Back to MCP Trust Indexm8ven
69
/ 100
11 days ago
glama

nist-mcp

Provides structured access to the full NIST cybersecurity catalog, including SP 800/1800 publications, security controls, CSF 2.0, and the NVD database. It enables AI assistants to search and retrieve cybersecurity standards, CVEs, and compliance guidance directly from a local SQLite index.

ball2jh/nist-mcp· listed on glama
Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
7 tools verified — handlers match their declared behaviour
5 read-only tools verified — handlers contain no write/delete/exec
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 1 credential: NIST_MCP_NVD_API_KEY
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configNIST_MCP_DATA_DIR~/.nist-mcp Directory for the local database and cached documents
🔐 secretNIST_MCP_NVD_API_KEY_(none)_ Optional NVD API key for higher rate limits (recommended)
configNIST_MCP_UPDATE_INTERVAL604800 Seconds between background database rebuilds (default: 7 days)
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 4 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/ball2jh-nist-mcp-1pyfxe)](https://m8ven.ai/mcp/ball2jh-nist-mcp-1pyfxe)
commit: f16411a5caeb70b6c0383aaaffdeb2a62d49fa26
code hash: bf08237ad09cc7491950dc35c92f453fd8ff31307603334a4020732c69d57ac5
verified: 6/16/2026, 11:37:29 AM
view raw JSON →