Back to Browse
About
Nist Rmf Ai MCP Server by MEOK AI Labs
Security Report
2.2
Use Caution2.2Critical RiskThis NIST AI RMF MCP server contains several moderate-to-high severity security concerns that warrant user awareness before deployment. The code implements a custom authentication layer with an API key stored in environment variables, performs rate-limiting based on tier validation, and uses a stubbed neural network component. Key issues include: (1) insufficient input validation on parameters passed to tool functions, (2) environment variable exposure risks through the auth middleware, (3) overly broad exception handling that masks errors, and (4) code injection risk through the neural net feature extraction mechanism. The server's purpose and permissions are reasonably aligned, but the implementation has quality and security gaps that exceed what would be expected for a production-ready tool. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.
4 files analyzed · 14 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-csoai-org-nist-rmf-ai-mcp": {
"args": [
"-y",
"nist-rmf-ai-mcp"
],
"command": "npx"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
mcp-name: io.github.CSOAI-ORG/nist-rmf-ai-mcp
Nist Rmf Ai MCP
NIST AI Risk Management Framework MCP — MAP, MEASURE, MANAGE, GOVERN functions, risk register, tr...
NIST AI Risk Management Framework MCP — MAP, MEASURE, MANAGE, GOVERN functions, risk register, trustworthy AI assessment.
🚀 Quick Start
# Install via pip
pip install nist_rmf_ai_mcp
# Or install via Smithery
npx -y @smithery/cli@latest install nist-rmf-ai-mcp --client claude
✨ Features
- MCP protocol compliant
- Easy installation
- Well-documented API
- Production-ready
- Active maintenance
📖 Documentation
🛡️ Compliance
This MCP server is built with EU AI Act compliance built-in:
- ✅ Article 9 — Risk Management System
- ✅ Article 13 — Transparency & Instructions for Use
- ✅ Article 15 — Bias Detection & Testing
- ✅ Article 26 — FRIA Support (where applicable)
- ✅ Article 50 — AI Content Watermarking (where applicable)
Need help getting compliant? Book a free 15-min diagnostic →
🏢 Enterprise
Need custom development, SLA guarantees, or white-label deployment?
- Pro: $99/mo — Full MCP suite + EU AI Act tracking
- Enterprise: $499/mo — Custom dev + SLA + Dedicated support
View Pricing → | Contact Sales →
🤝 Part of the MEOK Ecosystem
This server is part of the MEOK AI Labs ecosystem — 300+ MCP servers for sovereign AI governance.
| Domain | Purpose |
|---|---|
| councilof.ai | EU AI Act compliance marketplace |
| safetyof.ai | AI safety & monitoring |
| meok.ai | Sovereign AI platform |
| cobolbridge.ai | Legacy modernization |
📜 License
MIT © CSOAI-ORG
Pairs with MEOK Governance Suite
Build something that touches users? You need compliance. MEOK ships 38 governance MCPs that drop in alongside this tool — EU AI Act, DORA, NIS2, CRA, GDPR, ISO 42001, FDA SaMD, MDR, Basel, MiFID II, MiCA, COPPA, and more.
# One-shot install of the governance pack
npx meok-setup --pack governance
Free tier: 10 calls/day per MCP. Pro tier (£79/mo): unlimited + cryptographically signed compliance attestations your auditor verifies independently.
→ Full catalogue: councilof.ai/catalogue → MEOK AI Labs: meok.ai
💸 Try MEOK in 30 seconds — instant buy ladder
| Tier | Price | What you get | Stripe |
|---|---|---|---|
| Smoke test | £1 | Signed sample MCP-Hardening report + Article 50 PDF | https://buy.stripe.com/5kQ6oJ0xS3ce8sl7ew8k91j |
| Quick Kit | £9 | EU AI Act Article 50 implementation guide (C2PA + EU-Icon) | https://buy.stripe.com/5kQ6oJ0xS3ce8sl7ew8k91j |
| Founder Call | £29 | 30-min 1-on-1 with the founder | https://buy.stripe.com/5kQ6oJ0xS3ce8sl7ew8k91j |
Refundable. UK Stripe — VAT-clean. Builds on the 81-MCP MEOK fleet. Verify any signed report at https://meok.ai/verify.
Configuration
Add to your claude_desktop_config.json (Claude Desktop) or your MCP client config:
{
"mcpServers": {
"nist-rmf-ai-mcp": {
"command": "uvx",
"args": ["nist-rmf-ai-mcp"]
}
}
}
Or: pip install nist-rmf-ai-mcp then run the nist-rmf-ai-mcp command (stdio transport).
Examples
Once configured, ask your assistant, for example:
- "Use
assess_risk_profileto …" - "Use
map_ai_impactto …" - "Use
generate_risk_controlsto …"
Reviews
No reviews yet
Be the first to review this server!
More Developer Tools MCP Servers
Git
Freeby Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
80.0K
Stars
6
Installs
6.5
Security
No ratings yet
Local
Fetch
Freeby Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
80.0K
Stars
4
Installs
5.3
Security
No ratings yet
Local
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
137
Stars
521
Installs
8.0
Security
4.8
Local