nist-mcp

Rebuild the NIST metadata index by downloading fresh data from NIST sources (XLSX, JSON, ZIP). Takes about 5-10 seconds. Use this if you need the most current publication or control data.

Show the current NIST metadata index status: build date, last update check, database size, and file path. Use this to verify the database is available and check data freshness.

Search NIST publications by keyword across all series (SP 800, SP 1800, FIPS, IR, CSWP, AI).

Returns matching publications with ID, title, date, and series. Use get_publication for full details on a specific publication. Default shows only the latest revision of each document. Do NOT use this for SP 800-53 security controls -- use search_controls instead.

Get full metadata for a specific NIST publication including title, abstract, authors, date, supersedes chain, related publications, and list of supplemental materials.

Retrieve publication content as Markdown. Without section/pages, returns table of contents. With section, returns that section. With pages, returns those pages. Handles PDF, XLSX, CSV, JSON, and XML formats. Results are cached locally.

Use this to read the actual content of NIST documents. For large documents like SP 800-53 (492 pages), use the pages parameter to request specific page ranges.

Download a publication PDF or supplemental material to local cache. Returns the file path. Use material_index to download a specific supplemental file listed in the get_publication output.

Resolve any publication to its newest available revision. Follows the supersedes chain. Use this when you need the most current version of a document.

Search NIST SP 800-53 Rev 5 security and privacy controls by keyword, family, or baseline. Accepts flexible ID formats (AC-2, ac-2, AC2 all work).

summary: label + title (~50 tokens/result) standard: + statement text + baselines (~200 tokens/result) full: + guidance + parameters + related controls (~500+ tokens/result)

Use get_control for the complete detail of a specific control including enhancements.

Get complete details for a specific SP 800-53 Rev 5 control: statement, guidance, parameters, related controls, baselines, and cross-framework mappings.

Set include_enhancements=True to also get all enhancement sub-controls. Do NOT use this for searching -- use search_controls to find controls first.

Browse/search the NIST CSF 2.0 framework hierarchy. No args = list all 6 functions. function="PR" = Protect categories. category="PR.AC" = subcategories. query="risk" = full-text search. Includes count of mapped SP 800-53 controls per entry.

Cross-reference frameworks. 'What CSF maps to AC-1?' or 'What 800-53 controls implement PR.AC?' Bidirectional lookup in the mappings table.

Look up NIST cybersecurity/privacy terms. Use 'term' for exact match, 'query' for keyword search. Returns definition, authoritative source, and related terms.

Search FIPS 140-2/3 validated cryptographic modules. 'Is OpenSSL FIPS validated?' or 'Which modules support AES-256-GCM at Level 2?'

Search NCP security configuration checklists. 'SCAP checklists for Windows Server 2022' or 'CIS benchmarks for Ubuntu'.

Search NICE Framework work roles. 'What role handles incident response?'

Search the NVD CVE database. Supports keyword, CVSS severity, CPE product, CWE weakness type, and date range filters. Set has_kev=True for only CISA Known Exploited Vulnerabilities. Results include CVE ID, description, severity, and score. May take 6+ seconds without an NVD API key due to rate limiting.

Get full details for a CVE: description, CVSS scores, affected products (CPE), CWE classification, references, and CISA KEV status (if exploited: date added, due date, required action). Use this after search_cves to get complete vulnerability details. May take 6+ seconds without an NVD API key due to rate limiting.

Search the NVD CPE (Common Platform Enumeration) database for products and platforms. May take 6+ seconds without an NVD API key due to rate limiting.

Get the change history for a CVE — when it was modified, what changed (score updates, CPE additions, CWE remaps). May take 6+ seconds without an NVD API key due to rate limiting.

Search across ALL NIST data: publications, SP 800-53 controls, CSF framework, glossary, CMVP modules, checklists, and NICE roles. Results grouped by type.

Use this as a starting point when you're not sure which specific tool to use. For targeted searches, use domain-specific tools (search_publications, search_controls, etc.).

scope options: publications, controls, csf, glossary, cmvp, checklists, nice