MCP API Endpoints
Name Purpose Input(s) Output(s) list_all_assessment_categories Get all assessment categories categories (List[Category]): A list of category objects, where each category includes:
• id (str): Unique identifier of the assessment category.
• name (str): Name of the category.
error (Optional[str]): An error message if any issues occurred during retrieval.list_assessments Get all assessments categoryName: assessment category name (Optional) Categoryid ( string)-assessment category id (Optional)
Categoryname (string)assessments (List[Assessments]): A list of assessments objects, where each assessment includes:
• id (str): Unique identifier of the assessment.
• name (str): Name of the assessment.
• category_name (str): Name of the category.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_unique_node_data_and_schema Fetch unique node data and corresponding schema for a given question. Question* ( string)node_names (List[str]): List of unique node names involved.
unique_property_values (list[any]): Unique property values per node.
neo4j_schema (str): The Neo4j schema associated with the nodes.
error (Optional[str]): Error message if any issues occurred during processing.execute_cypher_query Given a question and query, execute a cypher query and transform result to human readable format. Query* ( string)result (Any): The formatted, human-readable result of the Cypher query.
error (Optional[str]): An error message if the query execution fails or encounters issues.fetch_recent_assessment_runs Get recent assessment run for given assessment id Id* ( string)assessmentRuns (List[AssessmentRuns]): A list of assessment runs.
• id (str): Assessement run id.
• name (str): Name of the assessement run.
• description (str): Description of the assessment run.
• assessmentId (str): Assessement id.
• applicationType (str): Application type.
• configId (str): Configuration id.
• fromDate (str): From date of the assessement run.
• toDate (str): To date of the assessment run.
• status (str): Status of the assessment run.
• computedScore (str): Computed score.
• computedWeight (str): Computed weight.
• complianceStatus (str): Compliance status.
• createdAt (str): Time and date when the assessement run was created.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_assessment_runs Get all assessment run for given assessment id Function accepts page number (page) and page size (pageSize) for pagination. If MCP client host unable to handle large response use page and pageSize, default page is 1 If the request times out retry with pagination, increasing pageSize from 5 to 10. use this tool when expected run is got in fetch recent assessment runs tool Id* ( string)
Page (integer)
Pagesize (integer)assessmentRuns (List[AssessmentRuns]): A list of assessment runs.
• id (str): Assessement run id.
• name (str): Name of the assessement run.
• description (str): Description of the assessment run.
• assessmentId (str): Assessement id.
• applicationType (str): Application type.
• configId (str): Configuration id.
• fromDate (str): From date of the assessement run.
• toDate (str): To date of the assessment run.
• status (str): Status of the assessment run.
• computedScore (str): Computed score.
• computedWeight (str): Computed weight.
• complianceStatus (str): Compliance status.
• createdAt (str): Time and date when the assessement run was created.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_assessment_run_details Get assessment run details for given assessment run id. This api will return many contorls, use page to get details pagewise. If output is large store it in a file. Id* ( string)controls (List[Control]): A list of controls.
• id (str): Control run id.
• name (str): Control name.
• controlNumber (str): Control number.
• alias (str): Control alias.
• priority (str): Priority.
• stage (str): Control stage.
• status (str): Control status.
• type (str): Control type.
• executionStatus (str): Rule execution status.
• dueDate (str): Due date.
• assignedTo (List[str]): Assigned user ids
• assignedBy (str): Assigner’s user id.
• assignedDate (str): Assigned date.
• checkedOut (bool): Control checked-out status.
• compliancePCT__ (str): Compliance percentage.
• complianceWeight__ (str): Compliance weight.
• complianceStatus (str): Compliance status.
• createdAt (str): Time and date when the control run was created.
• updatedAt (str): Time and date when the control run was updated.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_assessment_run_leaf_controls Get leaf controls for given assessment run id. If output is large store it in a file. Id* ( string)controls (List[Control]): A list of controls.
• id (str): Control run id.
