secureframe/secureframe-mcp-server
If you are the rightful owner of secureframe-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
This server provides read-only access to Secureframe's compliance automation platform for AI assistants.
The Secureframe MCP Server is a Model Context Protocol server designed to facilitate read-only access to Secureframe's comprehensive compliance automation platform. It is tailored for AI assistants such as Claude and Cursor, enabling them to query security controls, monitor compliance tests, and access audit data across various frameworks including SOC 2, ISO 27001, CMMC, and FedRAMP. The server is currently in public beta, offering a secure and efficient way to integrate compliance data into AI-driven workflows. Users are advised to review and validate AI-generated insights to ensure alignment with organizational compliance policies and security standards. The server requires Python 3.7 or higher and Secureframe API credentials for setup, and it supports integration with MCP-compatible tools like Claude Desktop and Cursor IDE.
Features
- Read-only access to compliance data
- Supports multiple compliance frameworks
- Integration with AI assistants
- Powerful search capabilities using Lucene syntax
- Secure and efficient data handling
Usages
usage with Claude Desktop
{ "mcpServers": { "secureframe": { "command": "python", "args": ["/absolute/path/to/secureframe-mcp-server/main.py"], "env": { "SECUREFRAME_API_KEY": "your_api_key", "SECUREFRAME_API_SECRET": "your_api_secret", "SECUREFRAME_API_URL": "https://api.secureframe.com" } } } }
usage with Cursor IDE
{ "mcpServers": { "Secureframe": { "command": "python", "args": ["/absolute/path/to/secureframe-mcp-server/main.py"], "env": { "SECUREFRAME_API_KEY": "your_api_key", "SECUREFRAME_API_SECRET": "your_api_secret", "SECUREFRAME_API_URL": "https://api.secureframe.com" } } } }
Tools
list_controls
List security controls across frameworks with filtering
list_tests
List compliance tests with pass/fail status
list_users
List personnel and their compliance status
list_devices
List managed devices and security compliance
list_user_accounts
List user accounts from integrations
list_tprm_vendors
List third-party risk management vendors
list_vendors
List vendors (legacy API)
list_frameworks
List available compliance frameworks
list_repositories
List code repositories and audit scope
list_integration_connections
List integration status and connections
list_repository_framework_scopes
List framework scopes for specific repositories