanner.py +378 -0
- icdev/tools/security/confabulation_detector.py +271 -0
- icdev/tools/security/container_scanner.py +491 -0
- icdev/tools/security/dependency_auditor.py +944 -0
- icdev/tools/security/endpoint_security_scanner.py +579 -0
- icdev/tools/security/mcp_tool_authorizer.py +243 -0
- icdev/tools/security/prompt_injection_detector.py +737 -0
- icdev/tools/security/sast_runner.py +948 -0
- icdev/tools/security/secret_detector.py +378 -0
- icdev/tools/security/tool_chain_validator.py +357 -0
- icdev/tools/security/vuln_scanner.py +539 -0
- icdev/tools/simulation/__init__.py +2 -0
- icdev/tools/simulation/coa_generator.py +1552 -0
- icdev/tools/simulation/monte_carlo.py +758 -0
- icdev/tools/simulation/scenario_manager.py +1073 -0
- icdev/tools/simulation/simulation_engine.py +1104 -0
- icdev/tools/supply_chain/__init__.py +2 -0
- icdev/tools/supply_chain/cve_triager.py +705 -0
- icdev/tools/supply_chain/dependency_graph.py +645 -0
- icdev/tools/supply_chain/isa_manager.py +540 -0
- icdev/tools/supply_chain/scrm_assessor.py +546 -0
- icdev/tools/testing/__init__.py +2 -0
- icdev/tools/testing/acceptance_validator.py +411 -0
- icdev/tools/testing/claude_dir_validator.py +831 -0
- icdev/tools/testing/data_types.py +199 -0
- icdev/tools/testing/e2e_runner.py +715 -0
- icdev/tools/testing/fuzz_cli.py +306 -0
- icdev/tools/testing/health_check.py +483 -0
- icdev/tools/testing/platform_check.py +143 -0
- icdev/tools/testing/production_audit.py +1862 -0
- icdev/tools/testing/production_remediate.py +804 -0
- icdev/tools/testing/screenshot_validator.py +539 -0
- icdev/tools/testing/smoke_test.py +283 -0
- icdev/tools/testing/test_agent_models.py +117 -0
- icdev/tools/testing/test_orchestrator.py +957 -0
- icdev/tools/testing/utils.py +229 -0
- icdev/tools/translation/__init__.py +17 -0
- icdev/tools/translation/code_translator.py +550 -0
- icdev/tools/translation/dependency_mapper.py +277 -0
- icdev/tools/translation/feature_map.py +395 -0
- icdev/tools/translation/project_assembler.py +439 -0
- icdev/tools/translation/source_extractor.py +609 -0
- icdev/tools/translation/test_translator.py +333 -0
- icdev/tools/translation/translation_manager.py +582 -0
- icdev/tools/translation/translation_validator.py +662 -0
- icdev/tools/translation/type_checker.py +371 -0
- icdev-1.0.0.dist-info/METADATA +868 -0
- icdev-1.0.0.dist-info/RECORD +1105 -0
- icdev-1.0.0.dist-info/WHEEL +5 -0
- icdev-1.0.0.dist-info/entry_points.txt +9 -0
- icdev-1.0.0.dist-info/licenses/LICENSE +254 -0
- icdev-1.0.0.dist-info/licenses/NOTICE +268 -0
- icdev-1.0.0.dist-info/top_level.txt +1 -0
|
@@ -0,0 +1,1407 @@
|
|
|
1
|
+
#!/usr/bin/env python3
|
|
2
|
+
# CUI // SP-CTI
|
|
3
|
+
"""Compliance MCP server exposing NIST 800-53, SSP, POAM, STIG, SBOM, and CUI tools.
|
|
4
|
+
|
|
5
|
+
Tools:
|
|
6
|
+
nist_lookup - Look up NIST 800-53 Rev 5 controls by ID or family
|
|
7
|
+
ssp_generate - Generate a System Security Plan document
|
|
8
|
+
poam_generate - Generate a Plan of Action & Milestones document
|
|
9
|
+
stig_check - Run STIG compliance checks against a project
|
|
10
|
+
sbom_generate - Generate a Software Bill of Materials (CycloneDX)
|
|
11
|
+
cui_mark - Apply CUI markings to a file or content
|
|
12
|
+
control_map - Map project activities to NIST 800-53 controls
|
|
13
|
+
|
|
14
|
+
Runs as an MCP server over stdio with Content-Length framing.
|
|
15
|
+
"""
|
|
16
|
+
|
|
17
|
+
import os
|
|
18
|
+
import sys
|
|
19
|
+
from pathlib import Path
|
|
20
|
+
from icdev._paths import get_project_root
|
|
21
|
+
|
|
22
|
+
BASE_DIR = get_project_root()
|
|
23
|
+
DB_PATH = Path(os.environ.get("ICDEV_DB_PATH", str(BASE_DIR / "data" / "icdev.db")))
|
|
24
|
+
|
|
25
|
+
sys.path.insert(0, str(BASE_DIR))
|
|
26
|
+
from icdev.tools.mcp.base_server import MCPServer # noqa: E402
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
# ---------------------------------------------------------------------------
|
|
30
|
+
# Lazy tool imports — tools may still be under construction
|
|
31
|
+
# ---------------------------------------------------------------------------
|
|
32
|
+
|
|
33
|
+
def _import_tool(module_path, func_name):
|
|
34
|
+
"""Dynamically import a function from a module. Returns None if unavailable."""
|
|
35
|
+
try:
|
|
36
|
+
import importlib
|
|
37
|
+
mod = importlib.import_module(module_path)
|
|
38
|
+
return getattr(mod, func_name, None)
|
|
39
|
+
except (ImportError, ModuleNotFoundError, AttributeError):
|
|
40
|
+
return None
|
|
41
|
+
|
|
42
|
+
|
|
43
|
+
# ---------------------------------------------------------------------------
|
|
44
|
+
# Tool handlers
|
|
45
|
+
# ---------------------------------------------------------------------------
|
|
46
|
+
|
|
47
|
+
def handle_nist_lookup(args: dict) -> dict:
|
|
48
|
+
"""Look up a NIST 800-53 control by ID or list controls by family."""
|
|
49
|
+
lookup = _import_tool("icdev.tools.compliance.nist_lookup", "lookup")
|
|
50
|
+
list_family = _import_tool("icdev.tools.compliance.nist_lookup", "list_family")
|
|
51
|
+
list_all_families = _import_tool("icdev.tools.compliance.nist_lookup", "list_all_families")
|
|
52
|
+
|
|
53
|
+
control_id = args.get("control_id")
|
|
54
|
+
family = args.get("family")
|
|
55
|
+
|
|
56
|
+
if control_id and lookup:
|
|
57
|
+
result = lookup(control_id)
|
|
58
|
+
if result:
|
|
59
|
+
return {"control": result}
|
|
60
|
+
return {"error": f"Control not found: {control_id}"}
|
|
61
|
+
|
|
62
|
+
if family and list_family:
|
|
63
|
+
controls = list_family(family)
|
|
64
|
+
return {"family": family, "controls": controls, "count": len(controls)}
|
|
65
|
+
|
|
66
|
+
if list_all_families:
|
|
67
|
+
families = list_all_families()
|
|
68
|
+
return {"families": families}
|
|
69
|
+
|
|
70
|
+
return {"error": "nist_lookup module not available"}
|
|
71
|
+
|
|
72
|
+
|
|
73
|
+
def handle_ssp_generate(args: dict) -> dict:
|
|
74
|
+
"""Generate a System Security Plan for a project."""
|
|
75
|
+
generate = _import_tool("icdev.tools.compliance.ssp_generator", "generate_ssp")
|
|
76
|
+
if not generate:
|
|
77
|
+
return {"error": "ssp_generator module not available yet", "status": "pending"}
|
|
78
|
+
|
|
79
|
+
project_id = args.get("project_id")
|
|
80
|
+
if not project_id:
|
|
81
|
+
raise ValueError("'project_id' is required")
|
|
82
|
+
|
|
83
|
+
output_dir = args.get("output_dir")
|
|
84
|
+
return generate(project_id, output_dir=output_dir, db_path=str(DB_PATH))
|
|
85
|
+
|
|
86
|
+
|
|
87
|
+
def handle_poam_generate(args: dict) -> dict:
|
|
88
|
+
"""Generate a Plan of Action & Milestones document."""
|
|
89
|
+
generate = _import_tool("icdev.tools.compliance.poam_generator", "generate_poam")
|
|
90
|
+
if not generate:
|
|
91
|
+
return {"error": "poam_generator module not available yet", "status": "pending"}
|
|
92
|
+
|
|
93
|
+
project_id = args.get("project_id")
|
|
94
|
+
if not project_id:
|
|
95
|
+
raise ValueError("'project_id' is required")
|
|
96
|
+
|
|
97
|
+
output_dir = args.get("output_dir")
|
|
98
|
+
return generate(project_id, output_dir=output_dir, db_path=str(DB_PATH))
|
|
99
|
+
|
|
100
|
+
|
|
101
|
+
def handle_stig_check(args: dict) -> dict:
|
|
102
|
+
"""Run STIG compliance checks against a project."""
|
|
103
|
+
check = _import_tool("icdev.tools.compliance.stig_checker", "check_project")
|
|
104
|
+
if not check:
|
|
105
|
+
return {"error": "stig_checker module not available yet", "status": "pending"}
|
|
106
|
+
|
|
107
|
+
project_id = args.get("project_id")
|
|
108
|
+
if not project_id:
|
|
109
|
+
raise ValueError("'project_id' is required")
|
|
110
|
+
|
|
111
|
+
stig_profile = args.get("stig_profile", "webapp")
|
|
112
|
+
return check(project_id, stig_profile=stig_profile, db_path=str(DB_PATH))
|
|
113
|
+
|
|
114
|
+
|
|
115
|
+
def handle_sbom_generate(args: dict) -> dict:
|
|
116
|
+
"""Generate a Software Bill of Materials (CycloneDX format)."""
|
|
117
|
+
generate = _import_tool("icdev.tools.compliance.sbom_generator", "generate_sbom")
|
|
118
|
+
if not generate:
|
|
119
|
+
return {"error": "sbom_generator module not available yet", "status": "pending"}
|
|
120
|
+
|
|
121
|
+
project_dir = args.get("project_dir")
|
|
122
|
+
if not project_dir:
|
|
123
|
+
raise ValueError("'project_dir' is required")
|
|
124
|
+
|
|
125
|
+
project_id = args.get("project_id")
|
|
126
|
+
return generate(project_dir, project_id=project_id, db_path=str(DB_PATH))
|
|
127
|
+
|
|
128
|
+
|
|
129
|
+
def handle_cui_mark(args: dict) -> dict:
|
|
130
|
+
"""Apply CUI markings to a file or content string."""
