GRC API
12 min read
The GRC (Governance, Risk & Compliance) API exposes security analysis data from MCP Hub for consumption by external GRC platforms such as Riskitera, Drata, Vanta, OneTrust, LogicGate, and others. It positions MCP Hub as a specialized security data source for AI/MCP server security alongside tools like Tenable, Wiz, or Prisma Cloud.
The GRC API is available exclusively on the Enterprise plan. Organizations on Free or Pro plans will receive a 403 Forbidden response when accessing these endpoints.
Overview
MCP Hub continuously analyzes MCP servers for security vulnerabilities, evaluates them against 17 security controls, and computes certification scores. The GRC API surfaces all of this data in a format designed for automated ingestion by GRC platforms.
What the GRC API provides:
- Risk Analytics – Organization-wide risk posture with KRI metrics
- Vulnerability Management – All findings with CWE, CVSS, and OWASP MCP mapping
- Compliance Controls – 17 security controls with pass/fail results per MCP
- Evidence Vault – Immutable snapshot chain with SHA-256 integrity verification
- Compliance Frameworks – OWASP MCP Top 10 compliance mapping
- Audit Trail – Complete organization audit events for SOC compliance
Unique data only MCP Hub can provide:
- OWASP MCP Top 10 compliance mapping – no other security tool covers this framework
- MCP-Critical controls (Prompt Injection, Tool Poisoning, RCE) specific to AI/MCP servers
- MCP surface inventory – tools, transport, and auth signals per MCP server
- Immutable snapshot chain with cryptographic chain of custody
- Source-to-sink taint traces for vulnerability data flow forensics
Authentication
The GRC API uses organization service tokens with a dedicated grc:read scope.
Creating a Service Token
- Navigate to your organization’s Settings page in the MCP Hub dashboard.
- Go to Service Tokens.
- Click Create Token and select the
grc:readscope. - Copy the generated token (it will have the
mcp_svc_prefix).
Using the Token
Include the token in the Authorization header of every request:
Authorization: Bearer mcp_svc_abc123def456...
The token determines which organization’s data is returned. All responses are automatically scoped to the organization that owns the token.
Base URL
https://your-hub.example.com/api/v1/grc/
Replace your-hub.example.com with your MCP Hub instance hostname. All endpoints described below are relative to this base URL.
Response Envelope
All GRC API responses use a consistent envelope format:
{
"data": { ... },
"meta": {
"generated_at": "2026-02-28T12:00:00Z",
"organization_id": "550e8400-e29b-41d4-a716-446655440000",
"api_version": "2026-02-28"
}
}
datacontains the endpoint-specific response payload.meta.generated_atis the server timestamp when the response was generated (RFC 3339).meta.organization_idis the UUID of the organization the data belongs to.meta.api_versionis the API version string.
Pagination
Endpoints that return lists support pagination:
| Parameter | Type | Default | Description |
|---|---|---|---|
page | integer | 1 | Page number (1-based) |
per_page | integer | 50 | Items per page (maximum: 100) |
Paginated responses include:
{
"data": {
"total": 234,
"page": 1,
"per_page": 50,
"has_more": true,
"items": [ ... ]
}
}
Date Filtering
Endpoints that support date ranges accept ISO 8601 date strings:
?from=2026-01-01&to=2026-02-28
All timestamps in responses use RFC 3339 format.
Endpoints
1. Risk Posture
GET /api/v1/grc/risk-posture
Returns an aggregated risk overview for the entire organization. This is the primary endpoint for populating KRI (Key Risk Indicator) dashboards in GRC platforms.
Query Parameters: None.