• name (str): Control name.
• controlNumber (str): Control number.
• alias (str): Control alias.
• priority (str): Priority.
• stage (str): Control stage.
• status (str): Control status.
• type (str): Control type.
• executionStatus (str): Rule execution status.
• dueDate (str): Due date.
• assignedTo (List[str]): Assigned user ids
• assignedBy (str): Assigner’s user id.
• assignedDate (str): Assigned date.
• checkedOut (bool): Control checked-out status.
• compliancePCT__ (str): Compliance percentage.
• complianceWeight__ (str): Compliance weight.
• complianceStatus (str): Compliance status.
• createdAt (str): Time and date when the control run was created.
• updatedAt (str): Time and date when the control run was updated.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_run_controls use this tool when you there is no result from the tool “execute_cypher_query”. use this tool to get all controls that matches the given name. Next use fetch control meta data tool if need assessment name, assessment Id, assessment run name, assessment run Id Name* ( string)controls (List[Control]): A list of controls.
• id (str): Control run id.
• name (str): Control name.
• controlNumber (str): Control number.
• alias (str): Control alias.
• priority (str): Priority.
• stage (str): Control stage.
• status (str): Control status.
• type (str): Control type.
• executionStatus (str): Rule execution status.
• dueDate (str): Due date.
• assignedTo (List[str]): Assigned user ids
• assignedBy (str): Assigner’s user id.
• assignedDate (str): Assigned date.
• checkedOut (bool): Control checked-out status.
• compliancePCT__ (str): Compliance percentage.
• complianceWeight__ (str): Compliance weight.
• complianceStatus (str): Compliance status.
• createdAt (str): Time and date when the control run was created.
• updatedAt (str): Time and date when the control run was updated.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_run_control_meta_data Use this tool to retrieve control metadata for a given control_id, including: – Control details: control name – Assessment details: assessment name and ID – Assessment run details: assessment run name and IDId* ( string)assessmentId (str): Assessment id.
assessmentName (str): Assessment name.
assessmentRunId (str): Assessment run id.
assessmentRunName (str): Assessment run name.
controlId (str): Control id.
controlName (str): Control name.
controlNumber (str): Control number.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_assessment_run_leaf_control_evidence Get leaf control evidence for given assessment run control id. Id* ( string)evidences (List[ControlEvidenceVO]): List of control evidences
• id (str): Evidence id.
• name (str): Evidence name.
• description (str): Evidence description.
• fileName (str): File name.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_controls To fetch controls. Control Name ( string)prompt (str): The input prompt used to generate the Cypher query for fetching the control. fetch_evidence_records Get evidence records for a given evidence ID with optional compliance status filtering. Returns max 50 records but counts all records for the summary. Id* ( string)
Compliantstatus (string)totalRecords (int): Total records.
compliantRecords (int): Number of complian records.
nonCompliantRecords (int): Number of non compliant records.
notDeterminedRecords (int): Number of not determined records.
records (List[RecordListVO]): List of evidence records.
• id (str): Record id.
• name (str): System name.
• source (str): Record source.
• resourceId (str): Resource id.
• resourceName (str): Resource name.
• resourceType (str): Resource type.
• complianceStatus (str): Compliance status.
• complianceReason (str): Compliance reason.
• createdAt (str): The date and time the record was initially created.
• otherInfo (Any): Additional information.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_available_control_actions This tool should be used for handling control-related actions such as create, update, or to retrieve available actions for a given control. If no control details are given use the tool “fetch_controls” to get the control details. 1. Fetch the available actions. 2. Prompt the user to confirm the intended action. 3. Once confirmed, use the execute_action tool with the appropriate parameters to carry out the operation. ### Args: – assessmentName (str): Name of the assessment (required) – controlNumber (str): Identifier for the control (required) – controlAlias (str): Alias of the control (required) If the above arguments are not available: – Use the fetch_controls tool to retrieve control details. – Then generate and execute a query to fetch the related assessment information before proceeding.Assessmentname* ( string)
Controlnumber (string)
Controlalias (string)
Evidencename (string)actions (List[ActionsVO]): List of actions
• actionName (str): Action name.