|
|
131
|
+
mark_file = _import_tool("icdev.tools.compliance.cui_marker", "mark_file")
|
|
132
|
+
mark_content = _import_tool("icdev.tools.compliance.cui_marker", "mark_content")
|
|
133
|
+
|
|
134
|
+
file_path = args.get("file_path")
|
|
135
|
+
content = args.get("content")
|
|
136
|
+
marking = args.get("marking", "CUI // SP-CTI")
|
|
137
|
+
|
|
138
|
+
if file_path and mark_file:
|
|
139
|
+
result = mark_file(file_path, marking=marking)
|
|
140
|
+
return {"file": file_path, "marked": True, "details": result}
|
|
141
|
+
|
|
142
|
+
if content and mark_content:
|
|
143
|
+
marked = mark_content(content, marking=marking)
|
|
144
|
+
return {"marked_content": marked}
|
|
145
|
+
|
|
146
|
+
if not mark_file and not mark_content:
|
|
147
|
+
return {"error": "cui_marker module not available"}
|
|
148
|
+
|
|
149
|
+
return {"error": "Provide either 'file_path' or 'content'"}
|
|
150
|
+
|
|
151
|
+
|
|
152
|
+
def handle_control_map(args: dict) -> dict:
|
|
153
|
+
"""Map a project activity to NIST 800-53 controls."""
|
|
154
|
+
map_activity = _import_tool("icdev.tools.compliance.control_mapper", "map_activity")
|
|
155
|
+
if not map_activity:
|
|
156
|
+
return {"error": "control_mapper module not available"}
|
|
157
|
+
|
|
158
|
+
activity = args.get("activity")
|
|
159
|
+
project_id = args.get("project_id")
|
|
160
|
+
if not activity:
|
|
161
|
+
raise ValueError("'activity' is required")
|
|
162
|
+
|
|
163
|
+
return map_activity(activity, project_id=project_id, db_path=str(DB_PATH))
|
|
164
|
+
|
|
165
|
+
|
|
166
|
+
# ---------------------------------------------------------------------------
|
|
167
|
+
# CSSP tool handlers
|
|
168
|
+
# ---------------------------------------------------------------------------
|
|
169
|
+
|
|
170
|
+
def handle_cssp_assess(args: dict) -> dict:
|
|
171
|
+
"""Run CSSP assessment per DI 8530.01."""
|
|
172
|
+
assess = _import_tool("icdev.tools.compliance.cssp_assessor", "assess_project")
|
|
173
|
+
if not assess:
|
|
174
|
+
return {"error": "cssp_assessor module not available yet", "status": "pending"}
|
|
175
|
+
|
|
176
|
+
project_id = args.get("project_id")
|
|
177
|
+
if not project_id:
|
|
178
|
+
raise ValueError("'project_id' is required")
|
|
179
|
+
|
|
180
|
+
functional_area = args.get("functional_area", "all")
|
|
181
|
+
return assess(project_id, functional_area=functional_area, db_path=str(DB_PATH))
|
|
182
|
+
|
|
183
|
+
|
|
184
|
+
def handle_cssp_report(args: dict) -> dict:
|
|
185
|
+
"""Generate a CSSP certification report."""
|
|
186
|
+
generate = _import_tool("icdev.tools.compliance.cssp_report_generator", "generate_cssp_report")
|
|
187
|
+
if not generate:
|
|
188
|
+
return {"error": "cssp_report_generator module not available yet", "status": "pending"}
|
|
189
|
+
|
|
190
|
+
project_id = args.get("project_id")
|
|
191
|
+
if not project_id:
|
|
192
|
+
raise ValueError("'project_id' is required")
|
|
193
|
+
|
|
194
|
+
output_dir = args.get("output_dir")
|
|
195
|
+
return generate(project_id, output_dir=output_dir, db_path=str(DB_PATH))
|
|
196
|
+
|
|
197
|
+
|
|
198
|
+
def handle_cssp_ir_plan(args: dict) -> dict:
|
|
199
|
+
"""Generate an Incident Response Plan per CSSP SOC requirements."""
|
|
200
|
+
generate = _import_tool("icdev.tools.compliance.incident_response_plan", "generate_ir_plan")
|
|
201
|
+
if not generate:
|
|
202
|
+
return {"error": "incident_response_plan module not available yet", "status": "pending"}
|
|
203
|
+
|
|
204
|
+
project_id = args.get("project_id")
|
|
205
|
+
if not project_id:
|
|
206
|
+
raise ValueError("'project_id' is required")
|
|
207
|
+
|
|
208
|
+
output_dir = args.get("output_dir")
|
|
209
|
+
return generate(project_id, output_dir=output_dir, db_path=str(DB_PATH))
|
|
210
|
+
|
|
211
|
+
|
|
212
|
+
def handle_cssp_evidence(args: dict) -> dict:
|
|
213
|
+
"""Collect and index evidence artifacts for CSSP assessment."""
|
|
214
|
+
collect = _import_tool("icdev.tools.compliance.cssp_evidence_collector", "collect_evidence")
|
|
215
|
+
if not collect:
|
|
216
|
+
return {"error": "cssp_evidence_collector module not available yet", "status": "pending"}
|
|
217
|
+
|
|
218
|
+
project_id = args.get("project_id")
|
|
219
|
+
if not project_id:
|
|
220
|
+
raise ValueError("'project_id' is required")
|
|
221
|
+
|
|
222
|
+
project_dir = args.get("project_dir")
|
|
223
|
+
return collect(project_id, project_dir=project_dir, db_path=str(DB_PATH))
|
|
224
|
+
|
|
225
|
+
|
|
226
|
+
# ---------------------------------------------------------------------------
|
|
227
|
+
# Xacta integration handlers
|
|
228
|
+
# ---------------------------------------------------------------------------
|
|
229
|
+
|
|
230
|
+
def handle_xacta_sync(args: dict) -> dict:
|
|
231
|
+
"""Sync project compliance data to Xacta 360."""
|
|
232
|
+
sync = _import_tool("icdev.tools.compliance.xacta.xacta_sync", "sync_to_xacta")
|
|
233
|
+
if not sync:
|
|
234
|
+
return {"error": "xacta_sync module not available yet", "status": "pending"}
|
|
235
|
+
|
|
236
|
+
project_id = args.get("project_id")
|
|
237
|
+
if not project_id:
|
|
238
|
+
raise ValueError("'project_id' is required")
|
|
239
|
+
|
|
240
|
+
mode = args.get("mode", "hybrid")
|
|
241
|
+
return sync(project_id, mode=mode, db_path=str(DB_PATH))
|
|
242
|
+
|
|
243
|
+
|
|
244
|
+
def handle_xacta_export(args: dict) -> dict:
|
|
245
|
+
"""Generate Xacta 360-compatible export files."""
|
|
246
|
+
export_all = _import_tool("icdev.tools.compliance.xacta.xacta_export", "export_all")
|
|
247
|
+
if not export_all:
|
|
248
|
+
return {"error": "xacta_export module not available yet", "status": "pending"}
|
|
249
|
+
|
|
250
|
+
project_id = args.get("project_id")
|
|
251
|
+
if not project_id:
|
|
252
|
+
raise ValueError("'project_id' is required")
|
|
253
|
+
|
|
254
|
+
export_format = args.get("format", "oscal")
|
|
255
|
+
return export_all(project_id, export_format=export_format, db_path=str(DB_PATH))
|
|
256
|
+
|
|
257
|
+
|
|
258
|
+
# ---------------------------------------------------------------------------
|
|
259
|
+
# SbD (Secure by Design) handlers
|
|
260
|
+
# ---------------------------------------------------------------------------
|
|
261
|
+
|
|
262
|
+
def handle_sbd_assess(args: dict) -> dict:
|
|
263
|
+
"""Run Secure by Design assessment per CISA commitments and DoDI 5000.87."""
|
|
264
|
+
assess = _import_tool("icdev.tools.compliance.sbd_assessor", "run_sbd_assessment")
|
|
265
|
+
if not assess:
|
|
266
|
+
return {"error": "sbd_assessor module not available yet", "status": "pending"}
|
|
267
|
+
|
|
268
|
+
project_id = args.get("project_id")
|
|
269
|
+
if not project_id:
|
|
270
|
+
raise ValueError("'project_id' is required")
|
|
271
|
+
|
|
272
|
+
domain = args.get("domain", "all")
|
|
273
|
+
project_dir = args.get("project_dir")
|
|
274
|
+
return assess(project_id, domain=domain, project_dir=project_dir, db_path=str(DB_PATH))
|
|
275
|
+
|
|
276
|
+
|
|
277
|
+
def handle_sbd_report(args: dict) -> dict:
|
|
278
|
+
"""Generate a Secure by Design assessment report."""
|
|
279
|
+
generate = _import_tool("icdev.tools.compliance.sbd_report_generator", "generate_sbd_report")
|
|
280
|
+
if not generate:
|
|
281
|
+
return {"error": "sbd_report_generator module not available yet", "status": "pending"}
|
|
282
|
+
|
|
283
|
+
project_id = args.get("project_id")
|
|
284
|
+
if not project_id:
|
|
285
|
+
raise ValueError("'project_id' is required")
|
|
286
|
+
|
|
287
|
+
output_dir = args.get("output_dir")
|
|
288
|
+
return generate(project_id, output_path=output_dir, db_path=str(DB_PATH))
|
|
289
|
+
|
|
290
|
+
|
|
291
|
+
# ---------------------------------------------------------------------------
|
|
292
|
+
# IV&V (Independent Verification & Validation) handlers
|
|
293
|
+
# ---------------------------------------------------------------------------
|
|
294
|
+
|
|
295
|
+
def handle_ivv_assess(args: dict) -> dict:
|
|
296
|
+
"""Run IV&V assessment per IEEE 1012."""
|
|
297
|
+
assess = _import_tool("icdev.tools.compliance.ivv_assessor", "run_ivv_assessment")
|
|
298
|
+
if not assess:
|
|
299
|
+
return {"error": "ivv_assessor module not available yet", "status": "pending"}
|
|
300
|
+
|
|
301
|
+
project_id = args.get("project_id")
|
|
302
|
+
if not project_id:
|
|
303
|
+
raise ValueError("'project_id' is required")
|
|
304
|
+
|
|
305
|
+
process_area = args.get("process_area", "all")
|
|
306
|
+
project_dir = args.get("project_dir")
|
|
307
|
+
return assess(project_id, process_area=process_area, project_dir=project_dir, db_path=str(DB_PATH))
|
|
308
|
+
|
|
309
|
+
|
|
310
|
+
def handle_ivv_report(args: dict) -> dict:
|
|
311
|
+
"""Generate an IV&V certification report."""