Example Request:
curl -s -H "Authorization: Bearer mcp_svc_abc123..." \
"https://your-hub.example.com/api/v1/grc/risk-posture"
Response:
{
"data": {
"organization_id": "550e8400-e29b-41d4-a716-446655440000",
"organization_name": "Acme Corp",
"generated_at": "2026-02-28T12:00:00Z",
"summary": {
"total_mcps": 42,
"mcps_analyzed": 40,
"mcps_pending": 2,
"avg_global_score": 78.5,
"avg_security_score": 75.2,
"avg_supply_chain_score": 82.1,
"avg_maturity_score": 80.0
},
"certification_distribution": {
"level_0_not_compliant": 3,
"level_1_baseline": 12,
"level_2_standard": 20,
"level_3_advanced": 5
},
"severity_totals": {
"critical": 2,
"high": 15,
"medium": 45,
"low": 120,
"info": 230
},
"top_risks": [
{
"mcp_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"mcp_name": "my-mcp-server",
"global_score": 25,
"cert_level": 0,
"critical_findings": 2,
"high_findings": 5,
"last_analyzed_at": "2026-02-27T10:00:00Z"
}
],
"risk_trend": {
"period": "30d",
"avg_score_start": 72.0,
"avg_score_end": 78.5,
"direction": "improving",
"new_critical_findings": 1,
"resolved_critical_findings": 3
}
},
"meta": {
"generated_at": "2026-02-28T12:00:00Z",
"organization_id": "550e8400-e29b-41d4-a716-446655440000",
"api_version": "2026-02-28"
}
}
GRC Module Mapping: Risk Analytics – feeds KRIs for average score, certification distribution, severity totals, and risk trend direction.
2. Vulnerabilities
GET /api/v1/grc/vulnerabilities
Returns a paginated list of all vulnerability findings across the organization, formatted for vulnerability management workflows.
Query Parameters:
| Parameter | Type | Description |
|---|---|---|
page | integer | Page number (default: 1) |
per_page | integer | Items per page (default: 50, max: 100) |
severity | string | Filter by severity: critical, high, medium, low, info. Comma-separated for multiple values. |
vulnerability_class | string | Filter by vulnerability class: A through N |
mcp_id | uuid | Filter findings for a specific MCP server |
owasp_mcp | string | Filter by OWASP MCP risk: MCP01 through MCP10 |
status | string | Filter by status: open or resolved |
Example Request:
curl -s -H "Authorization: Bearer mcp_svc_abc123..." \
"https://your-hub.example.com/api/v1/grc/vulnerabilities?severity=critical,high&page=1&per_page=50"
Response:
{
"data": {
"total": 62,
"page": 1,
"per_page": 50,
"has_more": true,
"vulnerabilities": [
{
"id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
"mcp_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"mcp_name": "my-mcp-server",
"mcp_owner": "acme",
"version_id": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
"snapshot_id": "c3d4e5f6-a7b8-9012-cdef-123456789012",
"rule_id": "MCP-A001",
"title": "Remote Code Execution via eval()",
"description": "User-controlled input flows into eval() without sanitization",
"severity": "critical",
"confidence": "high",
"vulnerability_class": "A",
"vulnerability_class_name": "Remote Code Execution",
"cwe": "CWE-94",
"cvss": 9.8,
"owasp_mcp": "MCP05",
"owasp_mcp_name": "Command & Code Injection",
"location": {
"file_path": "src/handlers/tool.py",
"start_line": 42,
"end_line": 45
},
"remediation": "Use ast.literal_eval() or a whitelist approach instead of eval()",
"mcp_context": {
"tool_name": "execute_query",
"resource_uri": null,
"handler_name": "handle_tool_call"
},
"first_detected_at": "2026-02-20T08:00:00Z",
"last_seen_at": "2026-02-28T10:00:00Z",
"status": "open"
}
]
},
"meta": {
"generated_at": "2026-02-28T12:00:00Z",
"organization_id": "550e8400-e29b-41d4-a716-446655440000",
"api_version": "2026-02-28"
}
}
GRC Module Mapping: Vulnerability Management – each finding includes CWE, CVSS, OWASP MCP mapping, remediation guidance, and MCP-specific context (tool name, handler, resource URI).