• actionDescription (str): Action description.
• actionSpecID (str): Action specific id.
• actionBindingID (str): Action binding id.
• target (str): Target.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_assessment_available_actions Get actions available on assessment for given assessment name. Once fetched, ask user to confirm to execute the action, then use ‘execute_action’ tool with appropriate parameters to execute the action. Name ( string)actions (List[ActionsVO]): List of actions
• actionName (str): Action name.
• actionDescription (str): Action description.
• actionSpecID (str): Action specific id.
• actionBindingID (str): Action binding id.
• target (str): Target.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_evidence_available_actions Get actions available on evidence for given evidence name. If the required parameters are not provided, use the existing tools to retrieve them. Once fetched, ask user to confirm to execute the action, then use ‘execute_action’ tool with appropriate parameters to execute the action. Assessment Name ( string)
Control Number (string)
Control Alias (string)
Evidence Name (string)actions (List[ActionsVO]): List of actions
• actionName (str): Action name.
• actionDescription (str): Action description.
• actionSpecID (str): Action specific id.
• actionBindingID (str): Action binding id.
• target (str): Target.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_automated_controls_of_an_assessment To fetch the only the automated controls for a given assessment. If assessment_id is not provided use other tools to get the assessment and its id. Assessment Id ( string)controls (List[AutomatedControlVO]): List of controls
• id (str): Control ID.
• displayable (str): Displayable name or label.
• alias (str): Alias of the control.
• activationStatus (str): Activation status.
• ruleName (str): Associated rule name.
• assessmentId (str): Assessment identifier.
error (Optional[str]): An error message if any issues occurred during retrieval.execute_action Use this tool when the user asks about actions such as create, update or other action-related queries. IMPORTANT: This tool MUST ONLY be executed after explicit user confirmation. Always describe the intended action and its effects to the user, then wait for their explicit approval before proceeding. Do not execute this tool without clear user consent, as it performs actual operations that modify system state. Execute or trigger a specific action on an assessment run. use assessment id, assessment run id and action binding id. Execute or trigger a specific action on an control run. use assessment id, assessment run id, action binding id and assessment run control id . Execute or trigger a specific action on an evidence level. use assessment id, assessment run id, action binding id, assessment run control evidence id and evidence record ids. Use fetch assessment available actions to get action binding id. Only once action can be triggered at a time, assessment level or control level or evidence level based on user preference. Use this to trigger action for assessment level or control level or evidence level. Please also provide the intended effect when executing actions. WORKFLOW: 1. First fetch the available actions based on user preference assessment level or control level or evidence level 2. Present the available actions to the user 3. Ask user to confirm which specific action they want to execute 4. Explain what the action will do and its expected effects 5. Wait for explicit user confirmation before calling this tool 6. Only then execute the action with this tool Assessmentid* ( string)
Assessmentrunid* (string)
Actionbindingid* (string)
Assessmentruncontrolid (string)
Assessmentruncontrolevidenceid (string)
Evidencerecordids (array)id (str): id of triggered action. get_dashboard_data Function accepts compliance period as ‘period’. Period denotes for which quarter of year dashboard data is needed. Format: Q1 2024. Dashboard contains summary data of Common Control Framework (CCF). For any related to contorl category, framework, assignment status use this function. This contains details of control status such as ‘Completed’, ‘In Progress’, ‘Overdue’, ‘Pending’. The summarization levels are ‘overall control status’, ‘control category wise’, ‘control framework wise’, ‘overall control status’ can be fetched from ‘controlStatus’ ‘control category wise’ can be fetched from ‘controlSummary’ ‘control framework wise’ can be fetched from ‘frameworks’ Period ( string)totalControls (int): Total number of controls in the dashboard.
controlStatus (List[ComplianceStatusSummaryVO]): Summary of control statuses.