|
|
312
|
+
generate = _import_tool("icdev.tools.compliance.ivv_report_generator", "generate_ivv_report")
|
|
313
|
+
if not generate:
|
|
314
|
+
return {"error": "ivv_report_generator module not available yet", "status": "pending"}
|
|
315
|
+
|
|
316
|
+
project_id = args.get("project_id")
|
|
317
|
+
if not project_id:
|
|
318
|
+
raise ValueError("'project_id' is required")
|
|
319
|
+
|
|
320
|
+
output_dir = args.get("output_dir")
|
|
321
|
+
return generate(project_id, output_path=output_dir, db_path=str(DB_PATH))
|
|
322
|
+
|
|
323
|
+
|
|
324
|
+
def handle_rtm_generate(args: dict) -> dict:
|
|
325
|
+
"""Generate a Requirements Traceability Matrix (RTM)."""
|
|
326
|
+
generate = _import_tool("icdev.tools.compliance.traceability_matrix", "generate_rtm")
|
|
327
|
+
if not generate:
|
|
328
|
+
return {"error": "traceability_matrix module not available yet", "status": "pending"}
|
|
329
|
+
|
|
330
|
+
project_id = args.get("project_id")
|
|
331
|
+
if not project_id:
|
|
332
|
+
raise ValueError("'project_id' is required")
|
|
333
|
+
|
|
334
|
+
project_dir = args.get("project_dir")
|
|
335
|
+
return generate(project_id, project_dir=project_dir, db_path=str(DB_PATH))
|
|
336
|
+
|
|
337
|
+
|
|
338
|
+
# ---------------------------------------------------------------------------
|
|
339
|
+
# Multi-Framework Compliance handlers (Phase 17)
|
|
340
|
+
# ---------------------------------------------------------------------------
|
|
341
|
+
|
|
342
|
+
def handle_crosswalk_query(args: dict) -> dict:
|
|
343
|
+
"""Query the control crosswalk engine for multi-framework mappings."""
|
|
344
|
+
action = args.get("action", "frameworks_for_control")
|
|
345
|
+
control_id = args.get("control_id")
|
|
346
|
+
framework = args.get("framework")
|
|
347
|
+
baseline = args.get("baseline")
|
|
348
|
+
project_id = args.get("project_id")
|
|
349
|
+
il_level = args.get("impact_level")
|
|
350
|
+
|
|
351
|
+
if action == "frameworks_for_control":
|
|
352
|
+
fn = _import_tool("icdev.tools.compliance.crosswalk_engine", "get_frameworks_for_control")
|
|
353
|
+
if not fn:
|
|
354
|
+
return {"error": "crosswalk_engine module not available yet", "status": "pending"}
|
|
355
|
+
if not control_id:
|
|
356
|
+
raise ValueError("'control_id' is required for frameworks_for_control")
|
|
357
|
+
return {"control_id": control_id, "frameworks": fn(control_id)}
|
|
358
|
+
|
|
359
|
+
elif action == "controls_for_framework":
|
|
360
|
+
fn = _import_tool("icdev.tools.compliance.crosswalk_engine", "get_controls_for_framework")
|
|
361
|
+
if not fn:
|
|
362
|
+
return {"error": "crosswalk_engine module not available yet", "status": "pending"}
|
|
363
|
+
if not framework:
|
|
364
|
+
raise ValueError("'framework' is required for controls_for_framework")
|
|
365
|
+
controls = fn(framework, baseline=baseline)
|
|
366
|
+
return {"framework": framework, "baseline": baseline, "controls": controls, "count": len(controls)}
|
|
367
|
+
|
|
368
|
+
elif action == "controls_for_impact_level":
|
|
369
|
+
fn = _import_tool("icdev.tools.compliance.crosswalk_engine", "get_controls_for_impact_level")
|
|
370
|
+
if not fn:
|
|
371
|
+
return {"error": "crosswalk_engine module not available yet", "status": "pending"}
|
|
372
|
+
if not il_level:
|
|
373
|
+
raise ValueError("'impact_level' is required for controls_for_impact_level")
|
|
374
|
+
controls = fn(il_level)
|
|
375
|
+
return {"impact_level": il_level, "controls": controls, "count": len(controls)}
|
|
376
|
+
|
|
377
|
+
elif action == "coverage":
|
|
378
|
+
fn = _import_tool("icdev.tools.compliance.crosswalk_engine", "compute_crosswalk_coverage")
|
|
379
|
+
if not fn:
|
|
380
|
+
return {"error": "crosswalk_engine module not available yet", "status": "pending"}
|
|
381
|
+
if not project_id:
|
|
382
|
+
raise ValueError("'project_id' is required for coverage")
|
|
383
|
+
return fn(project_id, db_path=str(DB_PATH))
|
|
384
|
+
|
|
385
|
+
elif action == "gap_analysis":
|
|
386
|
+
fn = _import_tool("icdev.tools.compliance.crosswalk_engine", "get_gap_analysis")
|
|
387
|
+
if not fn:
|
|
388
|
+
return {"error": "crosswalk_engine module not available yet", "status": "pending"}
|
|
389
|
+
if not project_id or not framework:
|
|
390
|
+
raise ValueError("'project_id' and 'framework' are required for gap_analysis")
|
|
391
|
+
gaps = fn(project_id, framework, baseline=baseline, db_path=str(DB_PATH))
|
|
392
|
+
return {"project_id": project_id, "framework": framework, "gaps": gaps, "gap_count": len(gaps)}
|
|
393
|
+
|
|
394
|
+
return {"error": f"Unknown action: {action}"}
|
|
395
|
+
|
|
396
|
+
|
|
397
|
+
def handle_fedramp_assess(args: dict) -> dict:
|
|
398
|
+
"""Run FedRAMP assessment against a project."""
|
|
399
|
+
assess = _import_tool("icdev.tools.compliance.fedramp_assessor", "run_fedramp_assessment")
|
|
400
|
+
if not assess:
|
|
401
|
+
return {"error": "fedramp_assessor module not available yet", "status": "pending"}
|
|
402
|
+
|
|
403
|
+
project_id = args.get("project_id")
|
|
404
|
+
if not project_id:
|
|
405
|
+
raise ValueError("'project_id' is required")
|
|
406
|
+
|
|
407
|
+
baseline = args.get("baseline", "moderate")
|
|
408
|
+
project_dir = args.get("project_dir")
|
|
409
|
+
return assess(project_id, baseline=baseline, project_dir=project_dir, db_path=str(DB_PATH))
|
|
410
|
+
|
|
411
|
+
|
|
412
|
+
def handle_fedramp_report(args: dict) -> dict:
|
|
413
|
+
"""Generate a FedRAMP assessment report."""
|
|
414
|
+
generate = _import_tool("icdev.tools.compliance.fedramp_report_generator", "generate_fedramp_report")
|
|
415
|
+
if not generate:
|
|
416
|
+
return {"error": "fedramp_report_generator module not available yet", "status": "pending"}
|
|
417
|
+
|
|
418
|
+
project_id = args.get("project_id")
|
|
419
|
+
if not project_id:
|
|
420
|
+
raise ValueError("'project_id' is required")
|
|
421
|
+
|
|
422
|
+
baseline = args.get("baseline", "moderate")
|
|
423
|
+
output_path = args.get("output_path")
|
|
424
|
+
return generate(project_id, baseline=baseline, output_path=output_path, db_path=str(DB_PATH))
|
|
425
|
+
|
|
426
|
+
|
|
427
|
+
def handle_cmmc_assess(args: dict) -> dict:
|
|
428
|
+
"""Run CMMC assessment against a project."""
|
|
429
|
+
assess = _import_tool("icdev.tools.compliance.cmmc_assessor", "run_cmmc_assessment")
|
|
430
|
+
if not assess:
|
|
431
|
+
return {"error": "cmmc_assessor module not available yet", "status": "pending"}
|
|
432
|
+
|
|
433
|
+
project_id = args.get("project_id")
|
|
434
|
+
if not project_id:
|
|
435
|
+
raise ValueError("'project_id' is required")
|
|
436
|
+
|
|
437
|
+
level = args.get("level", 2)
|
|
438
|
+
project_dir = args.get("project_dir")
|
|
439
|
+
return assess(project_id, level=level, project_dir=project_dir, db_path=str(DB_PATH))
|
|
440
|
+
|
|
441
|
+
|
|
442
|
+
def handle_cmmc_report(args: dict) -> dict:
|
|
443
|
+
"""Generate a CMMC assessment report."""
|
|
444
|
+
generate = _import_tool("icdev.tools.compliance.cmmc_report_generator", "generate_cmmc_report")
|
|
445
|
+
if not generate:
|
|
446
|
+
return {"error": "cmmc_report_generator module not available yet", "status": "pending"}
|
|
447
|
+
|
|
448
|
+
project_id = args.get("project_id")
|
|
449
|
+
if not project_id:
|
|
450
|
+
raise ValueError("'project_id' is required")
|
|
451
|
+
|
|
452
|
+
level = args.get("level", 2)
|
|
453
|
+
output_path = args.get("output_path")
|
|
454
|
+
return generate(project_id, level=level, output_path=output_path, db_path=str(DB_PATH))
|
|
455
|
+
|
|
456
|
+
|
|
457
|
+
def handle_oscal_generate(args: dict) -> dict:
|
|
458
|
+
"""Generate OSCAL artifacts for a project."""
|
|
459
|
+
artifact_type = args.get("artifact", "ssp")
|
|
460
|
+
project_id = args.get("project_id")
|
|
461
|
+
if not project_id:
|
|
462
|
+
raise ValueError("'project_id' is required")
|
|
463
|
+
|
|
464
|
+
if artifact_type == "all":
|
|
465
|
+
fn = _import_tool("icdev.tools.compliance.oscal_generator", "generate_all_oscal")
|
|
466
|
+
else:
|
|
467
|
+
fn_map = {
|
|
468
|
+
"ssp": "generate_oscal_ssp",
|
|
469
|
+
"poam": "generate_oscal_poam",
|
|
470
|
+
"assessment_results": "generate_oscal_assessment_results",
|
|
471
|
+
"component_definition": "generate_oscal_component_definition",
|
|
472
|
+
}
|
|
473
|
+
func_name = fn_map.get(artifact_type, "generate_oscal_ssp")
|
|
474
|
+
fn = _import_tool("icdev.tools.compliance.oscal_generator", func_name)
|
|
475
|
+
|
|
476
|
+
if not fn:
|
|
477
|
+
return {"error": "oscal_generator module not available yet", "status": "pending"}
|
|
478
|
+
|
|
479
|
+
args.get("format", "json")
|
|
480
|
+
return fn(project_id, db_path=str(DB_PATH))
|
|
481
|
+
|
|
482
|
+
|
|
483
|
+
def handle_emass_sync(args: dict) -> dict:
|
|
484
|
+
"""Sync project compliance data to eMASS."""
