cmmc-compliance-mcp

MCP server for CMMC (Cybersecurity Maturity Model Certification) compliance — browse practices by level and domain, assess readiness, generate SSP sections, evidence checklists, POA&M gap analysis, and SPRS score calculation for defense contractors.

Built for defense contractors, CISOs, compliance officers, and C3PAO assessors working with CUI and NIST SP 800-171.

Tools

| Tool | Description | |------|-------------| | browse_practices | Browse CMMC practices by level (1/2/3), domain (AC/AU/CM/IA/IR/SC/etc.), or search | | assess_readiness | Score readiness with achieved level determination and approximate SPRS score | | generate_ssp | Generate System Security Plan sections per practice or domain | | evidence_checklist | Generate evidence collection checklists for assessment preparation | | gap_analysis | Compare implemented practices vs. requirements, generate POA&M | | calculate_sprs | Calculate approximate SPRS score with point deductions breakdown |

Domains Covered

AC (Access Control), AU (Audit & Accountability), CM (Configuration Management), IA (Identification & Authentication), IR (Incident Response), MP (Media Protection), RA (Risk Assessment), CA (Security Assessment), SC (System & Communications Protection), SI (System & Information Integrity)

Install

npx cmmc-compliance-mcp

Claude Desktop

{
  "mcpServers": {
    "cmmc-compliance": {
      "command": "npx",
      "args": ["-y", "cmmc-compliance-mcp"]
    }
  }
}

Examples

Browse all Level 2 Access Control practices:

browse_practices({ level: 2, domain: "AC" })

Assess readiness for Level 2 certification:

assess_readiness({ implementedPractices: ["AC.L1-3.1.1", "IA.L1-3.5.1", "SC.L1-3.13.1"], targetLevel: 2 })

Generate SSP section for Incident Response:

generate_ssp({ domain: "IR", organizationName: "Acme Defense", systemName: "CUI Processing System" })

Calculate SPRS score:

calculate_sprs({ implementedPractices: ["AC.L1-3.1.1", "AC.L1-3.1.2", "IA.L1-3.5.1", "IA.L1-3.5.2", "SC.L1-3.13.1", "SI.L1-3.14.1"] })

License

MIT