// MCP TOOL REFERENCE

AMPEL TOOLS

50 tools from the Ampel MCP Server, categorised by risk level.

View the Ampel policy → Token cost: 4,198 tokens →
// ALL 50 AMPEL TOOLS
READ 36 tools
Read article_status Detailed Ampel for a specific DORA article. Each check with GREEN/YELLOW/RED conditions and evidence. Read audit_trail Chain-linked audit log with integrity check. Read azure_ad_check Live Azure AD integration: MFA registration %, risky users, conditional access policies. DORA Art. 9 eviden... Read bafin_report_draft Generate ITS 2024/1772 compliant BaFin incident report draft. All mandatory fields per DORA Art. 19/20. Pre... Read board_summary Executive board summary: overall score, top 5 risks, overdue findings, SLA breaches, concentration risk, ev... Read bridge_report Bridge gap analysis: classifies gaps by DATA/EVIDENCE/POLICY/WORKFLOW with closure path, owner, effort level. Read bridge_status Check status of all bridge resolution workflows for an entity. Shows open, pending, closed, rejected. Read bus_status Oracle Event Bus status: events, cross-refs, connected oracles. Read check_contract Check DORA Art. 30 contract clauses for a provider. Returns PASS/WARN/BLOCK with missing clauses and bridge... Read collect_art10 Collect live Art. 10 evidence from NVD, CISA KEV, CERT-Bund. Auto-assesses. Read contract_analyze Analyze contract against 15 DORA Art. 30 mandatory clauses. Returns compliance status per clause with confi... Read contract_status Overview of all analyzed contracts per entity. Shows clause gaps, review status, document versions. Read cross_oracle_assess Enterprise cross-oracle assessment. Runs 18 checks across CyberShield (NIS2/ISO 27001), SupplyChainOracle (... Read cross_regulation_check Tag findings with cross-regulation impact (DORA + MiCA + AMLR). Shows which DORA findings also affect MiCA ... Read cve_asset_map Map CVE/vulnerability to internal ICT providers and systems. Auto-creates findings for critical matches. DO... Read dependency_graph Full provider dependency graph: providers, systems, checks, blast radius, SPOF detection. Read entity_list List all registered regulated entities. Read escalation_status Get findings, SLA breaches, escalation status per entity. Read evidence_pack Export evidence pack for article/check/entity. Pruefer-ready: evidence, assessments, findings, audit trail,... Read evidence_summary All evidence artefacts for an entity with hashes and expiry dates. Read freshness_check Run freshness watchdog. Expires stale evidence, downgrades GREEN->YELLOW->GREY if evidence too old. Read gap_report DORA compliance gaps. RED/GREY/YELLOW items with priority and required actions. Read health_check Server + DB status. Read incident_flow DORA incident lifecycle: log, classify, notify (BaFin), close. Each step creates signed evidence. Read llm_clause_check LLM-based DORA Art. 30 contract analysis. Paste contract text, get clause-by-clause PRESENT/PARTIAL/MISSING... Read onboard_entity Full entity onboarding: creates initial RED assessments for all 39 checks, collects auto-evidence from live... Read ping Quick connectivity test. Read policy_draft Generate DORA policy/framework document draft for a specific article. 8 templates available (Art. 5,6,8,10,... Read provider_country_risk Enrich provider dependencies with OECD economic risk: GDP, unemployment, CLI per provider country. DORA Art... Read readiness_check Full DORA readiness score + Ampel per article. Returns GREEN/YELLOW/RED/GREY for all 26 articles, score 0-1... Read regulation_impact Show cross-regulation impacts for a specific DORA article. Maps DORA → MiCA + AMLR. Read retest_finding Re-test a finding: collect fresh evidence, reassess check, auto-close if GREEN. Full closed-loop. Read score_trend Score trend over time: weekly deltas, trajectory, peer benchmark. Shows improvement or decline. Read servicenow_sync ServiceNow incident + change management sync. DORA Art. 17/21 evidence. Returns 30-day incident stats, clas... Read whatif_provider Simulate provider failure: which articles/checks are affected, score impact, risk level. Read whatif_stale Simulate stale evidence: what happens if a check stays stale for N days.
WRITE 10 tools
Write bafin_approve_send Approve BaFin report for submission (4-eyes principle). Creates signed approval evidence. Write bridge_approve Approve or reject a bridge resolution. On approval: creates signed evidence, upgrades Ampel to GREEN, logs ... Write bridge_resolve Start bridge resolution workflow. Generates templates (Risk Acceptance, Contract Renegotiation, Concentrati... Write contract_upload Upload contract text for DORA Art. 30 analysis. Creates document record with SHA-256 hash, version tracking... Write create_entity Register a new regulated entity. Write create_trial Create temporary trial entity (48h) for self-service DORA assessment. No login needed. Write generate_report Generate data-driven DORA Ampel PDF report. Score, gap analysis, provider register, audit trail integrity. Write generate_trial_report Generate watermarked trial report with score, gaps, and CTA. Write register_provider Register an ICT third-party provider for DORA Art. 28 Register of Information. Stores provider data and cre... Write update_finding Update finding lifecycle: claim, set remediation plan, request re-test, close, or accept risk. Status flow:...
EXECUTE 4 tools
Execute assess_all Re-run full assessment for an entity. Recomputes Ampel statuses from all available evidence. Execute reg_watchdog AI Regulatory Watchdog: scrapes EBA/ESMA/BaFin/CERT-Bund for DORA updates. Returns alerts with affected art... Execute run_escalation Trigger escalation engine: auto-create findings, check SLA, escalate. Execute run_trial_assessment Run complete DORA+MiCA assessment for trial entity. Returns score, gaps, automation potential.
// FAQ
How many tools does the Ampel MCP server have? +

The Ampel MCP server exposes 50 tools across 3 categories: Read, Write, Execute.

How do I enforce policies on Ampel tools? +

Route the Ampel server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard — they are enforced on every call before it reaches the server.

What risk categories do Ampel tools fall into? +

Ampel tools are categorised as Read (36), Write (10), Execute (4). Each category has a recommended default policy.

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

SECURE YOUR MCP →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.