3. Controls
GET /api/v1/grc/controls
Returns the full catalog of 17 security controls with per-MCP pass/fail results and organization-wide pass rates.
Query Parameters:
| Parameter | Type | Description |
|---|---|---|
mcp_id | uuid | Optional. Filter results to a specific MCP server. |
Example Request:
curl -s -H "Authorization: Bearer mcp_svc_abc123..." \
"https://your-hub.example.com/api/v1/grc/controls"
Response:
{
"data": {
"controls_catalog_version": "controls-catalog-v1",
"total_controls": 17,
"controls": [
{
"control_id": "SEC-011",
"control_name": "No Prompt Injection",
"category": "SECURITY",
"is_mcp_critical": true,
"weight": 10.0,
"results_by_mcp": [
{
"mcp_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"mcp_name": "my-mcp-server",
"passed": false,
"severity": "critical",
"message": "Prompt injection detected in tool description",
"evidence_finding_ids": ["f47ac10b-58cc-4372-a567-0e02b2c3d479"],
"evaluated_at": "2026-02-28T10:00:00Z"
}
],
"org_pass_rate": 0.85,
"org_fail_count": 6,
"org_pass_count": 34
}
]
},
"meta": {
"generated_at": "2026-02-28T12:00:00Z",
"organization_id": "550e8400-e29b-41d4-a716-446655440000",
"api_version": "2026-02-28"
}
}
GRC Module Mapping: GRC & Compliance – pass rates per control feed compliance dashboards. Controls marked is_mcp_critical: true represent AI/MCP-specific risks that no other security tool evaluates.
4. Controls Summary
GET /api/v1/grc/controls/summary
Returns aggregated statistics across all security controls and MCPs in the organization.
Query Parameters: None.
Example Request:
curl -s -H "Authorization: Bearer mcp_svc_abc123..." \
"https://your-hub.example.com/api/v1/grc/controls/summary"
Response:
{
"data": {
"total_evaluations": 680,
"passed": 612,
"failed": 68,
"pass_rate": 0.90,
"by_category": {
"SECURITY": {
"passed": 320,
"failed": 40,
"pass_rate": 0.889
},
"SUPPLY_CHAIN": {
"passed": 180,
"failed": 20,
"pass_rate": 0.900
},
"MATURITY": {
"passed": 112,
"failed": 8,
"pass_rate": 0.933
}
},
"worst_controls": [
{
"control_id": "SEC-003",
"control_name": "No Secrets in Code",
"fail_count": 12
}
]
},
"meta": {
"generated_at": "2026-02-28T12:00:00Z",
"organization_id": "550e8400-e29b-41d4-a716-446655440000",
"api_version": "2026-02-28"
}
}
5. Evidence
GET /api/v1/grc/evidence
Returns the immutable evidence chain – a sequence of analysis snapshots with cryptographic integrity verification. This is the most valuable endpoint for Evidence Vault modules in GRC platforms.
Each snapshot is linked to its predecessor via previous_snapshot_id, forming a verifiable chain of custody.