• status (str): Compliance status of the control.
• count (int): Number of controls with the given status.
controlAssignmentStatus (List[ControlAssignmentStatusVO]): Assignment status categorized by control.
• categoryName (str): Name of the control category.
• controlStatus (List[ComplianceStatusSummaryVO]): Status summary within the category.
• status (str): Compliance status.
• count (int): Number of controls with this status.
compliancePCT (float): Overall compliance percentage across all controls.
controlSummary (List[ControlSummaryVO]): Detailed summary of each control.
• category (str): Category name of the control.
• status (str): Compliance status of the control.
• dueDate (str): Due date for the control, if applicable.
• compliancePCT (float): Compliance percentage for the control.
• leafControls (int): Number of leaf-level controls in the category.
complianceStatusSummary (List[ComplianceStatusSummaryVO]): Summary of control statuses.
• status (str): Compliance status.
• count (int): Number of controls with the given status.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_dashboard_framework_controls Function Overview: Retrieve Control Details for a Given CCF and Review Period This function retrieves detailed control-level data for a specified Common Control Framework (CCF) during a specific review period. Format: "Q1 2024" – framework_name: The name of the Common Control Framework to fetch data for. Purpose This function is used to fetch a list of controls and their associated data for a specific CCF and review period. It does not return an aggregated overview — instead, it retrieves detailed, item-level data for each control via an API call. The results are displayed in the MCP host with client-side pagination, allowing users to navigate through the control list efficiently without making repeated API calls.Period* ( string)
Framework Name* (string)controls (List[FramworkControlVO]): A list of framework controls.
• name (str): Name of the control.
• assignedTo (str): Email ID of the user the control is assigned to.
• assignmentStatus (str): Status of the control assignment.
• complianceStatus (str): Compliance status of the control.
• dueDate (str): Due date for completing the control.
• score (float): Score assigned to the control.
• priority (str): Priority level of the control.
page (int): Current page number in the overall result set.
totalPage (int): Total number of pages.
totalItems (int): Total number of items.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_dashboard_framework_summary Function Overview: CCF Dashboard Summary Retrieval This function returns a summary dashboard for a specified compliance period and Common Control Framework (CCF). It is designed to provide a high-level view of control statuses within a given framework and period, making it useful for compliance tracking, reporting, and audits. The compliance quarter for which the dashboard data is requested. Format: "Q1 2024" – framework_name: The name of the Common Control Framework whose data is to be retrieved. Dashboard Overview The dashboard provides a consolidated view of all controls under the specified framework and period. It includes key information such as assignment status, compliance progress, due dates, and risk scoring to help stakeholders monitor and manage compliance posture.Period* ( string)
Framework Name* (string)controls (List[FramworkControlVO]): A list of framework controls.
• name (str): Name of the control.
• assignedTo (str): Email ID of the user the control is assigned to.
• assignmentStatus (str): Status of the control assignment.
• complianceStatus (str): Compliance status of the control.
• dueDate (str): Due date for completing the control.
• score (float): Score assigned to the control.
• priority (str): Priority level of the control.
page (int): Current page number in the overall result set.
totalPage (int): Total number of pages.
totalItems (int): Total number of items.
error (Optional[str]): An error message if any issues occurred during retrieval.get_dashboard_common_controls_details Function accepts compliance period as ‘period’. Period donates for which quarter of year dashboard data is needed. Format: Q1 2024. Use this tool to get Common Control Framework (CCF) dashboard data for a specific compliance period with filters. This function provides detailed information about common controls, including their compliance status, control status, and priority. Use pagination if controls count is more than 50 then use page and pageSize to get control data pagewise, Once 1st page is fetched,then more pages available suggest to get next page data then increase page number. Period* ( string)
Compliancestatus (string)
Controlstatus (string)
Priority (string)
Controlcategoryname (string)
Page (integer)
Pagesize (integer)controls (List[CommonControlVO]): A list of common controls.
