UNPKG

@vantasdk/vanta-mcp-server

Version:

Model Context Protocol server for Vanta's security compliance platform

github.com/VantaInc/vanta-mcp-server

VantaInc/vanta-mcp-server

67 lines (66 loc) 2.79 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
import { baseApiUrl } from "../api.js"; import { z } from "zod"; import { makeAuthenticatedRequest } from "./utils.js"; const GetFrameworksInput = z.object({ pageSize: z.number().optional(), pageCursor: z.string().optional(), }); export const GetFrameworksTool = { name: "get_frameworks", description: "List all compliance frameworks available in your Vanta account (SOC 2, ISO 27001, HIPAA, GDPR, FedRAMP, PCI, etc.) along with completion status and progress metrics. Shows which frameworks you're actively pursuing and their current compliance state including status of controls, documents, and tests for each framework.", parameters: GetFrameworksInput, }; const GetFrameworkControlsInput = z.object({ frameworkId: z.string(), pageSize: z.number().optional(), pageCursor: z.string().optional(), }); export const GetFrameworkControlsTool = { name: "get_framework_controls", description: "Get the detailed CONTROL REQUIREMENTS for a specific framework (requires frameworkId). Use this when you need the specific control details, requirements, and implementation guidance for a known framework like 'soc2' or 'iso27001'. This returns the actual security controls and their descriptions, NOT the framework list. Use get_frameworks first if you need to see available frameworks.", parameters: GetFrameworkControlsInput, }; export async function getFrameworkControls(args) { const url = new URL(`/v1/frameworks/${args.frameworkId}/controls`, baseApiUrl()); if (args.pageSize !== undefined) { url.searchParams.append("pageSize", args.pageSize.toString()); } if (args.pageCursor !== undefined) { url.searchParams.append("pageCursor", args.pageCursor); } const response = await makeAuthenticatedRequest(url.toString()); if (!response.ok) { return { content: [ { type: "text", text: `Error: ${response.statusText}` }, ], }; } return { content: [ { type: "text", text: JSON.stringify(await response.json()) }, ], }; } export async function getFrameworks(args) { const url = new URL("/v1/frameworks", baseApiUrl()); if (args.pageSize !== undefined) { url.searchParams.append("pageSize", args.pageSize.toString()); } if (args.pageCursor !== undefined) { url.searchParams.append("pageCursor", args.pageCursor); } const response = await makeAuthenticatedRequest(url.toString()); if (!response.ok) { return { content: [ { type: "text", text: `Error: ${response.statusText}` }, ], }; } return { content: [ { type: "text", text: JSON.stringify(await response.json()) }, ], }; }