FedRAMP Docs MCP Server

update_repository

Force update cached FedRAMP documentation repository to fetch latest data from GitHub, bypassing the automatic 24-hour refresh cycle for immediate access to updated compliance requirements and security controls.

Instructions

Force update the cached FedRAMP docs repository to get the latest data. This fetches and resets to the latest version from GitHub. The server automatically checks for updates every 24 hours by default, but you can use this tool to update immediately. After updating, you may need to restart the MCP server or rebuild the index to see changes.

Input Schema

TableJSON Schema

Name	Required	Description	Default
No arguments

Implementation Reference

src/tools/update_repository.ts:8-19 (handler)

The main tool handler: defines the 'update_repository' tool with schema, description, and execute function that invokes forceUpdateRepo() to perform the repository update.

export const updateRepositoryTool: ToolDefinition<
  typeof schema,
  ReturnType<typeof forceUpdateRepo>
> = {
  name: "update_repository",
  description:
    "Force update the cached FedRAMP docs repository to get the latest data. This fetches and resets to the latest version from GitHub. The server automatically checks for updates every 24 hours by default, but you can use this tool to update immediately. After updating, you may need to restart the MCP server or rebuild the index to see changes.",
  schema,
  execute: async () => {
    return await forceUpdateRepo();
  },
};

src/tools/update_repository.ts:6-6 (schema)
Zod schema for the tool input (empty object as it takes no parameters).
```
const schema = z.object({});
```

src/tools/register.ts:24-53 (registration)

Registers the updateRepositoryTool among other tools by passing it to registerToolDefs on the MCP server.

export function registerTools(server: McpServer): void {
  registerToolDefs(server, [
    // Document discovery
    listFrmrDocumentsTool,
    getFrmrDocumentTool,
    listVersionsTool,
    // KSI tools
    listKsiTool,
    getKsiTool,
    filterByImpactTool,
    getThemeSummaryTool,
    getEvidenceExamplesTool,
    // Control mapping tools
    listControlsTool,
    getControlRequirementsTool,
    analyzeControlCoverageTool,
    // Search & lookup tools
    searchMarkdownTool,
    readMarkdownTool,
    searchDefinitionsTool,
    getRequirementByIdTool,
    // Analysis tools
    diffFrmrTool,
    grepControlsTool,
    significantChangeTool,
    // System tools
    healthCheckTool,
    updateRepositoryTool,
  ]);
}

src/repo.ts:158-175 (helper)

Core helper function that performs the forced repository update by fetching from remote and resetting, returning success status and message.

export async function forceUpdateRepo(): Promise<{
  success: boolean;
  message: string;
}> {
  try {
    const repoPath = getRepoPath();
    await updateRepo(repoPath);
    return {
      success: true,
      message: `Successfully updated repository at ${repoPath}`,
    };
  } catch (error) {
    return {
      success: false,
      message: `Failed to update repository: ${(error as Error).message}`,
    };
  }
}

src/repo.ts:118-132 (helper)

Low-level helper that executes git fetch and hard reset to origin/main for repository update.

async function updateRepo(repoPath: string): Promise<void> {
  try {
    const git = simpleGit(repoPath);
    await git.fetch(["origin"]);
    await git.reset(["--hard", "origin/main"]);
    console.error(
      `fedramp-docs-mcp: Updated repository at ${repoPath}`,
    );
  } catch (error) {
    console.error(
      `fedramp-docs-mcp: Failed to update repository: ${(error as Error).message}`,
    );
    // Don't throw - continue with existing cache
  }
}

Tool Definition Quality

A4.6/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden and does well by explaining the tool's behavior: it's a forced update operation that fetches from GitHub, resets to latest version, and may require server restart or index rebuild. It doesn't mention error conditions or rate limits, but covers the main behavioral aspects adequately.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is efficiently structured with three sentences that each add value: first states purpose, second explains timing context, third provides post-execution guidance. No wasted words or redundant information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a zero-parameter tool with no annotations or output schema, the description provides comprehensive context about what the tool does, when to use it, and post-execution considerations. It could mention potential side effects more explicitly, but covers the essential information well.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The tool has 0 parameters with 100% schema description coverage, so the baseline is 4. The description appropriately doesn't discuss parameters since none exist, focusing instead on the tool's behavior and usage context.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the specific action ('Force update'), target resource ('cached FedRAMP docs repository'), and purpose ('to get the latest data'). It distinguishes this tool from all sibling tools by focusing on repository maintenance rather than document analysis, filtering, or searching.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly states when to use this tool ('to update immediately' instead of waiting for the automatic 24-hour check) and provides post-update guidance ('you may need to restart the MCP server or rebuild the index to see changes'). It clearly differentiates from the automatic background process.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/ethanolivertroy/fedramp-docs-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server