Metadata-Version: 2.4
Name: oscal-generator-mcp
Version: 0.1.1
Summary: Generate machine-readable NIST OSCAL (SSP / component-definition) + FedRAMP RFC-0024 readiness — governed + signed. CSOAI Layer-0.
License: Apache-2.0
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: mcp>=1.28.0
Requires-Dist: pydantic>=2.0
Requires-Dist: cryptography>=41.0
Provides-Extra: validate
Requires-Dist: compliance-trestle>=4.0.0; extra == "validate"
Dynamic: license-file

# oscal-generator-mcp

Generate **machine-readable NIST OSCAL** packages (System Security Plan + Component Definition) and score **FedRAMP RFC-0024 readiness** — governed + SIGIL-signed. CSOAI Layer-0.

**Why:** RFC-0024 (13 Jan 2026) mandates machine-readable OSCAL packages, first deadline **30 Sep 2026** — yet ~0 of 100+ 2025 Rev5 authorizations actually produced OSCAL. System description in → valid OSCAL JSON out, signed.

## Tools
- `generate_ssp(system_name, impact_level, controls, ts)` → OSCAL System Security Plan
- `generate_component_definition(component_name, control_ids, ts)` → OSCAL Component Definition
- `validate_oscal(document)` → structural validation
- `rfc0024_readiness(...)` → 0–100 readiness score + gaps vs the 30 Sep 2026 deadline

Deterministic (uuid5 + explicit ts) → reproducible packages. Apache-2.0.

<!-- mcp-name: io.github.CSOAI-ORG/oscal-generator-mcp -->
