33 tools from the FedRAMP 20x Requirements MCP Server, categorised by risk level.
View the FedRAMP 20x Requirements policy →all Enterprise architecture assessment for all 72 KSIs 2/5 application_context Profile metadata and active capabilities 2/5 category Enterprise assessment for a KSI category 2/5 Code-Detectable Requirements validatable through code analysis 2/5 context_filtered_count Number of findings suppressed by context filtering 2/5 dependencies_checked Number of dependencies analysed 2/5 findings Compliance findings with severity and recommendations 2/5 KSI-AFR-01 Assess automated vulnerability scanning tools 2/5 KSI-AFR-02 Assess security finding remediation processes 2/5 KSI-CED-01 Assess continuous evidence collection practices 2/5 KSI-CMT-01 Assess change management automation in CI/CD 2/5 KSI-CMT-02 Assess deployment procedures and approval gates 2/5 KSI-CMT-03 Assess automated testing in CI/CD pipeline 2/5 KSI-CNA-03 Assess microservices security and mTLS config 2/5 KSI-CNA-07 Assess service mesh security configuration 2/5 KSI-IAM-01 Assess API authentication and authorisation 2/5 KSI-IAM-04 Assess least privilege access controls 2/5 KSI-IAM-05 Assess service account and managed identity usage 2/5 KSI-IAM-07 Assess session management and token security 2/5 KSI-MLA-05 Assess diagnostic logging configuration 2/5 KSI-PIY-01 Assess automated inventory and asset tracking 2/5 KSI-PIY-02 Assess security objectives documentation 2/5 KSI-PIY-03 Assess documentation requirements compliance 2/5 KSI-SVC-01 Assess security evaluation and improvements 2/5 KSI-SVC-02 Assess network encryption and TLS config 2/5 KSI-SVC-05 Check for vulnerable libraries and unsafe functions 2/5 KSI-SVC-06 Scan for hardcoded passwords, API keys, certs 3/5 KSI-SVC-07 Assess patching and vulnerability remediation 2/5 minimal Quick-start architecture assessment for pilots 2/5 pr_comment Formatted markdown for PR comments 2/5 Process-Based Requirements requiring manual review 2/5 single-ksi Production architecture assessment for one KSI 2/5 summary Counts of high/medium/low priority compliance issues 2/5 The FedRAMP 20x Requirements MCP server exposes 33 tools across 1 categories: Read.
Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the FedRAMP 20x Requirements server.
FedRAMP 20x Requirements tools are categorised as Read (33). Each category has a recommended default policy.
Open source. One binary. Zero dependencies.
npx -y @policylayer/intercept