Metadata-Version: 2.4
Name: evidentia-mcp
Version: 0.8.2
Summary: Model Context Protocol (MCP) server for Evidentia — exposes gap analysis, risk generation, explanation, and OSCAL emit to MCP-aware AI clients (Claude Desktop, Claude Code, ChatGPT, etc.)
Project-URL: Homepage, https://github.com/allenfbyrd/evidentia
Project-URL: Repository, https://github.com/allenfbyrd/evidentia
Project-URL: Issues, https://github.com/allenfbyrd/evidentia/issues
Project-URL: Changelog, https://github.com/allenfbyrd/evidentia/blob/main/CHANGELOG.md
Author-email: Allen Byrd <allen@allenfbyrd.com>
License-Expression: Apache-2.0
Keywords: ai-agent,compliance,grc,mcp,model-context-protocol
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Information Technology
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
Classifier: Typing :: Typed
Requires-Python: >=3.12
Requires-Dist: evidentia-ai<0.9.0,>=0.8.2
Requires-Dist: evidentia-collectors<0.9.0,>=0.8.2
Requires-Dist: evidentia-core<0.9.0,>=0.8.2
Requires-Dist: mcp<2.0,>=1.27
Description-Content-Type: text/markdown

# evidentia-mcp

Model Context Protocol (MCP) server for Evidentia.

Exposes Evidentia's gap analysis, risk-statement generation,
control explanation, OSCAL emit, and gap-diff surfaces to
MCP-aware AI clients (Claude Desktop, Claude Code, ChatGPT
Desktop, custom MCP clients).

## Quick start

```bash
pip install evidentia[mcp]

# Run the server over stdio (the canonical MCP transport)
evidentia mcp serve

# Health check (validates SDK availability + reachable
# evidentia-core / evidentia-ai surfaces)
evidentia mcp doctor
```

## Tool surface

| Tool | Maps to | Auth |
|---|---|---|
| `gap_analyze` | `evidentia_core.gap_analyzer` | none (read-only) |
| `risk_generate` | `evidentia_ai.risk_statements` | optional API key (LiteLLM env vars) |
| `explain_control` | `evidentia_ai.explain` | optional API key |
| `oscal_emit` | `evidentia_core.oscal.exporter` | optional Sigstore identity (env-driven) |
| `gap_diff` | `evidentia_core.gap_analyzer.diff` | none |
| `collect_aws` | `evidentia_collectors.aws` | provider creds (env-driven) |
| `collect_github` | `evidentia_collectors.github` | provider creds |
| `collect_jira` | `evidentia_collectors.jira` | provider creds |

All credential handling follows the same env-var-driven
secret-handling protocol Evidentia uses everywhere — the MCP
server NEVER accepts credentials in tool arguments.

## Transport

v0.8.0 ships the **stdio** transport only (the most common +
canonical MCP transport — used by Claude Desktop, Claude Code,
and most other MCP clients). HTTP transport + Client ID
Metadata Document (CIMD) richness defer to v0.8.1.

## License

Apache-2.0. See the workspace root LICENSE file.