|
|
485
|
+
sync = _import_tool("icdev.tools.compliance.emass.emass_sync", "sync_to_emass")
|
|
486
|
+
if not sync:
|
|
487
|
+
return {"error": "emass_sync module not available yet", "status": "pending"}
|
|
488
|
+
|
|
489
|
+
project_id = args.get("project_id")
|
|
490
|
+
if not project_id:
|
|
491
|
+
raise ValueError("'project_id' is required")
|
|
492
|
+
|
|
493
|
+
mode = args.get("mode", "hybrid")
|
|
494
|
+
return sync(project_id, mode=mode, db_path=str(DB_PATH))
|
|
495
|
+
|
|
496
|
+
|
|
497
|
+
def handle_cato_monitor(args: dict) -> dict:
|
|
498
|
+
"""Monitor cATO evidence freshness and readiness."""
|
|
499
|
+
action = args.get("action", "readiness")
|
|
500
|
+
project_id = args.get("project_id")
|
|
501
|
+
if not project_id:
|
|
502
|
+
raise ValueError("'project_id' is required")
|
|
503
|
+
|
|
504
|
+
if action == "check_freshness":
|
|
505
|
+
fn = _import_tool("icdev.tools.compliance.cato_monitor", "check_evidence_freshness")
|
|
506
|
+
elif action == "auto_reassess":
|
|
507
|
+
fn = _import_tool("icdev.tools.compliance.cato_monitor", "auto_reassess")
|
|
508
|
+
elif action == "dashboard":
|
|
509
|
+
fn = _import_tool("icdev.tools.compliance.cato_monitor", "get_cato_dashboard_data")
|
|
510
|
+
elif action == "expire":
|
|
511
|
+
fn = _import_tool("icdev.tools.compliance.cato_monitor", "expire_old_evidence")
|
|
512
|
+
else:
|
|
513
|
+
fn = _import_tool("icdev.tools.compliance.cato_monitor", "compute_cato_readiness")
|
|
514
|
+
|
|
515
|
+
if not fn:
|
|
516
|
+
return {"error": "cato_monitor module not available yet", "status": "pending"}
|
|
517
|
+
|
|
518
|
+
return fn(project_id, db_path=str(DB_PATH))
|
|
519
|
+
|
|
520
|
+
|
|
521
|
+
def handle_pi_compliance(args: dict) -> dict:
|
|
522
|
+
"""Track compliance across SAFe Program Increments."""
|
|
523
|
+
action = args.get("action", "velocity")
|
|
524
|
+
project_id = args.get("project_id")
|
|
525
|
+
if not project_id:
|
|
526
|
+
raise ValueError("'project_id' is required")
|
|
527
|
+
|
|
528
|
+
if action == "start":
|
|
529
|
+
fn = _import_tool("icdev.tools.compliance.pi_compliance_tracker", "start_pi")
|
|
530
|
+
if not fn:
|
|
531
|
+
return {"error": "pi_compliance_tracker module not available yet", "status": "pending"}
|
|
532
|
+
pi_number = args.get("pi_number")
|
|
533
|
+
start_date = args.get("start_date")
|
|
534
|
+
end_date = args.get("end_date")
|
|
535
|
+
if not pi_number:
|
|
536
|
+
raise ValueError("'pi_number' is required for start action")
|
|
537
|
+
return fn(project_id, pi_number, start_date, end_date, db_path=str(DB_PATH))
|
|
538
|
+
|
|
539
|
+
elif action == "record":
|
|
540
|
+
fn = _import_tool("icdev.tools.compliance.pi_compliance_tracker", "record_pi_progress")
|
|
541
|
+
if not fn:
|
|
542
|
+
return {"error": "pi_compliance_tracker module not available yet", "status": "pending"}
|
|
543
|
+
pi_number = args.get("pi_number")
|
|
544
|
+
if not pi_number:
|
|
545
|
+
raise ValueError("'pi_number' is required for record action")
|
|
546
|
+
return fn(project_id, pi_number, db_path=str(DB_PATH))
|
|
547
|
+
|
|
548
|
+
elif action == "close":
|
|
549
|
+
fn = _import_tool("icdev.tools.compliance.pi_compliance_tracker", "close_pi")
|
|
550
|
+
if not fn:
|
|
551
|
+
return {"error": "pi_compliance_tracker module not available yet", "status": "pending"}
|
|
552
|
+
pi_number = args.get("pi_number")
|
|
553
|
+
if not pi_number:
|
|
554
|
+
raise ValueError("'pi_number' is required for close action")
|
|
555
|
+
return fn(project_id, pi_number, db_path=str(DB_PATH))
|
|
556
|
+
|
|
557
|
+
elif action == "burndown":
|
|
558
|
+
fn = _import_tool("icdev.tools.compliance.pi_compliance_tracker", "get_compliance_burndown")
|
|
559
|
+
if not fn:
|
|
560
|
+
return {"error": "pi_compliance_tracker module not available yet", "status": "pending"}
|
|
561
|
+
return fn(project_id, db_path=str(DB_PATH))
|
|
562
|
+
|
|
563
|
+
elif action == "report":
|
|
564
|
+
fn = _import_tool("icdev.tools.compliance.pi_compliance_tracker", "generate_pi_compliance_report")
|
|
565
|
+
if not fn:
|
|
566
|
+
return {"error": "pi_compliance_tracker module not available yet", "status": "pending"}
|
|
567
|
+
pi_number = args.get("pi_number")
|
|
568
|
+
if not pi_number:
|
|
569
|
+
raise ValueError("'pi_number' is required for report action")
|
|
570
|
+
return fn(project_id, pi_number, db_path=str(DB_PATH))
|
|
571
|
+
|
|
572
|
+
else: # velocity
|
|
573
|
+
fn = _import_tool("icdev.tools.compliance.pi_compliance_tracker", "get_pi_velocity")
|
|
574
|
+
if not fn:
|
|
575
|
+
return {"error": "pi_compliance_tracker module not available yet", "status": "pending"}
|
|
576
|
+
return fn(project_id, db_path=str(DB_PATH))
|
|
577
|
+
|
|
578
|
+
|
|
579
|
+
def handle_classification_check(args: dict) -> dict:
|
|
580
|
+
"""Check and validate project classification markings."""
|
|
581
|
+
action = args.get("action", "validate")
|
|
582
|
+
project_id = args.get("project_id")
|
|
583
|
+
il_level = args.get("impact_level")
|
|
584
|
+
|
|
585
|
+
if action == "validate" and project_id:
|
|
586
|
+
fn = _import_tool("icdev.tools.compliance.classification_manager", "validate_classification")
|
|
587
|
+
if not fn:
|
|
588
|
+
return {"error": "classification_manager module not available yet", "status": "pending"}
|
|
589
|
+
return fn(project_id, db_path=str(DB_PATH))
|
|
590
|
+
|
|
591
|
+
elif action == "banner":
|
|
592
|
+
fn = _import_tool("icdev.tools.compliance.classification_manager", "get_marking_banner")
|
|
593
|
+
if not fn:
|
|
594
|
+
return {"error": "classification_manager module not available yet", "status": "pending"}
|
|
595
|
+
classification = args.get("classification", "CUI")
|
|
596
|
+
return {"banner": fn(classification)}
|
|
597
|
+
|
|
598
|
+
elif action == "baseline" and il_level:
|
|
599
|
+
fn = _import_tool("icdev.tools.compliance.classification_manager", "get_required_baseline")
|
|
600
|
+
if not fn:
|
|
601
|
+
return {"error": "classification_manager module not available yet", "status": "pending"}
|
|
602
|
+
return fn(il_level)
|
|
603
|
+
|
|
604
|
+
elif action == "profile" and il_level:
|
|
605
|
+
fn = _import_tool("icdev.tools.compliance.classification_manager", "get_impact_level_profile")
|
|
606
|
+
if not fn:
|
|
607
|
+
return {"error": "classification_manager module not available yet", "status": "pending"}
|
|
608
|
+
return fn(il_level)
|
|
609
|
+
|
|
610
|
+
return {"error": "Provide 'project_id' for validate or 'impact_level' for baseline/profile"}
|
|
611
|
+
|
|
612
|
+
|
|
613
|
+
# ---------------------------------------------------------------------------
|
|
614
|
+
# FIPS 199/200 Security Categorization handlers (Phase 20)
|
|
615
|
+
# ---------------------------------------------------------------------------
|
|
616
|
+
|
|
617
|
+
def handle_fips199_categorize(args: dict) -> dict:
|
|
618
|
+
"""Run FIPS 199 security categorization."""
|
|
619
|
+
action = args.get("action", "categorize")
|
|
620
|
+
project_id = args.get("project_id")
|
|
621
|
+
if not project_id and action != "list_catalog":
|
|
622
|
+
raise ValueError("'project_id' is required")
|
|
623
|
+
|
|
624
|
+
if action == "list_catalog":
|
|
625
|
+
fn = _import_tool("icdev.tools.compliance.fips199_categorizer", "list_catalog")
|
|
626
|
+
if not fn:
|
|
627
|
+
return {"error": "fips199_categorizer not available"}
|
|
628
|
+
return {"catalog": fn(category=args.get("category")), "status": "ok"}
|
|
629
|
+
|
|
630
|
+
if action == "add_type":
|
|
631
|
+
fn = _import_tool("icdev.tools.compliance.fips199_categorizer", "add_information_type")
|
|
632
|
+
if not fn:
|
|
633
|
+
return {"error": "fips199_categorizer not available"}
|
|
634
|
+
return fn(project_id, args.get("type_id"),
|
|
635
|
+
adjust_c=args.get("adjust_c"), adjust_i=args.get("adjust_i"),
|
|
636
|
+
adjust_a=args.get("adjust_a"),
|
|
637
|
+
adjustment_justification=args.get("justification"),
|
|
638
|
+
db_path=str(DB_PATH))
|
|
639
|
+
|
|
640
|
+
if action == "remove_type":
|
|
641
|
+
fn = _import_tool("icdev.tools.compliance.fips199_categorizer", "remove_information_type")
|
|
642
|
+
if not fn:
|
|
643
|
+
return {"error": "fips199_categorizer not available"}
|
|
644
|
+
return fn(project_id, args.get("type_id"), db_path=str(DB_PATH))
|
|
645
|
+
|
|
646
|
+
if action == "list_types":
|
|
647
|
+
fn = _import_tool("icdev.tools.compliance.fips199_categorizer", "list_information_types")
|
|
648
|
+
if not fn:
|
|
649
|
+
return {"error": "fips199_categorizer not available"}
|
|
650
|
+
return {"types": fn(project_id, db_path=str(DB_PATH))}
|
|
651
|
+
|
|
652
|
+
if action == "get":
|
|
653
|
+
fn = _import_tool("icdev.tools.compliance.fips199_categorizer", "get_categorization")
|
|
654
|
+
if not fn:
|
|
655
|
+
return {"error": "fips199_categorizer not available"}
|
|
656
|
+
result = fn(project_id, db_path=str(DB_PATH))
|
|
657
|
+
return result or {"project_id": project_id, "categorization": None}
|
|
658
|
+
|
|
659
|
+
if action == "gate":
|
|
660
|
+
fn = _import_tool("icdev.tools.compliance.fips199_categorizer", "evaluate_gate")
|
|
661
|
+
if not fn:
|
|
662
|
+
return {"error": "fips199_categorizer not available"}
|
|
663
|
+
return fn(project_id, db_path=str(DB_PATH))
|
|
664
|
+
|
|
665
|
+
# Default: categorize
|
|
666
|
+
fn = _import_tool("icdev.tools.compliance.fips199_categorizer", "categorize_project")
|
|
667
|
+
if not fn:
|
|
668
|
+
return {"error": "fips199_categorizer not available"}
|
|
669
|
+
return fn(project_id, method=args.get("method", "information_type"),
|
|
670
|
+
manual_c=args.get("manual_c"), manual_i=args.get("manual_i"),
|
|
671
|
+
manual_a=args.get("manual_a"), justification=args.get("justification"),
|
|
672
|
+
db_path=str(DB_PATH))
|
|
673
|
+
|
|
674
|
+
|
|
675
|
+
def handle_fips200_validate(args: dict) -> dict:
|
|
676
|
+
"""Validate FIPS 200 minimum security requirements."""