• id (str): Unique identifier of the control.
• planInstanceID (str): ID of the associated plan instance.
• alias (str): Alias or alternate name for the control.
• displayable (str): Flag or content that indicates display eligibility.
• controlName (str): Name of the control.
• dueDate (str): Due date assigned to the control.
• score (float): Score assigned to the control.
• priority (str): Priority level of the control.
• status (str): Current status of the control.
• complianceStatus (str): Compliance status of the control.
• updatedAt (str): Timestamp when the control was last updated.
page (int): Current page number in the paginated result.
totalPage (int): Total number of pages available.
totalItems (int): Total number of control items.
error (Optional[str]): An error message if any issues occurred during retrieval.get_top_over_due_controls_detail Fetch controls with top over due (over-due) Function accepts count as ‘count’ Function accepts compliance period as ‘period’. Period donates for which quarter of year dashboard data is needed. Format: Q1 2024. Period ( string)
Count (integer)controls (List[OverdueControlVO]): A list of overdue controls.
• name (str): Name of the control.
• assignedTo (List[UserVO]): List of users assigned to the control.
• emailid (str): Email ID of the assigned user.
• assignmentStatus (str): Assignment status of the control.
• complianceStatus (str): Compliance status of the control.
• dueDate (str): Due date for the control.
• score (float): Score assigned to the control.
• priority (str): Priority level of the control.
error (Optional[str]): An error message if any issues occurred during retrieval.get_top_non_compliant_controls_detail Function overview: Fetch control with low compliant score or non compliant controls. Arguments: 1. period: Compliance period which denotes quarter of the year whose dashboard data is needed. By default: Q1 2024. 2. count: 3. page: If the user asks of next page use smartly decide the page. – error (Optional[str]): An error message if any issues occurred during retrieval. Period* ( string)
count (string)
page (string)controls (List[NonCompliantControlVO]): A list of non-compliant controls.
name (str): Name of the control.
lastAssignedTo (List[UserVO]): List of users to whom the control was last assigned.
• emailid (str): Email ID of the assigned user.
score (float): Score assigned to the control.
priority (str): Priority level of the control.list_assets Get all assets assets (List[AssetsVo]): A list of assets.
• id (str): Asset id.
• name (str): Name of the asset.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_assets_summary Get assets summary for given assessment id Id* ( string)integrationRunId (str): Asset id.
assessmentName (str): Name of the asset.
status (str): Name of the asset.
numberOfResources (str): Name of the asset.
numberOfChecks (str): Name of the asset.
dataStatus (str): Name of the asset.
createdAt (str): Name of the asset.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_resource_types Get resource types for given asset run id. Use ‘fetch_assets_summary’ tool to get assets run id Function accepts page number (page) and page size (pageSize) for pagination. If MCP client host unable to handle large response use page and pageSize. If the request times out retry with pagination, increasing pageSize from 50 to 100. 1. Call fetch_resource_types with page=1, pageSize=50 2. Note the totalPages from the response 3. Continue calling each page until complete 4. Summarize all results together Id* ( string)
Page (integer)
Pagesize (integer)resourceTypes (List[AssetsVo]): A list of resource types.
• resourceType (str): Resource type.
• totalResources (int): Total number of resources.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_checks Get checks for given assets run id and resource type. Use this function to get all checks for given assets run id and resource type Use ‘fetch_assets_summary’ tool to get asset run id Use ‘fetch_resource_types’ tool to get all resource types Function accepts page number (page) and page size (pageSize) for pagination. If MCP client host unable to handle large response use page and pageSize. If the request times out retry with pagination, increasing pageSize from 5 to 10. If the check data set is large to fetch efficiently or results in timeouts, it is recommended to use the ‘summary tool’ instead to get a summarized view of the checks. 1. Call fetch_checks with page=1, pageSize=10 2. Note the totalPages from the response 3. Continue calling each page until complete 4. Summarize all results together Id* ( string)
Resourcetype* (string)
Page (integer)
Pagesize (integer)
Compliancestatus (string)checks (List[CheckVO]): A list of checks.
