NORMA MCP Server
Server Details
EU compliance corpus across 8 frameworks (NIS2, DORA, AI Act, ISO 27001 + more) via MCP.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 4.2/5 across 4 of 4 tools scored.
Each tool targets a distinct function: searching controls, mapping between frameworks, gap assessment, and policy generation. No overlap in purposes.
All tool names follow a consistent verb_noun pattern in snake_case (e.g., assess_gap, generate_policy), making them predictable.
With 4 tools covering search, mapping, gap analysis, and policy generation, the count is well-scoped for a compliance-focused server.
The tools cover the core workflow (search, map, assess, generate), though the gap assessment is heuristic and refers to an external service for detailed analysis, which is a minor gap.
Available Tools
4 toolsassess_gapAssess compliance gap against a target frameworkARead-onlyIdempotentInspect
Indicative gap register against a target framework. Given a company profile (existing certifications, sector, size, jurisdiction), return covered / partial / gap counts and slug examples. Heuristic only — Pyxis (https://kynosure.ai/en/pyxis) produces the severity-ranked cross-framework gap register with FCI/WMI/ECI scoring.
| Name | Required | Description | Default |
|---|---|---|---|
| company_profile | Yes | Existing certifications + organisational profile. | |
| target_framework | Yes | The framework to assess gaps against. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already declare readOnlyHint and idempotentHint, so the tool is safe. The description adds 'Heuristic only' and describes the output format, which provides behavioral context beyond the annotations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Two concise sentences: first defines purpose, second provides additional context. Front-loaded and no wasted words.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
For a heuristic tool with a nested object parameter, the description explains input and output (counts and slug examples) clearly. No output schema, but coverage is adequate given the tool's simplicity.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The input schema has 100% coverage, with descriptions for both parameters. The description paraphrases the schema's 'company_profile' and 'target_framework' but doesn't add new semantic details beyond the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool assesses gaps against a target framework, returning covered/partial/gap counts and slug examples. This verb+resource combination distinguishes it from sibling tools like generate_policy, map_controls, and search_controls.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description indicates the tool is heuristic only and directs users to Pyxis for a more comprehensive register. This provides context on when to use it versus an alternative, but doesn't explicitly compare to sibling tools.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
generate_policyGenerate policy from NORMA templateAIdempotentInspect
Parametrize a NORMA compliance template with company context and return Markdown. Templates are sourced from the curated corpus (32 in the public subset, 176 more queryable in full). Output begins with a not-legal-advice disclaimer block. Use search_controls first to discover a slug.
| Name | Required | Description | Default |
|---|---|---|---|
| template_slug | Yes | Template slug. Use search_controls to discover one. Examples: "iso27001-access-control", "isms-policies-supplier-security". | |
| company_context | Yes | Variables substituted into {{COMPANY_NAME}}, {{SECTOR}}, etc. |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already provide idempotency info. The description adds key behavioral details: output is Markdown, begins with a not-legal-advice disclaimer, and templates are sourced from a curated corpus. No contradictions.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Three concise sentences, each serving a purpose: action/output, template source, and usage guidance with disclaimer note. No fluff or redundancy.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
The description covers all essential aspects: what the tool does, what it returns, and a prerequisite. Lacks mention of error handling or non-successful responses, but given simplicity and no output schema, it is sufficiently complete for an AI agent.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100%, but the description adds substantial value beyond schema defaults: it explains template sourcing (32 public, 176 queryable), gives slug examples, and clarifies that company_context variables are substituted into templates.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the action ('parametrize a NORMA compliance template'), the resource ('NORMA compliance template'), and the output ('return Markdown'). It also distinguishes from siblings by mentioning 'search_controls' for slug discovery.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Explicitly instructs to use 'search_controls first to discover a slug', providing clear context on when to use the tool. However, lacks explicit 'when not to use' or alternatives beyond the parenthetical reference.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
map_controlsMap controls between frameworksARead-onlyIdempotentInspect
Crosswalk corpus controls between two compliance frameworks via the cross_references frontmatter graph. Useful for prompts like 'I am ISO 27001 certified — what gaps for NIS2?'. Returns an array of mapped pairs with confidence + source slug.
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No | ||
| to_framework | Yes | Target framework (e.g., nis2). | |
| from_framework | Yes | Source framework (e.g., iso27001). |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already declare readOnlyHint and idempotentHint. The description adds that it returns an array of mapped pairs with confidence and source slug, providing behavioral context beyond annotations. No contradictions.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is two sentences: the first defines the core function, the second adds usage context and return format. Every part is essential and front-loaded.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
The description covers the main purpose, usage example, and return structure. It lacks details on limit parameter behavior and confidence interpretation, but given the schema richness for required params, it is adequate.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 67%: from_framework and to_framework are described in the schema, but limit lacks a description. The tool description does not explain the limit parameter, leaving its purpose and constraints unclear.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool maps controls between two compliance frameworks using cross-references. It distinguishes from sibling tools like assess_gap, generate_policy, and search_controls by specifying the crosswalk functionality.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides an example prompt ('I am ISO 27001 certified — what gaps for NIS2?') that illustrates when to use the tool. However, it does not explicitly state when not to use it or compare to alternatives like assess_gap.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
search_controlsSearch NORMA controlsARead-onlyIdempotentInspect
Full-text search the curated NORMA control corpus. Filter by framework (NIS2 / DORA / ISO 27001 / ISO 42001 / EU AI Act / ISO 22301 / ISO 27701 / CRA). Returns matching templates with title, framework, slug, source_refs, and an excerpt around the match.
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No | ||
| keyword | Yes | Search query (matched against title + body, case-insensitive). | |
| framework | No | Restrict to one framework (omit to search all frameworks). |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Annotations already declare readOnlyHint=true and idempotentHint=true, so the safety profile is clear. The description adds value by detailing the return fields (title, framework, slug, source_refs, excerpt) and the matching behavior (full-text, case-insensitive), which goes beyond annotations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Two concise sentences with no wasted words. The first sentence states the core action, the second elaborates on filters and return fields. Every sentence adds value.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
The description explains the tool's action, filters, and return fields, which is sufficient for a search tool with 3 parameters. It does not cover sorting, pagination details, or edge cases, but these are minor given the simplicity of the tool.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 67%, and the description adds contextual meaning: it explains that keyword is matched against title and body case-insensitively, and that framework restricts to a single framework or omits all. 'limit' is not described in the description, but its schema properties (default, min, max) are self-explanatory.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description uses a specific verb ('search') and resource ('NORMA control corpus'), states the scope ('full-text'), and lists filters (framework). While it doesn't explicitly compare to siblings, the purpose is distinct and unambiguous.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description implies usage for searching controls but provides no explicit guidance on when to use this tool versus siblings (assess_gap, generate_policy, map_controls) or when not to use it. No alternatives or exclusions are mentioned.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!