|
|
677
|
+
fn = _import_tool("icdev.tools.compliance.fips200_validator", "validate_fips200")
|
|
678
|
+
if not fn:
|
|
679
|
+
return {"error": "fips200_validator not available"}
|
|
680
|
+
project_id = args.get("project_id")
|
|
681
|
+
if not project_id:
|
|
682
|
+
raise ValueError("'project_id' is required")
|
|
683
|
+
return fn(project_id, project_dir=args.get("project_dir"),
|
|
684
|
+
gate=args.get("gate", False), db_path=str(DB_PATH))
|
|
685
|
+
|
|
686
|
+
|
|
687
|
+
def handle_security_categorize(args: dict) -> dict:
|
|
688
|
+
"""Run full security categorization workflow (FIPS 199 + 200 + baseline)."""
|
|
689
|
+
project_id = args.get("project_id")
|
|
690
|
+
if not project_id:
|
|
691
|
+
raise ValueError("'project_id' is required")
|
|
692
|
+
cat_fn = _import_tool("icdev.tools.compliance.fips199_categorizer", "categorize_project")
|
|
693
|
+
val_fn = _import_tool("icdev.tools.compliance.fips200_validator", "validate_fips200")
|
|
694
|
+
result = {"project_id": project_id}
|
|
695
|
+
if cat_fn:
|
|
696
|
+
result["fips199"] = cat_fn(project_id, db_path=str(DB_PATH))
|
|
697
|
+
result["baseline"] = result["fips199"].get("baseline")
|
|
698
|
+
if val_fn:
|
|
699
|
+
result["fips200"] = val_fn(project_id, db_path=str(DB_PATH))
|
|
700
|
+
return result
|
|
701
|
+
|
|
702
|
+
|
|
703
|
+
# ---------------------------------------------------------------------------
|
|
704
|
+
# OSCAL Ecosystem handlers (D302-D306)
|
|
705
|
+
# ---------------------------------------------------------------------------
|
|
706
|
+
|
|
707
|
+
def handle_oscal_validate_deep(args: dict) -> dict:
|
|
708
|
+
"""Run 3-layer deep OSCAL validation (structural → pydantic → Metaschema)."""
|
|
709
|
+
fn = _import_tool("icdev.tools.compliance.oscal_tools", "validate_oscal_deep")
|
|
710
|
+
if not fn:
|
|
711
|
+
return {"error": "oscal_tools module not available", "status": "pending"}
|
|
712
|
+
file_path = args.get("file_path")
|
|
713
|
+
if not file_path:
|
|
714
|
+
raise ValueError("'file_path' is required")
|
|
715
|
+
return fn(file_path, project_id=args.get("project_id"),
|
|
716
|
+
db_path=str(DB_PATH))
|
|
717
|
+
|
|
718
|
+
|
|
719
|
+
def handle_oscal_convert(args: dict) -> dict:
|
|
720
|
+
"""Convert OSCAL artifact between JSON, XML, and YAML formats."""
|
|
721
|
+
fn = _import_tool("icdev.tools.compliance.oscal_tools", "convert_oscal_format")
|
|
722
|
+
if not fn:
|
|
723
|
+
return {"error": "oscal_tools module not available", "status": "pending"}
|
|
724
|
+
input_path = args.get("input_path")
|
|
725
|
+
output_format = args.get("output_format", "xml")
|
|
726
|
+
if not input_path:
|
|
727
|
+
raise ValueError("'input_path' is required")
|
|
728
|
+
return fn(input_path, output_format, output_path=args.get("output_path"))
|
|
729
|
+
|
|
730
|
+
|
|
731
|
+
def handle_oscal_resolve_profile(args: dict) -> dict:
|
|
732
|
+
"""Flatten an OSCAL Profile into a resolved Catalog via oscal-cli."""
|
|
733
|
+
fn = _import_tool("icdev.tools.compliance.oscal_tools", "resolve_oscal_profile")
|
|
734
|
+
if not fn:
|
|
735
|
+
return {"error": "oscal_tools module not available", "status": "pending"}
|
|
736
|
+
profile_path = args.get("profile_path")
|
|
737
|
+
if not profile_path:
|
|
738
|
+
raise ValueError("'profile_path' is required")
|
|
739
|
+
return fn(profile_path, output_path=args.get("output_path"))
|
|
740
|
+
|
|
741
|
+
|
|
742
|
+
def handle_oscal_catalog_lookup(args: dict) -> dict:
|
|
743
|
+
"""Look up controls in the OSCAL catalog (official NIST or ICDEV fallback)."""
|
|
744
|
+
control_id = args.get("control_id")
|
|
745
|
+
family = args.get("family")
|
|
746
|
+
|
|
747
|
+
if control_id:
|
|
748
|
+
fn = _import_tool("icdev.tools.compliance.oscal_tools", "catalog_lookup")
|
|
749
|
+
if not fn:
|
|
750
|
+
return {"error": "oscal_tools module not available", "status": "pending"}
|
|
751
|
+
result = fn(control_id)
|
|
752
|
+
if result:
|
|
753
|
+
return {"control": result}
|
|
754
|
+
return {"error": f"Control '{control_id}' not found"}
|
|
755
|
+
|
|
756
|
+
if family:
|
|
757
|
+
fn = _import_tool("icdev.tools.compliance.oscal_tools", "catalog_list")
|
|
758
|
+
if not fn:
|
|
759
|
+
return {"error": "oscal_tools module not available", "status": "pending"}
|
|
760
|
+
controls = fn(family=family)
|
|
761
|
+
return {"family": family, "controls": controls, "count": len(controls)}
|
|
762
|
+
|
|
763
|
+
fn = _import_tool("icdev.tools.compliance.oscal_tools", "catalog_stats")
|
|
764
|
+
if not fn:
|
|
765
|
+
return {"error": "oscal_tools module not available", "status": "pending"}
|
|
766
|
+
return fn()
|
|
767
|
+
|
|
768
|
+
|
|
769
|
+
def handle_oscal_detect_tools(args: dict) -> dict:
|
|
770
|
+
"""Detect available OSCAL ecosystem tools (oscal-cli, oscal-pydantic, NIST catalog)."""
|
|
771
|
+
fn = _import_tool("icdev.tools.compliance.oscal_tools", "detect_oscal_tools")
|
|
772
|
+
if not fn:
|
|
773
|
+
return {"error": "oscal_tools module not available", "status": "pending"}
|
|
774
|
+
return fn()
|
|
775
|
+
|
|
776
|
+
|
|
777
|
+
# ---------------------------------------------------------------------------
|
|
778
|
+
# Server setup
|
|
779
|
+
# ---------------------------------------------------------------------------
|
|
780
|
+
|
|
781
|
+
def create_server() -> MCPServer:
|
|
782
|
+
server = MCPServer(name="icdev-compliance", version="1.0.0")
|
|
783
|
+
|
|
784
|
+
server.register_tool(
|
|
785
|
+
name="nist_lookup",
|
|
786
|
+
description="Look up NIST 800-53 Rev 5 security controls by control ID (e.g., AC-2) or list all controls in a family (e.g., AC, AU, SA).",
|
|
787
|
+
input_schema={
|
|
788
|
+
"type": "object",
|
|
789
|
+
"properties": {
|
|
790
|
+
"control_id": {"type": "string", "description": "Control ID to look up (e.g., AC-2, SA-11)"},
|
|
791
|
+
"family": {"type": "string", "description": "Family code to list all controls (e.g., AC, AU, CM, IA, SA, SC)"},
|
|
792
|
+
},
|
|
793
|
+
},
|
|
794
|
+
handler=handle_nist_lookup,
|
|
795
|
+
)
|
|
796
|
+
|
|
797
|
+
server.register_tool(
|
|
798
|
+
name="ssp_generate",
|
|
799
|
+
description="Generate a System Security Plan (SSP) document for a project with all 17 sections per NIST 800-53. Includes CUI markings.",
|
|
800
|
+
input_schema={
|
|
801
|
+
"type": "object",
|
|
802
|
+
"properties": {
|
|
803
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
804
|
+
"output_dir": {"type": "string", "description": "Output directory for SSP document (optional)"},
|
|
805
|
+
},
|
|
806
|
+
"required": ["project_id"],
|
|
807
|
+
},
|
|
808
|
+
handler=handle_ssp_generate,
|
|
809
|
+
)
|
|
810
|
+
|
|
811
|
+
server.register_tool(
|
|
812
|
+
name="poam_generate",
|
|
813
|
+
description="Generate a Plan of Action & Milestones (POA&M) document from security scan findings with corrective actions and milestones.",
|
|
814
|
+
input_schema={
|
|
815
|
+
"type": "object",
|
|
816
|
+
"properties": {
|
|
817
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
818
|
+
"output_dir": {"type": "string", "description": "Output directory for POA&M (optional)"},
|
|
819
|
+
},
|
|
820
|
+
"required": ["project_id"],
|
|
821
|
+
},
|
|
822
|
+
handler=handle_poam_generate,
|
|
823
|
+
)
|
|
824
|
+
|
|
825
|
+
server.register_tool(
|
|
826
|
+
name="stig_check",
|
|
827
|
+
description="Run STIG compliance checks against a project. Returns findings categorized as CAT1 (critical), CAT2 (high), CAT3 (medium).",
|
|
828
|
+
input_schema={
|
|
829
|
+
"type": "object",
|
|
830
|
+
"properties": {
|
|
831
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
832
|
+
"stig_profile": {
|
|
833
|
+
"type": "string",
|
|
834
|
+
"description": "STIG profile to check against",
|
|
835
|
+
"enum": ["webapp", "container", "database", "linux", "network"],
|
|
836
|
+
"default": "webapp",
|
|
837
|
+
},
|
|
838
|
+
},
|
|
839
|
+
"required": ["project_id"],
|
|
840
|
+
},
|
|
841
|
+
handler=handle_stig_check,
|
|
842
|
+
)
|
|
843
|
+
|
|
844
|
+
server.register_tool(
|
|
845
|
+
name="sbom_generate",
|
|
846
|
+
description="Generate a Software Bill of Materials (SBOM) in CycloneDX format. Lists all dependencies with versions and known vulnerabilities.",
|
|
847
|
+
input_schema={
|
|
848
|
+
"type": "object",
|
|
849
|
+
"properties": {
|
|
850
|
+
