Fedramp Docs Mcp

Name: Fedramp Docs Mcp
Author: ethanolivertroy

ethanolivertroy/fedramp-docs-mcp

Let your coding agent query FedRAMP 20x KSIs, NIST controls, and compliance documentation instead of you copying PDFs into the chat.

Overview

FedRAMP Docs MCP is an MCP server for the Ship phase that queries FedRAMP 20x KSIs, NIST controls, and compliance documentation through 20 stdio tools.

What is this MCP server?

20 MCP tools for FedRAMP 20x KSIs, NIST controls, and related compliance docs
Local stdio server via npm package fedramp-docs-mcp (v0.2.2)
Optional FEDRAMP_DOCS_PATH override and automatic repo sync (FEDRAMP_DOCS_AUTO_UPDATE, 24h check interval)
Keeps a cached FedRAMP/docs checkout under ~/.cache/fedramp-docs by default
20 MCP tools exposed for compliance queries
Server version 0.2.2 on npm identifier fedramp-docs-mcp
Default automatic update check interval of 24 hours when auto-update is enabled

Compatible agents: Claude Code, Cursor, Codex, Windsurf

What problem does it solve?

Federal compliance work drowns builders in sprawling NIST and FedRAMP PDFs that are painful to search while implementing features under an agent.

Who is it for?

Indie SaaS teams pursuing or maintaining FedRAMP authorization who already use MCP-enabled coding agents for security documentation.

Skip if: Builders with no government or FedRAMP footprint who only need generic OWASP-style app checks.

What do I get? / Deliverables

Your agent can cite and cross-reference live compliance docs from a synced local corpus so control mappings and SSP drafts stay accurate and faster to iterate.

Agent-grounded answers tied to FedRAMP and NIST source sections
Faster control-to-implementation traceability while drafting security artifacts
Locally cached, optionally auto-updated compliance documentation tree

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

FedRAMP and NIST mapping sit on the critical path before you ship or renew authorization for government-facing SaaS, so the canonical shelf is Ship. Compliance control lookup and KSI cross-checks are security-gate work you run while hardening and documenting the product for auditors.

How it compares

MCP-backed compliance doc search, not a turnkey GRC dashboard or penetration-testing skill.

Common Questions / FAQ

Who is FedRAMP Docs MCP for?

Solo builders and small teams shipping cloud services that must align implementations with FedRAMP 20x and NIST control language during authorization or continuous monitoring.

When should I use FedRAMP Docs MCP?

Use it during security reviews, SSP drafting, control-gap analysis, and when an auditor or PM asks for exact KSI or NIST wording while you code.

How do I add FedRAMP Docs MCP to my agent?

Install the npm package fedramp-docs-mcp, add a stdio MCP entry in your agent config, and optionally set FEDRAMP_DOCS_PATH or auto-update variables for your docs checkout.

Fedramp Docs Mcp

ethanolivertroy/fedramp-docs-mcp

Let your coding agent query FedRAMP 20x KSIs, NIST controls, and compliance documentation instead of you copying PDFs into the chat.

Overview

FedRAMP Docs MCP is an MCP server for the Ship phase that queries FedRAMP 20x KSIs, NIST controls, and compliance documentation through 20 stdio tools.

What is this MCP server?

20 MCP tools for FedRAMP 20x KSIs, NIST controls, and related compliance docs
Local stdio server via npm package fedramp-docs-mcp (v0.2.2)
Optional FEDRAMP_DOCS_PATH override and automatic repo sync (FEDRAMP_DOCS_AUTO_UPDATE, 24h check interval)
Keeps a cached FedRAMP/docs checkout under ~/.cache/fedramp-docs by default
20 MCP tools exposed for compliance queries
Server version 0.2.2 on npm identifier fedramp-docs-mcp
Default automatic update check interval of 24 hours when auto-update is enabled

Compatible agents: Claude Code, Cursor, Codex, Windsurf

What problem does it solve?

Federal compliance work drowns builders in sprawling NIST and FedRAMP PDFs that are painful to search while implementing features under an agent.

Who is it for?

Indie SaaS teams pursuing or maintaining FedRAMP authorization who already use MCP-enabled coding agents for security documentation.

Skip if: Builders with no government or FedRAMP footprint who only need generic OWASP-style app checks.

What do I get? / Deliverables

Your agent can cite and cross-reference live compliance docs from a synced local corpus so control mappings and SSP drafts stay accurate and faster to iterate.

Agent-grounded answers tied to FedRAMP and NIST source sections
Faster control-to-implementation traceability while drafting security artifacts
Locally cached, optionally auto-updated compliance documentation tree

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

MCP-backed compliance doc search, not a turnkey GRC dashboard or penetration-testing skill.

Common Questions / FAQ

Who is FedRAMP Docs MCP for?

Solo builders and small teams shipping cloud services that must align implementations with FedRAMP 20x and NIST control language during authorization or continuous monitoring.

When should I use FedRAMP Docs MCP?

Use it during security reviews, SSP drafting, control-gap analysis, and when an auditor or PM asks for exact KSI or NIST wording while you code.

How do I add FedRAMP Docs MCP to my agent?

Install the npm package fedramp-docs-mcp, add a stdio MCP entry in your agent config, and optionally set FEDRAMP_DOCS_PATH or auto-update variables for your docs checkout.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is FedRAMP Docs MCP for?

When should I use FedRAMP Docs MCP?

How do I add FedRAMP Docs MCP to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is FedRAMP Docs MCP for?

When should I use FedRAMP Docs MCP?

How do I add FedRAMP Docs MCP to my agent?