get_theme_summary
Retrieve detailed security theme guidance including indicators, impact analysis, NIST controls, and documentation links for FedRAMP compliance.
Instructions
Get comprehensive guidance for a KSI theme. Returns all indicators in the theme, impact breakdown, related NIST controls, and links to relevant documentation.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| theme | Yes | KSI theme code |
Implementation Reference
- src/tools/get_theme_summary.ts:43-101 (handler)The core handler for the 'get_theme_summary' tool. It defines the tool including name, description, schema, and the execute function which filters KSI items by theme, calculates impact breakdown, gathers related controls, and finds related documentation via search.
export const getThemeSummaryTool: ToolDefinition<typeof schema, ThemeSummary> = { name: "get_theme_summary", description: "Get comprehensive guidance for a KSI theme. Returns all indicators in the theme, impact breakdown, related NIST controls, and links to relevant documentation.", schema, execute: async (input) => { const all = getKsiItems(); const indicators = all.filter( (item) => item.category?.toUpperCase() === input.theme, ); // Count impact levels const impactBreakdown = { low: 0, moderate: 0, high: 0 }; for (const item of indicators) { if (item.impact?.low) impactBreakdown.low++; if (item.impact?.moderate) impactBreakdown.moderate++; if (item.impact?.high) impactBreakdown.high++; } // Collect related controls const controlSet = new Set<string>(); for (const item of indicators) { if (item.controlMapping) { for (const control of item.controlMapping) { controlSet.add(control); } } } // Search markdown for related guidance const themeName = THEME_NAMES[input.theme] ?? input.theme; const searchTerms = [themeName, input.theme]; const relatedDocs: Array<{ path: string; snippet: string }> = []; for (const term of searchTerms) { try { const results = searchMarkdown(term, 5, 0); for (const hit of results.hits) { if (!relatedDocs.some((d) => d.path === hit.path)) { relatedDocs.push({ path: hit.path, snippet: hit.snippet }); } } } catch { // Search might fail for some terms, continue } } return { theme: input.theme, themeName, indicatorCount: indicators.length, indicators, impactBreakdown, relatedControls: [...controlSet].sort(), relatedDocs: relatedDocs.slice(0, 5), }; }, }; - src/tools/get_theme_summary.ts:37-41 (schema)Input schema using Zod, validating the 'theme' parameter as one of the predefined KSI theme codes.
const schema = z.object({ theme: z .enum(["AFR", "CED", "CMT", "CNA", "IAM", "INR", "MLA", "PIY", "RPL", "SVC", "TPR"]) .describe("KSI theme code"), }); - src/tools/register.ts:24-53 (registration)Registration of all tools including getThemeSummaryTool in the registerToolDefs call within the registerTools function.
export function registerTools(server: McpServer): void { registerToolDefs(server, [ // Document discovery listFrmrDocumentsTool, getFrmrDocumentTool, listVersionsTool, // KSI tools listKsiTool, getKsiTool, filterByImpactTool, getThemeSummaryTool, getEvidenceExamplesTool, // Control mapping tools listControlsTool, getControlRequirementsTool, analyzeControlCoverageTool, // Search & lookup tools searchMarkdownTool, readMarkdownTool, searchDefinitionsTool, getRequirementByIdTool, // Analysis tools diffFrmrTool, grepControlsTool, significantChangeTool, // System tools healthCheckTool, updateRepositoryTool, ]); } - src/tools/get_theme_summary.ts:9-21 (helper)Helper constant providing human-readable names for KSI theme codes, used in the handler for descriptions and search terms.
const THEME_NAMES: Record<string, string> = { AFR: "Authorization & FedRAMP Requirements", CED: "Customer Environment & Data", CMT: "Change Management & Testing", CNA: "Cloud Native Architecture", IAM: "Identity & Access Management", INR: "Incident Response", MLA: "Monitoring, Logging & Alerting", PIY: "Privacy & PII", RPL: "Resiliency & Planning", SVC: "Service Configuration", TPR: "Third Party Risk", };