UNPKG

framework-mcp

Version:

Pure Data Provider architecture serving authentic CIS Controls Framework data via MCP and HTTP API. Empowers LLMs with authoritative safeguards data for analysis. Supports Microsoft Copilot custom connectors and DigitalOcean App Services deployment.

github.com/therealcybermattlee/FrameworkMCP

therealcybermattlee/FrameworkMCP

74 lines (66 loc) ā€¢ 4.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/usr/bin/env node /** * Test the enhanced tool type detection with safeguard-specific context weighting */ console.log("šŸ” Testing Enhanced Tool Type Detection with Safeguard Context\n"); const testCases = [ { name: "Asset Management Tool (1.1 context)", text: "Our comprehensive asset management platform provides automated discovery of all enterprise devices, maintains detailed hardware and software inventories, tracks ownership and location data, provides real-time asset status monitoring, and includes documented inventory procedures with bi-annual review capabilities.", safeguard: "1.1", expectedToolType: "inventory", expectedScore: "High (primary keywords + context bonus)" }, { name: "Threat Intelligence Tool (1.1 context)", text: "Our threat intelligence service provides comprehensive network scanning, identifies potential security risks across enterprise infrastructure, maintains detailed device databases, and offers complete visibility into network-connected assets with advanced threat correlation capabilities.", safeguard: "1.1", expectedToolType: "threat_intelligence", expectedScore: "High (primary keywords)" }, { name: "Identity Management Tool (5.1 context)", text: "Our identity management system maintains comprehensive user account inventories including privileged accounts, tracks account lifecycle events, and provides basic reporting on account status and access patterns with active directory integration and SSO capabilities.", safeguard: "5.1", expectedToolType: "identity_management", expectedScore: "High (primary keywords + context bonus)" }, { name: "Mixed Keywords - Should prioritize by score", text: "Our security platform includes basic inventory discovery capabilities and provides threat intelligence feeds with vulnerability scanning features for comprehensive asset visibility.", safeguard: "1.1", expectedToolType: "Depends on keyword weights", expectedScore: "Variable based on keyword frequency" }, { name: "Vulnerability Scanner (7.1 context)", text: "Our vulnerability management solution performs comprehensive security scanning, patch management automation, vulnerability assessment reporting, and penetration testing capabilities with detailed remediation guidance.", safeguard: "7.1", expectedToolType: "vulnerability_management", expectedScore: "High (primary keywords + context bonus)" } ]; console.log("šŸ“Š ENHANCED TOOL TYPE DETECTION SCENARIOS:\n"); console.log("=" .repeat(80)); testCases.forEach((testCase, i) => { console.log(`\n${i + 1}. ${testCase.name}`); console.log(` Safeguard Context: ${testCase.safeguard}`); console.log(` Expected Tool Type: ${testCase.expectedToolType}`); console.log(` Expected Score: ${testCase.expectedScore}`); console.log(` Text: "${testCase.text.substring(0, 120)}..."`); console.log("-".repeat(60)); }); console.log("\nšŸŽÆ ENHANCED DETECTION FEATURES:"); console.log("āœ… Weighted keyword scoring (Primary: 3 points, Secondary: 1 point)"); console.log("āœ… Safeguard-specific context bonuses (+1 for domain alignment)"); console.log("āœ… Minimum threshold (ā‰„2 points) to avoid false positives"); console.log("āœ… Comprehensive keyword coverage for all major tool categories"); console.log("āœ… Context-aware scoring based on safeguard domain requirements"); console.log("\nšŸ”§ CONTEXT BONUSES APPLIED:"); console.log("ā€¢ Safeguards 1.1-1.2 (Asset Inventory) ā†’ inventory tools get +1 bonus"); console.log("ā€¢ Safeguards 5.1-5.3 (Account Inventory) ā†’ identity_management tools get +1 bonus"); console.log("ā€¢ Safeguards 6.1-6.3 (Authentication) ā†’ identity_management tools get +1 bonus"); console.log("ā€¢ Safeguards 7.1-7.7 (Vulnerability Management) ā†’ vulnerability_management tools get +1 bonus"); console.log("\nāœ… Enhanced tool type detection implementation complete"); console.log("šŸ“ˆ More accurate tool categorization for capability analysis"); console.log("šŸŽÆ Better alignment with safeguard domain requirements");