"project_dir": {"type": "string", "description": "Path to the project directory"},
|
|
851
|
+
"project_id": {"type": "string", "description": "UUID of the project (optional, for DB recording)"},
|
|
852
|
+
},
|
|
853
|
+
"required": ["project_dir"],
|
|
854
|
+
},
|
|
855
|
+
handler=handle_sbom_generate,
|
|
856
|
+
)
|
|
857
|
+
|
|
858
|
+
server.register_tool(
|
|
859
|
+
name="cui_mark",
|
|
860
|
+
description="Apply CUI (Controlled Unclassified Information) markings to a file or content string. Adds CUI // SP-CTI banners and designation indicators.",
|
|
861
|
+
input_schema={
|
|
862
|
+
"type": "object",
|
|
863
|
+
"properties": {
|
|
864
|
+
"file_path": {"type": "string", "description": "Path to file to mark with CUI banners"},
|
|
865
|
+
"content": {"type": "string", "description": "Content string to mark (alternative to file_path)"},
|
|
866
|
+
"marking": {"type": "string", "description": "CUI marking text", "default": "CUI // SP-CTI"},
|
|
867
|
+
},
|
|
868
|
+
},
|
|
869
|
+
handler=handle_cui_mark,
|
|
870
|
+
)
|
|
871
|
+
|
|
872
|
+
server.register_tool(
|
|
873
|
+
name="control_map",
|
|
874
|
+
description="Map a project activity (e.g., code.commit, test.execute, deploy) to relevant NIST 800-53 controls. Records the mapping in the database.",
|
|
875
|
+
input_schema={
|
|
876
|
+
"type": "object",
|
|
877
|
+
"properties": {
|
|
878
|
+
"activity": {"type": "string", "description": "Activity type (e.g., code.commit, test.execute, security.scan, deploy.staging)"},
|
|
879
|
+
"project_id": {"type": "string", "description": "UUID of the project (optional)"},
|
|
880
|
+
},
|
|
881
|
+
"required": ["activity"],
|
|
882
|
+
},
|
|
883
|
+
handler=handle_control_map,
|
|
884
|
+
)
|
|
885
|
+
|
|
886
|
+
# --- CSSP Tools ---
|
|
887
|
+
|
|
888
|
+
server.register_tool(
|
|
889
|
+
name="cssp_assess",
|
|
890
|
+
description="Run CSSP assessment per DoD Instruction 8530.01 against a project. Evaluates 5 functional areas: Identify, Protect, Detect, Respond, Sustain.",
|
|
891
|
+
input_schema={
|
|
892
|
+
"type": "object",
|
|
893
|
+
"properties": {
|
|
894
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
895
|
+
"functional_area": {
|
|
896
|
+
"type": "string",
|
|
897
|
+
"description": "Functional area to assess (default: all)",
|
|
898
|
+
"enum": ["all", "Identify", "Protect", "Detect", "Respond", "Sustain"],
|
|
899
|
+
"default": "all",
|
|
900
|
+
},
|
|
901
|
+
},
|
|
902
|
+
"required": ["project_id"],
|
|
903
|
+
},
|
|
904
|
+
handler=handle_cssp_assess,
|
|
905
|
+
)
|
|
906
|
+
|
|
907
|
+
server.register_tool(
|
|
908
|
+
name="cssp_report",
|
|
909
|
+
description="Generate a CSSP certification report with functional area scores, evidence summary, and certification recommendation.",
|
|
910
|
+
input_schema={
|
|
911
|
+
"type": "object",
|
|
912
|
+
"properties": {
|
|
913
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
914
|
+
"output_dir": {"type": "string", "description": "Output directory (optional)"},
|
|
915
|
+
},
|
|
916
|
+
"required": ["project_id"],
|
|
917
|
+
},
|
|
918
|
+
handler=handle_cssp_report,
|
|
919
|
+
)
|
|
920
|
+
|
|
921
|
+
server.register_tool(
|
|
922
|
+
name="cssp_ir_plan",
|
|
923
|
+
description="Generate an Incident Response Plan per CSSP SOC requirements with escalation timelines and SOC coordination procedures.",
|
|
924
|
+
input_schema={
|
|
925
|
+
"type": "object",
|
|
926
|
+
"properties": {
|
|
927
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
928
|
+
"output_dir": {"type": "string", "description": "Output directory (optional)"},
|
|
929
|
+
},
|
|
930
|
+
"required": ["project_id"],
|
|
931
|
+
},
|
|
932
|
+
handler=handle_cssp_ir_plan,
|
|
933
|
+
)
|
|
934
|
+
|
|
935
|
+
server.register_tool(
|
|
936
|
+
name="cssp_evidence",
|
|
937
|
+
description="Collect and index evidence artifacts for CSSP assessment. Scans project for compliance artifacts and maps them to CSSP requirements.",
|
|
938
|
+
input_schema={
|
|
939
|
+
"type": "object",
|
|
940
|
+
"properties": {
|
|
941
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
942
|
+
"project_dir": {"type": "string", "description": "Project directory path (optional)"},
|
|
943
|
+
},
|
|
944
|
+
"required": ["project_id"],
|
|
945
|
+
},
|
|
946
|
+
handler=handle_cssp_evidence,
|
|
947
|
+
)
|
|
948
|
+
|
|
949
|
+
# --- Xacta Integration ---
|
|
950
|
+
|
|
951
|
+
server.register_tool(
|
|
952
|
+
name="xacta_sync",
|
|
953
|
+
description="Sync project compliance data to Xacta 360 (system of record for CSSP/ATO). Supports API, export, and hybrid modes.",
|
|
954
|
+
input_schema={
|
|
955
|
+
"type": "object",
|
|
956
|
+
"properties": {
|
|
957
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
958
|
+
"mode": {
|
|
959
|
+
"type": "string",
|
|
960
|
+
"description": "Sync mode",
|
|
961
|
+
"enum": ["api", "export", "hybrid"],
|
|
962
|
+
"default": "hybrid",
|
|
963
|
+
},
|
|
964
|
+
},
|
|
965
|
+
"required": ["project_id"],
|
|
966
|
+
},
|
|
967
|
+
handler=handle_xacta_sync,
|
|
968
|
+
)
|
|
969
|
+
|
|
970
|
+
server.register_tool(
|
|
971
|
+
name="xacta_export",
|
|
972
|
+
description="Generate Xacta 360-compatible export files (OSCAL JSON or CSV) for batch import.",
|
|
973
|
+
input_schema={
|
|
974
|
+
"type": "object",
|
|
975
|
+
"properties": {
|
|
976
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
977
|
+
"format": {
|
|
978
|
+
"type": "string",
|
|
979
|
+
"description": "Export format",
|
|
980
|
+
"enum": ["oscal", "csv", "all"],
|
|
981
|
+
"default": "oscal",
|
|
982
|
+
},
|
|
983
|
+
},
|
|
984
|
+
"required": ["project_id"],
|
|
985
|
+
},
|
|
986
|
+
handler=handle_xacta_export,
|
|
987
|
+
)
|
|
988
|
+
|
|
989
|
+
# --- SbD (Secure by Design) Tools ---
|
|
990
|
+
|
|
991
|
+
server.register_tool(
|
|
992
|
+
name="sbd_assess",
|
|
993
|
+
description="Run Secure by Design assessment per CISA commitments and DoDI 5000.87 across 14 security domains.",
|
|
994
|
+
input_schema={
|
|
995
|
+
"type": "object",
|
|
996
|
+
"properties": {
|
|
997
|
+
"project_id": {"type": "string", "description": "UUID of the project to assess"},
|
|
998
|
+
"domain": {
|
|
999
|
+
"type": "string",
|
|
1000
|
+
"enum": ["all", "Authentication", "Memory Safety", "Vulnerability Mgmt",
|
|
1001
|
+
"Intrusion Evidence", "Cryptography", "Access Control",
|
|
1002
|
+
"Input Handling", "Error Handling", "Supply Chain",
|
|
1003
|
+
"Threat Modeling", "Defense in Depth", "Secure Defaults",
|
|
1004
|
+
"CUI Compliance", "DoD Software Assurance"],
|
|
1005
|
+
"default": "all",
|
|
1006
|
+
"description": "Domain to assess (default: all)",
|
|
1007
|
+
},
|
|
1008
|
+
"project_dir": {"type": "string", "description": "Project directory for file-based checks (optional)"},
|
|
1009
|
+
},
|
|
1010
|
+
"required": ["project_id"],
|
|
1011
|
+
},
|
|
1012
|
+
handler=handle_sbd_assess,
|
|
1013
|
+
)
|
|
1014
|
+
|
|
1015
|
+
server.register_tool(
|
|
1016
|
+
name="sbd_report",
|
|
1017
|
+
description="Generate a Secure by Design assessment report with domain scores and CISA commitment status.",
|
|
1018
|
+
input_schema={
|
|
1019
|
+
"type": "object",
|
|
1020
|
+
"properties": {
|
|
1021
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1022
|
+
"output_dir": {"type": "string", "description": "Output directory (optional)"},
|
|
1023
|
+
},
|
|
1024
|
+
"required": ["project_id"],
|
|
1025
|
+
},
|
|
1026
|
+
handler=handle_sbd_report,
|
|
1027
|
+
)
|
|
1028
|
+
|
|
1029
|
+
# --- IV&V (Independent Verification & Validation) Tools ---
|
|
1030
|
+
|
|
1031
|
+
server.register_tool(
|
|
1032
|
+
name="ivv_assess",
|
|
1033
|
+
description="Run IV&V assessment per IEEE 1012 across 9 process areas (verification + validation).",
|
|
1034
|
+
input_schema={
|
|
1035
|
+
"type": "object",
|
|
1036
|
+
"properties": {
|
|
1037
|
+
"project_id": {"type": "string", "description": "UUID of the project to assess"},
|
|
1038
|
+
"process_area": {
|
|
1039
|
+
"type": "string",
|
|
1040
|
+
"enum": ["all", "Requirements Verification", "Design Verification",
|
|
1041
|
+
"Code Verification", "Test Verification",
|
|
1042
|
+
"Integration Verification", "Traceability Analysis",
|
|
1043
|
+
"Security Verification", "Build/Deploy Verification",
|
|
1044
|
+
"Process Compliance"],
|
|
1045
|
+
"default": "all",
|
|
1046
