// MCP TOOL REFERENCE

NIST MCP SERVER TOOLS

44 tools from the NIST MCP Server MCP Server, categorised by risk level.

View the NIST MCP Server policy →
// ALL 44 NIST MCP SERVER TOOLS
READ 35 tools
Read analyze_control_coverage Analyze coverage across control families for a list of controls Read cmmc_compliance_assessment Perform CMMC compliance assessment for implemented controls against a target level Read compliance_mapping Map controls to compliance frameworks (SOC2, ISO27001, etc.) Read control_relationships Analyze relationships and dependencies between controls Read csf_to_controls_mapping Get NIST controls mapped to a specific CSF subcategory Read fedramp_readiness_assessment Perform FedRAMP readiness assessment for cloud service providers Read gap_analysis Perform gap analysis between implemented controls and target baseline Read get_active_workflows Get all currently active workflows Read get_assessment_history Get historical assessment data Read get_assessment_trends Get assessment trends over time Read get_baseline_controls Get controls for a specific baseline (low, moderate, high) Read get_cmmc_framework Get the complete CMMC framework structure Read get_cmmc_level Get controls for a specific CMMC level Read get_control Get details for a specific NIST control Read get_control_family Get all controls in a specific family (e.g., 'AC', 'AU', 'CA') Read get_control_mappings Get CSF mappings for a specific control Read get_csf_framework Get the complete NIST Cybersecurity Framework structure Read get_fedramp_baseline Get FedRAMP controls for a specific impact level (low, moderate, high) Read get_fedramp_framework Get the complete FedRAMP framework structure Read get_monitoring_history Get monitoring check history Read get_monitoring_status Get status of all monitoring activities Read get_overdue_remediations Get all overdue remediation actions Read get_remediation_actions Get remediation actions with optional filtering Read get_sp800171_baseline Get NIST SP 800-171 CUI baseline controls Read get_sp800171_catalog Get the complete NIST SP 800-171 catalog with all 110 security requirements Read get_sp800171_control Get details for a specific SP 800-171 control Read get_sp800171_family Get all SP 800-171 controls in a specific family Read get_workflow_history Get execution history for a workflow Read list_connectors List all registered connectors Read list_controls List all available NIST controls Read risk_assessment_helper Help assess risk coverage based on control selection Read search_controls Search NIST controls by keyword or topic Read search_csf_subcategories Search CSF subcategories by keyword or function Read sp800171_to_sp80053_mapping Map SP 800-171 requirements to their corresponding SP 800-53 controls Read validate_oscal_document Validate an OSCAL document against its JSON schema
WRITE 5 tools
Write create_remediation_action Create a remediation action for a control Write gap_analysis_with_history Perform gap analysis and save results to history with optional remediation planning Write register_connector Register a new connector for external system integration Write save_assessment Save assessment results to history Write update_remediation_status Update the status of a remediation action
EXECUTE 4 tools
Execute execute_compliance_workflow Execute an automated compliance workflow (Strand) Execute run_manual_check Run a manual compliance check for a control Execute start_continuous_monitoring Start continuous monitoring for a specific control Execute stop_continuous_monitoring Stop continuous monitoring for a control

Route NIST MCP Server through PolicyLayer and every one of its 44 tools is checked against your policy before it runs.

CHECK YOUR STACK →

See every tool, the dangerous ones, and the token cost across your stack.

// FAQ
How many tools does the NIST MCP Server MCP server have? +

The NIST MCP Server MCP server exposes 44 tools across 3 categories: Read, Write, Execute.

How do I enforce policies on NIST MCP Server tools? +

Route the NIST MCP Server server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do NIST MCP Server tools fall into? +

NIST MCP Server tools are categorised as Read (35), Write (5), Execute (4). Each category has a recommended default policy.

Enforce policy on every NIST MCP Server tool call.

Start from NIST MCP Server, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.