Skip to main content

Axiome Compliance MCP Server — 138 SOC 2/ISO 27001/HIPAA tools for AI coding assistants

Project description

Axiome MCP Server

SOC 2 compliance companion for Claude Code, Codex, and AI coding assistants.

What it does

Three tool categories:

Compliance Tools (12) — Read your compliance posture from the Axiome platform

  • get_compliance_status / get_next_action — readiness score, what to fix next
  • list_security_findings / get_finding_detail — findings with remediation
  • list_compliance_controls / list_policies / list_evidence
  • list_vendors / list_risks / list_alerts
  • list_cloud_resources / get_integrations

Action Tools (6) — Take action from your IDE

  • ask_compliance_question — AI compliance advisor
  • trigger_scan / fix_finding — scan or auto-fix infrastructure
  • complete_action_card — mark remediation done
  • generate_policy — AI-generate security policies
  • add_vendor — add vendors with auto cert lookup

Knowledge Tools (4) — SOC 2 expertise, no backend needed

  • explain_soc2_criteria — "What does CC6.1 require?"
  • lookup_check — full check detail with remediation CLI + Terraform
  • search_checks — find checks by service, severity, criteria, keyword
  • get_remediation — step-by-step fix instructions

Quick Setup

cd mcp_server && pip install -e .

Add to .claude/settings.json:

{
  "mcpServers": {
    "axiome": {
      "command": "axiome-mcp",
      "env": {
        "AXIOME_API_URL": "https://api.yourdomain.com",
        "AXIOME_API_KEY": "your-service-token",
        "AXIOME_ORG_ID": "your-org-id",
        "AXIOME_PROGRAM_ID": "your-program-id"
      }
    }
  }
}

Example usage in Claude Code

> What security issues do I have?
→ calls list_security_findings(status="FAIL")

> How do I fix the S3 public access finding?
→ calls get_remediation("s3_bucket_public_access")

> What SOC 2 control does MFA map to?
→ calls explain_soc2_criteria("CC6.1")

> What checks apply to IAM?
→ calls search_checks("iam")

> Fix the CloudTrail log validation issue
→ calls fix_finding("finding-id-here")

> Am I ready for audit?
→ calls get_compliance_status() + ask_compliance_question("Am I ready?")

Architecture

Claude Code / Codex / Cursor
        │
        │ MCP (stdio)
        ▼
  ┌──────────────┐
  │  axiome-mcp   │  ← 22 tools (12 read + 6 action + 4 knowledge)
  │  (FastMCP v3) │
  └──┬────────┬───┘
     │        │
     │        └── Knowledge tools: embedded, no API call
     │
     │ HTTP + API key
     ▼
  ┌──────────────┐
  │ Axiome Backend │  ← FastAPI + Prowler + Claude
  │  (Railway)    │
  └──────────────┘

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

axiome_mcp-0.1.0-py3-none-any.whl (61.1 kB view details)

Uploaded Python 3

File details

Details for the file axiome_mcp-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: axiome_mcp-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 61.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.3

File hashes

Hashes for axiome_mcp-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 64c008226d6c92ded745272c53392678b6cefecfc2c4b68a4100de2407870863
MD5 15dff5a06f4f040cc394a316c9289713
BLAKE2b-256 55844d28931a7c3dd6d04339eacf9f0b1a1c47ac466316dac2e387c38e458df1

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page