|
+
"description": "Process area to assess (default: all)",
|
|
1047
|
+
},
|
|
1048
|
+
"project_dir": {"type": "string", "description": "Project directory for file-based checks (optional)"},
|
|
1049
|
+
},
|
|
1050
|
+
"required": ["project_id"],
|
|
1051
|
+
},
|
|
1052
|
+
handler=handle_ivv_assess,
|
|
1053
|
+
)
|
|
1054
|
+
|
|
1055
|
+
server.register_tool(
|
|
1056
|
+
name="ivv_report",
|
|
1057
|
+
description="Generate an IV&V certification report with verification/validation scores and certification recommendation.",
|
|
1058
|
+
input_schema={
|
|
1059
|
+
"type": "object",
|
|
1060
|
+
"properties": {
|
|
1061
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1062
|
+
"output_dir": {"type": "string", "description": "Output directory (optional)"},
|
|
1063
|
+
},
|
|
1064
|
+
"required": ["project_id"],
|
|
1065
|
+
},
|
|
1066
|
+
handler=handle_ivv_report,
|
|
1067
|
+
)
|
|
1068
|
+
|
|
1069
|
+
server.register_tool(
|
|
1070
|
+
name="rtm_generate",
|
|
1071
|
+
description="Generate a Requirements Traceability Matrix (RTM) linking requirements to design, code, and tests.",
|
|
1072
|
+
input_schema={
|
|
1073
|
+
"type": "object",
|
|
1074
|
+
"properties": {
|
|
1075
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1076
|
+
"project_dir": {"type": "string", "description": "Project directory to scan for artifacts"},
|
|
1077
|
+
},
|
|
1078
|
+
"required": ["project_id"],
|
|
1079
|
+
},
|
|
1080
|
+
handler=handle_rtm_generate,
|
|
1081
|
+
)
|
|
1082
|
+
|
|
1083
|
+
# --- Multi-Framework Compliance Tools (Phase 17) ---
|
|
1084
|
+
|
|
1085
|
+
server.register_tool(
|
|
1086
|
+
name="crosswalk_query",
|
|
1087
|
+
description="Query control crosswalk engine for multi-framework mappings (NIST 800-53 ↔ FedRAMP ↔ 800-171 ↔ CMMC). Actions: frameworks_for_control, controls_for_framework, controls_for_impact_level, coverage, gap_analysis.",
|
|
1088
|
+
input_schema={
|
|
1089
|
+
"type": "object",
|
|
1090
|
+
"properties": {
|
|
1091
|
+
"action": {
|
|
1092
|
+
"type": "string",
|
|
1093
|
+
"enum": ["frameworks_for_control", "controls_for_framework", "controls_for_impact_level", "coverage", "gap_analysis"],
|
|
1094
|
+
"default": "frameworks_for_control",
|
|
1095
|
+
"description": "Query action to perform",
|
|
1096
|
+
},
|
|
1097
|
+
"control_id": {"type": "string", "description": "NIST 800-53 control ID (e.g., AC-2)"},
|
|
1098
|
+
"framework": {"type": "string", "description": "Target framework (fedramp, cmmc, 800-171)"},
|
|
1099
|
+
"baseline": {"type": "string", "description": "Framework baseline (moderate, high, l2, l3)"},
|
|
1100
|
+
"project_id": {"type": "string", "description": "UUID of the project (for coverage/gap_analysis)"},
|
|
1101
|
+
"impact_level": {"type": "string", "enum": ["IL4", "IL5", "IL6"], "description": "DoD Impact Level"},
|
|
1102
|
+
},
|
|
1103
|
+
},
|
|
1104
|
+
handler=handle_crosswalk_query,
|
|
1105
|
+
)
|
|
1106
|
+
|
|
1107
|
+
server.register_tool(
|
|
1108
|
+
name="fedramp_assess",
|
|
1109
|
+
description="Run FedRAMP Moderate or High baseline security assessment against a project. Inherits NIST 800-53 implementations via crosswalk.",
|
|
1110
|
+
input_schema={
|
|
1111
|
+
"type": "object",
|
|
1112
|
+
"properties": {
|
|
1113
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1114
|
+
"baseline": {
|
|
1115
|
+
"type": "string",
|
|
1116
|
+
"enum": ["moderate", "high"],
|
|
1117
|
+
"default": "moderate",
|
|
1118
|
+
"description": "FedRAMP baseline to assess against",
|
|
1119
|
+
},
|
|
1120
|
+
"project_dir": {"type": "string", "description": "Project directory for auto-checks (optional)"},
|
|
1121
|
+
},
|
|
1122
|
+
"required": ["project_id"],
|
|
1123
|
+
},
|
|
1124
|
+
handler=handle_fedramp_assess,
|
|
1125
|
+
)
|
|
1126
|
+
|
|
1127
|
+
server.register_tool(
|
|
1128
|
+
name="fedramp_report",
|
|
1129
|
+
description="Generate a FedRAMP assessment report with control family scores, gap analysis, and readiness score.",
|
|
1130
|
+
input_schema={
|
|
1131
|
+
"type": "object",
|
|
1132
|
+
"properties": {
|
|
1133
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1134
|
+
"baseline": {"type": "string", "enum": ["moderate", "high"], "default": "moderate"},
|
|
1135
|
+
"output_path": {"type": "string", "description": "Output path for report (optional)"},
|
|
1136
|
+
},
|
|
1137
|
+
"required": ["project_id"],
|
|
1138
|
+
},
|
|
1139
|
+
handler=handle_fedramp_report,
|
|
1140
|
+
)
|
|
1141
|
+
|
|
1142
|
+
server.register_tool(
|
|
1143
|
+
name="cmmc_assess",
|
|
1144
|
+
description="Run CMMC Level 2 or Level 3 assessment against a project. Evaluates practices across 14 domains.",
|
|
1145
|
+
input_schema={
|
|
1146
|
+
"type": "object",
|
|
1147
|
+
"properties": {
|
|
1148
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1149
|
+
"level": {
|
|
1150
|
+
"type": "integer",
|
|
1151
|
+
"enum": [2, 3],
|
|
1152
|
+
"default": 2,
|
|
1153
|
+
"description": "CMMC level to assess",
|
|
1154
|
+
},
|
|
1155
|
+
"project_dir": {"type": "string", "description": "Project directory for auto-checks (optional)"},
|
|
1156
|
+
},
|
|
1157
|
+
"required": ["project_id"],
|
|
1158
|
+
},
|
|
1159
|
+
handler=handle_cmmc_assess,
|
|
1160
|
+
)
|
|
1161
|
+
|
|
1162
|
+
server.register_tool(
|
|
1163
|
+
name="cmmc_report",
|
|
1164
|
+
description="Generate a CMMC assessment report with domain scores, practice status, and NIST 800-171 cross-reference.",
|
|
1165
|
+
input_schema={
|
|
1166
|
+
"type": "object",
|
|
1167
|
+
"properties": {
|
|
1168
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1169
|
+
"level": {"type": "integer", "enum": [2, 3], "default": 2},
|
|
1170
|
+
"output_path": {"type": "string", "description": "Output path for report (optional)"},
|
|
1171
|
+
},
|
|
1172
|
+
"required": ["project_id"],
|
|
1173
|
+
},
|
|
1174
|
+
handler=handle_cmmc_report,
|
|
1175
|
+
)
|
|
1176
|
+
|
|
1177
|
+
server.register_tool(
|
|
1178
|
+
name="oscal_generate",
|
|
1179
|
+
description="Generate NIST OSCAL 1.1.2 artifacts (SSP, POA&M, Assessment Results, Component Definition) in machine-readable format.",
|
|
1180
|
+
input_schema={
|
|
1181
|
+
"type": "object",
|
|
1182
|
+
"properties": {
|
|
1183
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1184
|
+
"artifact": {
|
|
1185
|
+
"type": "string",
|
|
1186
|
+
"enum": ["ssp", "poam", "assessment_results", "component_definition", "all"],
|
|
1187
|
+
"default": "ssp",
|
|
1188
|
+
"description": "OSCAL artifact type to generate",
|
|
1189
|
+
},
|
|
1190
|
+
"format": {
|
|
1191
|
+
"type": "string",
|
|
1192
|
+
"enum": ["json", "xml", "yaml"],
|
|
1193
|
+
"default": "json",
|
|
1194
|
+
"description": "Output format",
|
|
1195
|
+
},
|
|
1196
|
+
},
|
|
1197
|
+
"required": ["project_id"],
|
|
1198
|
+
},
|
|
1199
|
+
handler=handle_oscal_generate,
|
|
1200
|
+
)
|
|
1201
|
+
|
|
1202
|
+
server.register_tool(
|
|
1203
|
+
name="emass_sync",
|
|
1204
|
+
description="Sync project compliance data to eMASS (DoD system of record). Supports API, export, and hybrid modes.",
|
|
1205
|
+
input_schema={
|
|
1206
|
+
"type": "object",
|
|
1207
|
+
"properties": {
|
|
1208
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1209
|
+
"mode": {
|
|
1210
|
+
"type": "string",
|
|
1211
|
+
"enum": ["api", "export", "hybrid"],
|
|
1212
|
+
"default": "hybrid",
|
|
1213
|
+
"description": "Sync mode: api (REST), export (CSV/files), hybrid (try API, fall back to export)",
|
|
1214
|
+
},
|
|
1215
|
+
},
|
|
1216
|
+
"required": ["project_id"],
|
|
1217
|
+
},
|
|
1218
|
+
handler=handle_emass_sync,
|
|
1219
|
+
)
|
|
1220
|
+
|
|
1221
|
+
server.register_tool(
|
|
1222
|
+
name="cato_monitor",
|
|
1223
|
+
description="Monitor continuous ATO (cATO) evidence freshness and readiness. Actions: readiness, check_freshness, auto_reassess, dashboard, expire.",
|
|
1224
|
+
input_schema={
|
|
1225
|
+
"type": "object",
|
|
1226
|
+
"properties": {
|
|
1227
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1228
|
+
"action": {
|
|
1229
|
+
"type": "string",
|
|
1230
|
+
"enum": ["readiness", "check_freshness", "auto_reassess", "dashboard", "expire"],
|
|
1231
|
+
"default": "readiness",
|
|
1232
|
+
"description": "Monitoring action to perform",
|
|
1233
|
+
},
|
|
1234
|
+
},
|
|
1235
|
+
"required": ["project_id"],
|