• name (str): Name of the check.
• description (str): Description of the check.
• rule (RuleVO): Rule associated with the check.
• type (str): Type of the rule.
• name (str): Name of the rule.
• activationStatus (str): Activation status of the check.
• priority (str): Priority level of the check.
• complianceStatus (str): Compliance status of the check.
• compliancePCT (float): Compliance percentage.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_resources Get resources for given asset run id and resource type Function accepts page number (page) and page size (pageSize) for pagination. If MCP client host unable to handle large response use page and pageSize, default page is 1 If the request times out retry with pagination, increasing pageSize from 5 to 10. If the resource data set is large to fetch efficiently or results in timeouts, it is recommended to use the ‘summary tool’ instead to get a summarized view of the resource. 1. Call fetch_resources with page=1, pageSize=10 2. Note the totalPages from the response 3. Continue calling each page until complete 4. Summarize all results together Id* ( string)
Resourcetype* (string)
Page (integer)
Pagesize (integer)
Compliancestatus (string)resources (List[ResourceVO]): A list of resources.
• name (str): Name of the resource.
• resourceType (str): Type of the resource.
• complianceStatus (str): Compliance status of the resource.
• checks (List[ResourceCheckVO]): List of checks associated with the resource.
• name (str): Name of the check.
• description (str): Description of the check.
• rule (RuleVO): Rule applied in the check.
• type (str): Type of the rule.
• name (str): Name of the rule.
• activationStatus (str): Activation status of the check.
• priority (str): Priority level of the check.
• controlName (str): Name of the control.
• complianceStatus (str): Compliance status specific to the resource.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_resources_by_check_name Get resources for given asset run id, and check name. Function accepts page number (page) and page size (pageSize) for pagination. If MCP client host unable to handle large response use page and pageSize. If the request times out retry with pagination, increasing pageSize from 10 to 50. If the resource data set is large to fetch efficiently or results in timeouts, it is recommended to use the ‘summary tool’ instead to get a summarized view of the resource. 1. Call fetch_resources_for_check with page=1, pageSize=10 2. Note the totalPages from the response 3. Continue calling each page until complete 4. Summarize all results together Id* ( string)
Checkname* (string)
Page (integer)
Pagesize (integer)resources (List[ResourceVO]): A list of resources.
• name (str): Name of the resource.
• resourceType (str): Type of the resource.
• complianceStatus (str): Compliance status of the resource.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_checks_summary Use this to get the summary on checks Use this when total items in ‘fetch_checks’ is high Get checks summary for given asset run id and resource type. Get a summarized view of resources based on – Compliance breakdown for checks – Total Checks available – Total compliant checks – Total non-compliant checks Id* ( string)
Resourcetype* (string)complianceSummary (dict): Summary of compliance status across checks.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_resources_summary Use this to get the summary on resource Use this when total items in ‘fetch_resources’ is high Fetch a summary of resources for a given asset run id and resource type. Get a summarized view of resources include – Compliance breakdown for resource – Total Resources available – Total compliant resources – Total non-compliant resources Id* ( string)
Resourcetype* (string)complianceSummary (dict): Summary of compliance status across checks.
error (Optional[str]): An error message if any issues occurred during retrieval.fetch_resources_by_check_name_summary Use this to get the summary on check resources Use this when total items in ‘fetch_resources_for_check’ is high Get check resources summary for given asset run id, resource type and check Paginated data is enough for summary Get a summarized view of check resources based on – Compliance breakdown for resources – Total Resources available – Total compliant resources – Total non-compliant resources Id* ( string)
Resourcetype* (string)
Check* (string)complianceSummary (dict): Summary of compliance status across checks.
error (Optional[str]): An error message if any issues occurred during retrieval.