Skip to main content
Glama
deenesjakoruzh
CSOAI-ORG

NIST RMF AI MCP

by CSOAI-ORG
OverviewSchemaRelated ServersScoreDiscussions
Python
Hybrid

nist-rmf-ai-mcp MCP server MCP Registry PyPI

nist-rmf-ai-mcp MCP server

PyPI Downloads GitHub stars License: MIT

NIST AI RMF MCP

NIST AI Risk Management Framework (AI 100-1) implementation across all four functions: GOVERN, MAP, MEASURE, MANAGE. Risk profiling, trustworthy AI characteristics, and EU AI Act crosswalk.

MEOK AI Labs

Install · Tools · Pricing · Attestation API

Why This Exists

NIST AI 100-1 is the de facto AI risk management standard for US federal agencies, federal contractors, and any US-headquartered company building AI governance. Executive Order 14110 (Oct 2023) directs federal agencies to adopt the AI RMF, and procurement officers increasingly require AI RMF compliance documentation from vendors.

The framework defines four core functions (GOVERN, MAP, MEASURE, MANAGE) with 19 categories and 72 subcategories. Mapping your AI system against all of them, assessing trustworthy AI characteristics (valid, reliable, safe, secure, accountable, transparent, explainable, privacy-enhanced, fair), and crosswalking to EU AI Act for dual-jurisdiction compliance is time-intensive. This MCP automates the full assessment.

Install

pip install nist-rmf-ai-mcp

Tools

Tool

AI RMF Reference

What it does

assess_risk_profile

GOVERN, MAP, MEASURE, MANAGE

Full risk profile assessment across all 4 functions

map_ai_impact

MAP 1-5

Map AI system context, impacts, and stakeholders

generate_risk_controls

MANAGE 1-4

Generate risk response and control recommendations

crosswalk_to_eu_ai_act

AI RMF + EU AI Act

Map NIST AI RMF subcategories to EU AI Act requirements

create_risk_report

All functions

Generate a structured AI risk management report

check_trustworthy_characteristics

AI RMF Core

Evaluate against NIST trustworthy AI characteristics

predict_risk_neural

ML-assisted

Neural network risk prediction for AI systems

quick_scan

All functions

Rapid AI system risk overview

framework_overview

AI 100-1

Full framework structure and reference guide

Example

Prompt: "Assess our healthcare diagnostic AI against the NIST AI RMF.
It analyses chest X-rays, was trained on NIH ChestX-ray14, deployed
in a US hospital network, and clinicians use it as a second opinion."

Result: Assessment across all 4 functions with findings: MAP identifies
high-impact healthcare context with patient safety implications, MEASURE
flags dataset bias risk (ChestX-ray14 demographic skew), MANAGE requires
human-in-the-loop validation controls, GOVERN needs AI governance board
oversight. Trustworthy AI assessment scores each characteristic.

Pricing

Tier

Price

What you get

Free

£0

10 calls/day — risk profile + quick scan

Pro

£199/mo

Unlimited + HMAC-signed attestations + verify URLs

Enterprise

£1,499/mo

Multi-tenant + co-branded reports + webhooks

Subscribe to Pro · Enterprise

Attestation API

Every Pro/Enterprise audit produces a cryptographically signed certificate:

POST https://meok-attestation-api.vercel.app/sign
GET  https://meok-attestation-api.vercel.app/verify/{cert_id}

Zero-dep verifier: pip install meok-attestation-verify

Links

License

MIT

This server cannot be installed

A
license - permissive license
-
quality - not tested
B
maintenance

How are these scores calculated?

Maintenance

Maintainers
Response time
Release cycle
1Releases (12mo)

Resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/CSOAI-ORG/nist-rmf-ai-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server