|
1236
|
+
},
|
|
1237
|
+
handler=handle_cato_monitor,
|
|
1238
|
+
)
|
|
1239
|
+
|
|
1240
|
+
server.register_tool(
|
|
1241
|
+
name="pi_compliance",
|
|
1242
|
+
description="Track compliance across SAFe Program Increments (PIs). Actions: start, record, close, velocity, burndown, report.",
|
|
1243
|
+
input_schema={
|
|
1244
|
+
"type": "object",
|
|
1245
|
+
"properties": {
|
|
1246
|
+
"project_id": {"type": "string", "description": "UUID of the project"},
|
|
1247
|
+
"action": {
|
|
1248
|
+
"type": "string",
|
|
1249
|
+
"enum": ["start", "record", "close", "velocity", "burndown", "report"],
|
|
1250
|
+
"default": "velocity",
|
|
1251
|
+
"description": "PI tracking action",
|
|
1252
|
+
},
|
|
1253
|
+
"pi_number": {"type": "string", "description": "PI identifier (e.g., PI-24.1)"},
|
|
1254
|
+
"start_date": {"type": "string", "description": "PI start date (YYYY-MM-DD)"},
|
|
1255
|
+
"end_date": {"type": "string", "description": "PI end date (YYYY-MM-DD)"},
|
|
1256
|
+
},
|
|
1257
|
+
"required": ["project_id"],
|
|
1258
|
+
},
|
|
1259
|
+
handler=handle_pi_compliance,
|
|
1260
|
+
)
|
|
1261
|
+
|
|
1262
|
+
server.register_tool(
|
|
1263
|
+
name="classification_check",
|
|
1264
|
+
description="Validate project classification markings, get marking banners, or query impact level baselines.",
|
|
1265
|
+
input_schema={
|
|
1266
|
+
"type": "object",
|
|
1267
|
+
"properties": {
|
|
1268
|
+
"action": {
|
|
1269
|
+
"type": "string",
|
|
1270
|
+
"enum": ["validate", "banner", "baseline", "profile"],
|
|
1271
|
+
"default": "validate",
|
|
1272
|
+
"description": "Classification action",
|
|
1273
|
+
},
|
|
1274
|
+
"project_id": {"type": "string", "description": "UUID of the project (for validate)"},
|
|
1275
|
+
"impact_level": {"type": "string", "enum": ["IL4", "IL5", "IL6"], "description": "Impact level (for baseline/profile)"},
|
|
1276
|
+
"classification": {"type": "string", "description": "Classification level (for banner)"},
|
|
1277
|
+
},
|
|
1278
|
+
},
|
|
1279
|
+
handler=handle_classification_check,
|
|
1280
|
+
)
|
|
1281
|
+
|
|
1282
|
+
# --- FIPS 199/200 Security Categorization Tools (Phase 20) ---
|
|
1283
|
+
|
|
1284
|
+
server.register_tool(
|
|
1285
|
+
name="fips199_categorize",
|
|
1286
|
+
description="FIPS 199 security categorization using NIST SP 800-60 information types. Actions: categorize, add_type, remove_type, list_types, list_catalog, get, gate.",
|
|
1287
|
+
input_schema={
|
|
1288
|
+
"type": "object",
|
|
1289
|
+
"properties": {
|
|
1290
|
+
"project_id": {"type": "string", "description": "Project UUID"},
|
|
1291
|
+
"action": {"type": "string", "enum": ["categorize", "add_type", "remove_type", "list_types", "list_catalog", "get", "gate"], "default": "categorize"},
|
|
1292
|
+
"type_id": {"type": "string", "description": "SP 800-60 info type ID (e.g., D.1.1.1)"},
|
|
1293
|
+
"method": {"type": "string", "enum": ["information_type", "manual", "cnssi_1253"], "default": "information_type"},
|
|
1294
|
+
"manual_c": {"type": "string", "enum": ["Low", "Moderate", "High"]},
|
|
1295
|
+
"manual_i": {"type": "string", "enum": ["Low", "Moderate", "High"]},
|
|
1296
|
+
"manual_a": {"type": "string", "enum": ["Low", "Moderate", "High"]},
|
|
1297
|
+
"adjust_c": {"type": "string", "enum": ["Low", "Moderate", "High"]},
|
|
1298
|
+
"adjust_i": {"type": "string", "enum": ["Low", "Moderate", "High"]},
|
|
1299
|
+
"adjust_a": {"type": "string", "enum": ["Low", "Moderate", "High"]},
|
|
1300
|
+
"justification": {"type": "string"},
|
|
1301
|
+
"category": {"type": "string", "description": "Catalog filter (D.1, D.2, D.3)"},
|
|
1302
|
+
},
|
|
1303
|
+
},
|
|
1304
|
+
handler=handle_fips199_categorize,
|
|
1305
|
+
)
|
|
1306
|
+
|
|
1307
|
+
server.register_tool(
|
|
1308
|
+
name="fips200_validate",
|
|
1309
|
+
description="Validate FIPS 200 minimum security requirements across all 17 areas.",
|
|
1310
|
+
input_schema={
|
|
1311
|
+
"type": "object",
|
|
1312
|
+
"properties": {
|
|
1313
|
+
"project_id": {"type": "string", "description": "Project UUID"},
|
|
1314
|
+
"project_dir": {"type": "string"},
|
|
1315
|
+
"gate": {"type": "boolean", "default": False},
|
|
1316
|
+
},
|
|
1317
|
+
"required": ["project_id"],
|
|
1318
|
+
},
|
|
1319
|
+
handler=handle_fips200_validate,
|
|
1320
|
+
)
|
|
1321
|
+
|
|
1322
|
+
server.register_tool(
|
|
1323
|
+
name="security_categorize",
|
|
1324
|
+
description="Full security categorization: FIPS 199 + FIPS 200 + baseline selection.",
|
|
1325
|
+
input_schema={
|
|
1326
|
+
"type": "object",
|
|
1327
|
+
"properties": {
|
|
1328
|
+
"project_id": {"type": "string", "description": "Project UUID"},
|
|
1329
|
+
},
|
|
1330
|
+
"required": ["project_id"],
|
|
1331
|
+
},
|
|
1332
|
+
handler=handle_security_categorize,
|
|
1333
|
+
)
|
|
1334
|
+
|
|
1335
|
+
# OSCAL Ecosystem tools (D302-D306)
|
|
1336
|
+
server.register_tool(
|
|
1337
|
+
name="oscal_validate_deep",
|
|
1338
|
+
description="Run 3-layer deep OSCAL validation: structural (built-in) → pydantic (if installed) → Metaschema (if oscal-cli + Java available). Each layer independently optional.",
|
|
1339
|
+
input_schema={
|
|
1340
|
+
"type": "object",
|
|
1341
|
+
"properties": {
|
|
1342
|
+
"file_path": {"type": "string", "description": "Path to OSCAL JSON file to validate"},
|
|
1343
|
+
"project_id": {"type": "string", "description": "Project UUID (optional, for logging)"},
|
|
1344
|
+
},
|
|
1345
|
+
"required": ["file_path"],
|
|
1346
|
+
},
|
|
1347
|
+
handler=handle_oscal_validate_deep,
|
|
1348
|
+
)
|
|
1349
|
+
|
|
1350
|
+
server.register_tool(
|
|
1351
|
+
name="oscal_convert",
|
|
1352
|
+
description="Convert OSCAL artifact between JSON, XML, and YAML formats using oscal-cli. Requires Java 11+ and oscal-cli JAR.",
|
|
1353
|
+
input_schema={
|
|
1354
|
+
"type": "object",
|
|
1355
|
+
"properties": {
|
|
1356
|
+
"input_path": {"type": "string", "description": "Path to input OSCAL file"},
|
|
1357
|
+
"output_format": {"type": "string", "enum": ["json", "xml", "yaml"], "default": "xml", "description": "Target output format"},
|
|
1358
|
+
"output_path": {"type": "string", "description": "Output file path (optional, auto-generated if omitted)"},
|
|
1359
|
+
},
|
|
1360
|
+
"required": ["input_path"],
|
|
1361
|
+
},
|
|
1362
|
+
handler=handle_oscal_convert,
|
|
1363
|
+
)
|
|
1364
|
+
|
|
1365
|
+
server.register_tool(
|
|
1366
|
+
name="oscal_resolve_profile",
|
|
1367
|
+
description="Flatten an OSCAL Profile into a resolved Catalog using oscal-cli profile resolution. Produces a full catalog of selected controls.",
|
|
1368
|
+
input_schema={
|
|
1369
|
+
"type": "object",
|
|
1370
|
+
"properties": {
|
|
1371
|
+
"profile_path": {"type": "string", "description": "Path to OSCAL Profile JSON file"},
|
|
1372
|
+
"output_path": {"type": "string", "description": "Output path for resolved catalog (optional)"},
|
|
1373
|
+
},
|
|
1374
|
+
"required": ["profile_path"],
|
|
1375
|
+
},
|
|
1376
|
+
handler=handle_oscal_resolve_profile,
|
|
1377
|
+
)
|
|
1378
|
+
|
|
1379
|
+
server.register_tool(
|
|
1380
|
+
name="oscal_catalog_lookup",
|
|
1381
|
+
description="Look up NIST 800-53 controls from the OSCAL catalog. Uses official NIST OSCAL catalog (1000+ controls) with ICDEV fallback (39 controls).",
|
|
1382
|
+
input_schema={
|
|
1383
|
+
"type": "object",
|
|
1384
|
+
"properties": {
|
|
1385
|
+
"control_id": {"type": "string", "description": "Control ID to look up (e.g., AC-2, AC-2(1))"},
|
|
1386
|
+
"family": {"type": "string", "description": "Family code to list controls (e.g., AC, AU, SC)"},
|
|
1387
|
+
},
|
|
1388
|
+
},
|
|
1389
|
+
handler=handle_oscal_catalog_lookup,
|
|
1390
|
+
)
|
|
1391
|
+
|
|
1392
|
+
server.register_tool(
|
|
1393
|
+
name="oscal_detect_tools",
|
|
1394
|
+
description="Detect available OSCAL ecosystem tools: oscal-cli (Java, Metaschema validation), oscal-pydantic (Python, type-safe models), NIST OSCAL catalog (1000+ controls).",
|
|
1395
|
+
input_schema={
|
|
1396
|
+
"type": "object",
|
|
1397
|
+
"properties": {},
|
|
1398
|
+
},
|
|
1399
|
+
handler=handle_oscal_detect_tools,
|
|
1400
|
+
)
|
|
1401
|
+
|
|
1402
|
+
return server
|
|
1403
|
+
|
|
1404
|
+
|
|
1405
|
+
if __name__ == "__main__":
|
|
1406
|
+
server = create_server()
|
|
1407
|
+
server.run()
|