- Home
- MCP servers
- Secureframe
Secureframe
- python
4
GitHub Stars
python
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Installation
Add the following to your MCP client configuration file.
Configuration
View docs{
"mcpServers": {
"secureframe-secureframe-mcp-server": {
"command": "python",
"args": [
"/absolute/path/to/secureframe-mcp-server/main.py"
],
"env": {
"SECUREFRAME_API_KEY": "YOUR_API_KEY",
"SECUREFRAME_API_URL": "https://api.secureframe.com",
"SECUREFRAME_API_SECRET": "YOUR_API_SECRET"
}
}
}
}You can query Secureframe’s compliance data through a read-only MCP server that exposes security controls, tests, audit data, and vendor information across multiple frameworks. It’s designed for AI assistants and MCP clients to help you monitor and review your compliance posture without modifying any data.
How to use
Use an MCP client to connect to the Secureframe MCP Server via a local stdio-based setup. You’ll run a local Python process that talks to Secureframe’s API using your credentials. The server provides a family of read-only endpoints you can invoke from your MCP client to list controls, tests, users, devices, vendors, repositories, and more. Make sure your credentials are kept secure and never share them with untrusted tools. All actions are read-only, so no changes to your data will occur.
How to install
Follow these concrete steps to install and run the MCP server locally.
# Clone and setup
git clone https://github.com/secureframe/secureframe-mcp-server.git
cd secureframe-mcp-server
# Create virtual environment (recommended)
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
# Install dependencies
pip install -r requirements.txt
# Configure credentials
cp env.example .env
# Edit .env with your API credentials
Available tools
list_controls
List security controls across frameworks with filtering
list_tests
List compliance tests with pass/fail status
list_users
List personnel and their compliance status
list_devices
List managed devices and security compliance
list_user_accounts
List user accounts from integrations
list_tprm_vendors
List third-party risk management vendors
list_vendors
List vendors (legacy API)
list_frameworks
List available compliance frameworks
list_repositories
List code repositories and audit scope
list_integration_connections
List integration status and connections
list_repository_framework_scopes
List framework scopes for specific repositories