MCP server for compliance framework data. NIST 800-53, FedRAMP, CMMC, and more.
An MCP server and CLI that gives AI assistants direct access to authoritative compliance data. Stop hallucinating control requirements — query the real thing. Access enriched framework data, control families, control details, and document requirements from NIST 800-53, NIST 800-171, FedRAMP, CMMC, and more.
Quick Start
Get your API key from platform.pretorin.com, then:
uv tool install pretorin
pretorin login
That's it. Now add Pretorin to your AI tool below.
Add to Your AI Tool
Claude Code
claude mcp add --transport stdio pretorin -- pretorin mcp-serve
This registers the server for your current project. To make it available across all your projects, add --scope user.
Team setup — add a .mcp.json file to your project root so every team member gets the server automatically:
{
"mcpServers": {
"pretorin": {
"type": "stdio",
"command": "pretorin",
"args": ["mcp-serve"]
}
}
}
Claude Desktop
Add to your Claude Desktop configuration file:
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
Linux: ~/.config/Claude/claude_desktop_config.json
{
"mcpServers": {
"pretorin": {
"command": "pretorin",
"args": ["mcp-serve"]
}
}
}
Restart Claude Desktop after saving.
Cursor
Add to ~/.cursor/mcp.json:
{
"mcpServers": {
"pretorin": {
"command": "pretorin",
"args": ["mcp-serve"]
}
}
}
Restart Cursor after saving.
Windsurf
Add to ~/.codeium/windsurf/mcp_config.json:
{
"mcpServers": {
"pretorin": {
"command": "pretorin",
"args": ["mcp-serve"]
}
}
}
Restart Windsurf after saving.
OpenAI Codex CLI
Add to ~/.codex/config.toml:
[mcp_servers.pretorin]
command = "pretorin"
args = ["mcp-serve"]
Available Tools
| Tool | Description |
|---|---|
pretorin_list_frameworks | List all compliance frameworks |
pretorin_get_framework | Get framework metadata |
pretorin_list_control_families | List control families for a framework |
pretorin_list_controls | List controls (with optional family filter) |
pretorin_get_control | Get detailed control information |
pretorin_get_control_references | Get control guidance and references |
pretorin_get_document_requirements | Get document requirements for a framework |
Resources
| Resource URI | Description |
|---|---|
analysis://schema | Compliance artifact JSON schema |
analysis://guide/{framework_id} | Framework analysis guide |
analysis://control/{control_id} | Control analysis guidance |
Example Prompts
Try asking your AI assistant:
- "What compliance frameworks are available for government systems?"
- "What are the Account Management requirements for FedRAMP Moderate?"
- "What documents do I need for NIST 800-171 compliance?"
- "Show me all Audit controls in NIST 800-53"
For comprehensive MCP documentation, see docs/MCP.md.
Supported Frameworks
The initial public release includes these Government Core frameworks:
- NIST SP 800-53 Rev 5
- NIST SP 800-171 Rev 2
- FedRAMP (Low, Moderate, High)
- CMMC Level 1, 2, and 3
Additional frameworks are available on the platform. See platform.pretorin.com/api/docs for the full list.
CLI Reference
Pretorin also includes a full CLI for working with compliance data directly in the terminal. For comprehensive documentation with real terminal output examples, see docs/CLI.md.
Quick Examples
# List all frameworks
pretorin frameworks list
# Get framework details
pretorin frameworks get fedramp-moderate
# List control families (IDs are slugs like "access-control", not "ac")
pretorin frameworks families nist-800-53-r5
# List controls filtered by family
pretorin frameworks controls nist-800-53-r5 --family access-control --limit 10
# Get control details (IDs are zero-padded: "ac-01", not "ac-1")
pretorin frameworks control nist-800-53-r5 ac-02
# Get full control details with statement, guidance, and related controls
pretorin frameworks control nist-800-53-r5 ac-02 --references
All Commands
| Command | Description |
|---|---|
pretorin login | Authenticate with the Pretorin API |
pretorin logout | Clear stored credentials |
pretorin whoami | Display current authentication status |
pretorin frameworks list | List all compliance frameworks |
pretorin frameworks get <id> | Get framework details |
pretorin frameworks families <id> | List control families |
pretorin frameworks controls <id> | List controls (--family, --limit) |
pretorin frameworks control <framework> <control> | Get control details (--references) |
pretorin frameworks documents <id> | Get document requirements |
pretorin config list | List all configuration |
pretorin config get <key> | Get a config value |
pretorin config set <key> <value> | Set a config value |
pretorin config path | Show config file path |
pretorin version | Show CLI version |
pretorin update | Update to latest version |
pretorin mcp-serve | Start the MCP server |
Installation
Stable (PyPI)
We recommend using uv or pipx for isolated installation:
uv tool install pretorin
pipx install pretorin
Or with pip:
pip install pretorin
Latest (GitHub)
Install the latest development version directly from GitHub:
uv tool install git+https://github.com/pretorin-ai/pretorin-cli.git
Updating
pretorin update
Configuration
Credentials are stored in ~/.pretorin/config.json.
Environment Variables
| Variable | Description |
|---|---|
PRETORIN_API_KEY | API key (overrides stored config) |
PRETORIN_API_BASE_URL | Custom API URL (default: https://platform.pretorin.com/api/v1) |
Development
Setup
git clone https://github.com/pretorin-ai/pretorin-cli.git
cd pretorin-cli
uv pip install -e ".[dev]"
Or with pip:
pip install -e ".[dev]"
Running Tests
pytest
With coverage:
pytest --cov=pretorin --cov-report=term-missing
Docker Testing
# Run all tests
docker-compose run --rm test
# Run linter
docker-compose run --rm lint
# Run type checker
docker-compose run --rm typecheck
# Or use the convenience script
./scripts/docker-test.sh all
Type Checking
mypy src/pretorin
Linting
ruff check src/pretorin
ruff format --check src/pretorin
Contributing
Contributions are welcome! Please see our Contributing Guide for details.
MCP Registry
This server is listed on the official MCP Registry.
License
MIT License - see LICENSE for details.