Is FedRAMP20xMCP safe to use?

FedRAMP20xMCP has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install FedRAMP20xMCP?

FedRAMP20xMCP can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with FedRAMP20xMCP?

FedRAMP20xMCP is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.

Is FedRAMP20xMCP actively maintained?

FedRAMP20xMCP is less actively maintained — last commit was 99 days ago. It has 4 GitHub stars.

FedRAMP20xMCP

An MCP server that provides access to FedRAMP 20x security requirements and controls.

4 0 tools GitHub

No known CVEs

No license

Maintained

Last commit 99d ago

Works with most clients

Transport: stdio

0 tools

Grade F

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "fedramp20xmcp": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-kevinrabun-fedramp20xmcp)](https://mcppedia.org/s/io-github-kevinrabun-fedramp20xmcp)

Read me

What FedRAMP20xMCP does

An MCP (Model Context Protocol) server that provides access to FedRAMP 20x security requirements and controls with Azure-first guidance.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

28/100across 5 weighted dimensions

How we score →

0255075100

−72

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is FedRAMP20xMCP safe to use?: FedRAMP20xMCP has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install FedRAMP20xMCP?: FedRAMP20xMCP can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with FedRAMP20xMCP?: FedRAMP20xMCP is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is FedRAMP20xMCP actively maintained?: FedRAMP20xMCP is less actively maintained — last commit was 99 days ago. It has 4 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for FedRAMP20xMCP and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "fedramp20xmcp": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-kevinrabun-fedramp20xmcp)](https://mcppedia.org/s/io-github-kevinrabun-fedramp20xmcp)

Read me

What FedRAMP20xMCP does

An MCP (Model Context Protocol) server that provides access to FedRAMP 20x security requirements and controls with Azure-first guidance.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

FedRAMP 20x MCP Server

An MCP (Model Context Protocol) server that provides access to FedRAMP 20x security requirements and controls with Azure-first guidance.

Overview

This server loads FedRAMP 20x data from the official FedRAMP documentation repository and provides tools for querying requirements by control, family, or keyword.

Data Sources:

Requirements Data: JSON files from github.com/FedRAMP/docs (root directory)
Documentation: Markdown files from github.com/FedRAMP/docs/tree/main/docs

Azure Focus: All implementation examples, architecture patterns, and vendor recommendations prioritize Microsoft Azure services (Azure Government, Microsoft Entra ID, Azure Key Vault, AKS, Azure Functions, Bicep, etc.) while remaining cloud-agnostic where appropriate.

Data Coverage

The server provides access to 321 requirements (199 FRRs + 72 KSIs + 50 FRDs) across FedRAMP 20x documents:

FedRAMP Requirements (FRR) - 199 requirements across 10 families:

ADS - Authorization Data Sharing (20 requirements)
CCM - Collaborative Continuous Monitoring (25 requirements)
FSI - FedRAMP Security Inbox (16 requirements)
ICP - Incident Communications Procedures (9 requirements)
MAS - Minimum Assessment Scope (12 requirements)
PVA - Persistent Validation and Assessment (22 requirements)
RSC - Recommended Secure Configuration (10 requirements)
SCN - Significant Change Notifications (22 requirements)
UCM - Using Cryptographic Modules (4 requirements)
VDR - Vulnerability Detection and Response (57 requirements)
KSI - Key Security Indicators (2 requirements)

Key Security Indicators (KSI) - 72 indicators across 11 families:

AFR - Architecture, Features, and Resources (11 indicators)
CED - Continuous Evidence Delivery (4 indicators)
CMT - Continuous Monitoring and Testing (5 indicators)
CNA - Cloud Native Architecture (8 indicators)
IAM - Identity and Access Management (7 indicators)
INR - Incident and Near-Miss Reporting (3 indicators)
MLA - Monitoring, Logging, and Alerting (8 indicators)
PIY - Privacy and Transparency (8 indicators)
RPL - Resilience and Recovery Planning (4 indicators)
SVC - Secure Coding and Vulnerability Management (10 indicators)
TPR - Third-Party Risk Management (4 indicators)

FedRAMP Definitions (FRD) - 50 official term definitions

Features

🎯 Automated Evidence Collection (NEW): Automation guidance for 65 active KSIs with Azure-native services, ready-to-use queries, and artifact specifications
Query by Control: Get detailed information about specific FedRAMP requirements
Query by Family: List all requirements within a family
Keyword Search: Search across all requirements using keywords
FedRAMP Definitions: Look up official FedRAMP term definitions
Key Security Indicators: Access and query FedRAMP Key Security Indicators (KSI) with implementation status
Documentation Search: Search and retrieve official FedRAMP documentation markdown files
Dynamic Content: Automatically discovers and loads all markdown documentation files
Implementation Planning: Generate strategic interview questions to help product managers and engineers think through FedRAMP 20x implementation considerations
AST-Powered Code Analysis: Advanced Abstra

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

28/100across 5 weighted dimensions

How we score →

0255075100

−72

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is FedRAMP20xMCP safe to use?: FedRAMP20xMCP has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install FedRAMP20xMCP?: FedRAMP20xMCP can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with FedRAMP20xMCP?: FedRAMP20xMCP is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is FedRAMP20xMCP actively maintained?: FedRAMP20xMCP is less actively maintained — last commit was 99 days ago. It has 4 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for FedRAMP20xMCP and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?