io.github.knowledgepa3/gia-mcp-server
平台与服务by knowledgepa3
提供企业级 AI 治理能力:审计追踪、合规控制与面向 Claude 的 human-in-the-loop 审批关卡。
什么是 io.github.knowledgepa3/gia-mcp-server?
提供企业级 AI 治理能力:审计追踪、合规控制与面向 Claude 的 human-in-the-loop 审批关卡。
README
GIA Governance Intelligence Automation
Enterprise AI governance through the Model Context Protocol.
GIA is a production governance engine that gives AI agents enforceable decision controls, compliance scoring, immutable audit chains, and human-in-the-loop gates. Built for organizations operating under NIST, FedRAMP, CMMC, EU AI Act, and SOC 2 requirements.
29 MCP tools. One integration point. Works with Claude Desktop, Claude Code, OpenAI Agent Builder, and any MCP-compatible client.
Quick Start
npx gia-mcp-server
Or install globally:
npm install -g gia-mcp-server
gia-mcp-server
The server connects to the hosted GIA engine at https://gia.aceadvising.com. Configure your API key:
GIA_API_KEY=your-key npx gia-mcp-server
Claude Desktop
Add to your claude_desktop_config.json:
{
"mcpServers": {
"gia-governance": {
"command": "npx",
"args": ["-y", "gia-mcp-server"],
"env": {
"GIA_API_KEY": "your-key"
}
}
}
}
Claude Code
claude mcp add gia-governance -- npx -y gia-mcp-server
OpenAI Agent Builder
Point to the Streamable HTTP endpoint:
https://gia.aceadvising.com/mcp
Smithery
npx -y @smithery/cli install @knowledgepa3/gia-mcp-server --client claude
Tools
Decision Controls (MAI Framework)
| Tool | Description |
|---|---|
classify_decision | Classify agent decisions as Mandatory, Advisory, or Informational |
approve_gate | Human-in-the-loop approval for Mandatory gates |
evaluate_threshold | Compute escalation health (Storey Threshold) |
score_governance | Weighted governance scoring (Integrity, Accuracy, Compliance) |
Compliance & Audit
| Tool | Description |
|---|---|
audit_pipeline | Query the hash-chained forensic audit ledger |
verify_ledger | Verify SHA-256 chain integrity from genesis |
map_compliance | Map controls to NIST AI RMF, EU AI Act, ISO 42001, NIST 800-53 |
assess_risk_tier | EU AI Act risk tier classification |
generate_report | Governance status reports (summary, detailed, executive) |
Knowledge Packs
| Tool | Description |
|---|---|
seal_memory_pack | Create immutable, TTL-bound knowledge artifacts |
load_memory_pack | Load packs with trust level and role enforcement |
transfer_memory_pack | Governed knowledge transfer between agents |
compose_memory_packs | Merge packs with risk contamination rules |
distill_memory_pack | Extract governance patterns from usage history |
promote_memory_pack | Promote packs to higher trust levels after review |
Security & Operations
| Tool | Description |
|---|---|
monitor_agents | Agent health, repair history, failure counts |
srt_run_watchdog | Infrastructure health probes (API, disk, memory, TLS, DB, DNS) |
srt_diagnose | Incident diagnosis with playbook matching |
srt_approve_repair | Human-approved repair execution |
srt_generate_postmortem | Structured incident postmortems with TTD/TTR metrics |
Infrastructure Remediation
| Tool | Description |
|---|---|
gia_scan_environment | Scout swarm for environment detection |
gia_list_packs | List remediation, patrol, hardening, and audit packs |
gia_dry_run_pack | Preview pack execution with blast radius analysis |
gia_apply_pack | Execute remediation with mandatory human approval |
gia_run_patrol | Read-only posture checks and compliance audits |
Impact & Value
| Tool | Description |
|---|---|
record_value_metric | Track time saved, risks blocked, autonomy levels |
record_governance_event | Log gates, drift prevention, violations blocked |
generate_impact_report | Economic + governance ROI reporting |
system_status | Engine health, uptime, configuration |
Architecture
GIA enforces governance through three layers:
- Decision Controls — MAI classification gates side effects and high-impact actions
- Step Hooks — Workflow progression control at each pipeline stage
- Kernel Hooks — Resource control at the LLM boundary, including sub-agents
Every governance action is recorded in a SHA-256 hash-chained audit ledger that can be independently verified.
Compliance Coverage
- NIST AI RMF — Risk management framework mapping
- EU AI Act — Risk tier assessment and control mapping
- ISO 42001 — AI management system alignment
- NIST 800-53 — Federal security control mapping
- CMMC 2.0 — DoD cybersecurity maturity
- FedRAMP — Federal cloud authorization
- SOC 2 — Service organization controls
About
Built by Advanced Consulting Experts (ACE) — a Service-Disabled Veteran-Owned Small Business (SDVOSB).
GIA was designed by William J. Storey III, a 17-year Information System Security Officer with experience across DoD contracts and U.S. Army Ranger Battalion operations. The same discipline applied to securing classified systems now governs AI agent workforces.
License
MIT
常见问题
io.github.knowledgepa3/gia-mcp-server 是什么?
提供企业级 AI 治理能力:审计追踪、合规控制与面向 Claude 的 human-in-the-loop 审批关卡。
相关 Skills
MCP构建
by anthropics
聚焦高质量 MCP Server 开发,覆盖协议研究、工具设计、错误处理与传输选型,适合用 FastMCP 或 MCP SDK 对接外部 API、封装服务能力。
✎ 想让 LLM 稳定调用外部 API,就用 MCP构建:从 Python 到 Node 都有成熟指引,帮你更快做出高质量 MCP 服务器。
Slack动图
by anthropics
面向Slack的动图制作Skill,内置emoji/消息GIF的尺寸、帧率和色彩约束、校验与优化流程,适合把创意或上传图片快速做成可直接发送的Slack动画。
✎ 帮你快速做出适配 Slack 的动图,内置约束规则和校验工具,少踩上传与播放坑,做表情包和演示都更省心。
MCP服务构建器
by alirezarezvani
从 OpenAPI 一键生成 Python/TypeScript MCP server 脚手架,并校验 tool schema、命名规范与版本兼容性,适合把现有 REST API 快速发布成可生产演进的 MCP 服务。
✎ 帮你快速搭建 MCP 服务与后端 API,脚手架完善、扩展顺手,尤其适合想高效验证服务能力的开发者。
相关 MCP Server
Slack 消息
编辑精选by Anthropic
Slack 是让 AI 助手直接读写你的 Slack 频道和消息的 MCP 服务器。
✎ 这个服务器解决了团队协作中需要 AI 实时获取 Slack 信息的痛点,特别适合开发团队让 Claude 帮忙汇总频道讨论或发送通知。不过,它目前只是参考实现,文档有限,不建议在生产环境直接使用——更适合开发者学习 MCP 如何集成第三方服务。
by netdata
io.github.netdata/mcp-server 是让 AI 助手实时监控服务器指标和日志的 MCP 服务器。
✎ 这个工具解决了运维人员需要手动检查系统状态的痛点,最适合 DevOps 团队让 Claude 自动分析性能数据。不过,它依赖 NetData 的现有部署,如果你没用过这个监控平台,得先花时间配置。
by d4vinci
Scrapling MCP Server 是专为现代网页设计的智能爬虫工具,支持绕过 Cloudflare 等反爬机制。
✎ 这个工具解决了爬取动态网页和反爬网站时的头疼问题,特别适合需要批量采集电商价格或新闻数据的开发者。不过,它依赖外部浏览器引擎,资源消耗较大,不适合轻量级任务。