import_compliance_framework
Import a custom compliance framework to add regulatory, contractual, or internal requirements not in built-in frameworks. After import, it becomes selectable on threat models.
Instructions
Import a custom compliance framework. Requires PRO tier.
Use this when your customer's program (regulatory, contractual, or internal) is not covered by Mipiti's 11 built-in frameworks. After import, the framework is selectable on threat models exactly like a built-in.
Schema (top-level fields):
- name (required): framework display name
- version (optional): e.g. "1.0"
- description (optional): one-paragraph description
- level_definitions (optional, level-aware frameworks only):
map keyed by stringified integer level ("1", "2", …)
because the key IS the cumulative-filter ordinal
(level <= target_level) and the level: int field on
every requirement. Non-integer keys are rejected with
HTTP 400. Human labels are decoupled — "Baseline" /
"Hardened" / "SL3" / "CAL Critical" live in the name
field, not the key. Each value is
{"name", "description", "source"}. Ships the per-level
legend to the LLM prompt and the framework-target UI.
source is "authoritative" when paraphrased from the
published standard, "mipiti_convention" when you defined the
tiers yourself.
- requirements (required, non-empty list): each entry takes
id (required), description (required),
level (optional integer, default 1),
chapter_id / chapter_name / section_id /
section_name / title (optional grouping),
scope (optional, "component" default or "system" for
requirements covered if ANY model satisfies them),
level_specific_text (optional map of per-tier text;
same stringified-integer-key rule as level_definitions).
Example minimal body::
{
"name": "ACME Internal Baseline",
"version": "2026.1",
"requirements": [
{"id": "ACME-1", "description": "All endpoints authenticate", "level": 1},
{"id": "ACME-2", "description": "TLS 1.3 in transit", "level": 1}
]
}Example with per-level legend + per-requirement parameters::
{
"name": "ACME Tiered",
"level_definitions": {
"1": {"name": "Baseline", "description": "Minimum.",
"source": "authoritative"},
"2": {"name": "Hardened", "description": "Sensitive data.",
"source": "mipiti_convention"}
},
"requirements": [
{"id": "ACME-PWD",
"description": "Passwords meet policy",
"level": 1,
"level_specific_text": {
"1": "Min 8 characters.",
"2": "Min 14 + MFA required."
}}
]
}Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| framework_json | Yes | A JSON string containing the framework body. (String not dict so the JSON shape stays explicit on the wire.) | |
| server_version | Yes |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||