Query Parameters:
| Parameter | Type | Description |
|---|---|---|
page | integer | Page number (default: 1) |
per_page | integer | Items per page (default: 50, max: 50) |
mcp_id | uuid | Filter evidence for a specific MCP server |
from | date | Start date (ISO 8601, e.g., 2026-01-01) |
to | date | End date (ISO 8601, e.g., 2026-02-28) |
Example Request:
curl -s -H "Authorization: Bearer mcp_svc_abc123..." \
"https://your-hub.example.com/api/v1/grc/evidence?mcp_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890&from=2026-01-01&to=2026-02-28"
Response:
{
"data": {
"evidence_chain": [
{
"snapshot_id": "d4e5f6a7-b8c9-0123-def0-234567890123",
"mcp_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"mcp_name": "my-mcp-server",
"version_id": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
"commit_hash": "abc123def456789012345678901234567890abcd",
"created_at": "2026-02-28T10:00:00Z",
"previous_snapshot_id": "c3d4e5f6-a7b8-9012-cdef-123456789012",
"integrity": {
"tarball_sha256": "sha256:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2",
"findings_s3_key": "analysis/a1b2c3d4/findings.json",
"raw_report_s3_key": "analysis/a1b2c3d4/report.json"
},
"toolchain": {
"toolchain_version": "mcp-hub-1.2.3",
"scoring_version": "scoring-v2",
"controls_catalog_version": "controls-catalog-v1",
"scanner_version": "mcp-scan-1.0.0"
},
"scores": {
"global_score": 85,
"security_score": 80,
"supply_chain_score": 88,
"maturity_score": 90,
"msss_score": 82.5,
"msss_level": 2,
"grade": "B"
},
"finding_counts": {
"total": 12,
"critical": 0,
"high": 2,
"medium": 5,
"low": 5
},
"mcp_surface": {
"tools": ["execute_query", "list_tables"],
"transport": "stdio",
"auth_signals": ["api_key"]
},
"distributable": {
"is_distributable": true,
"runtime": "python",
"entrypoint": "src/server.py"
}
}
]
},
"meta": {
"generated_at": "2026-02-28T12:00:00Z",
"organization_id": "550e8400-e29b-41d4-a716-446655440000",
"api_version": "2026-02-28"
}
}
GRC Module Mapping: Evidence Vault – each snapshot is immutable, SHA-256 verified, linked to its predecessor (chain of custody), and includes full toolchain versions for reproducibility audits.
6. OWASP MCP Top 10 Compliance
GET /api/v1/grc/compliance/owasp-mcp-top10
Returns the organization’s compliance status against the OWASP MCP Top 10 risk framework. This is data that only MCP Hub can provide – no other security tool covers this framework.
Query Parameters: None.
Example Request:
curl -s -H "Authorization: Bearer mcp_svc_abc123..." \
"https://your-hub.example.com/api/v1/grc/compliance/owasp-mcp-top10"
Response:
{
"data": {
"framework": "OWASP MCP Top 10",
"framework_version": "2025",
"evaluated_at": "2026-02-28T12:00:00Z",
"risks": [
{
"risk_id": "MCP01",
"risk_name": "Token & Credential Mismanagement",
"mapped_vulnerability_classes": ["E"],
"finding_count": 8,
"affected_mcps": 3,
"max_severity": "high",
"status": "non_compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP01"
},
{
"risk_id": "MCP02",
"risk_name": "Tool Poisoning",
"mapped_vulnerability_classes": ["L"],
"finding_count": 2,
"affected_mcps": 1,
"max_severity": "critical",
"status": "non_compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP02"
},
{
"risk_id": "MCP03",
"risk_name": "Prompt Injection via MCP",
"mapped_vulnerability_classes": ["K"],
"finding_count": 1,
"affected_mcps": 1,
"max_severity": "critical",
"status": "non_compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP03"
},
{
"risk_id": "MCP04",
"risk_name": "Excessive Permissions",
"mapped_vulnerability_classes": ["C"],
"finding_count": 5,
"affected_mcps": 2,
"max_severity": "medium",
"status": "non_compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP04"
},
{
"risk_id": "MCP05",
"risk_name": "Command & Code Injection",
"mapped_vulnerability_classes": ["A", "B", "D"],
"finding_count": 0,
"affected_mcps": 0,
"max_severity": null,
"status": "compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP05"
},
{
"risk_id": "MCP06",
"risk_name": "Data Exfiltration",
"mapped_vulnerability_classes": ["F", "G"],
"finding_count": 3,
"affected_mcps": 2,
"max_severity": "high",
"status": "non_compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP06"
},
{
"risk_id": "MCP07",
"risk_name": "Insecure Communication",
"mapped_vulnerability_classes": ["H"],
"finding_count": 0,
"affected_mcps": 0,
"max_severity": null,
"status": "compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP07"
},
{
"risk_id": "MCP08",
"risk_name": "Insecure Storage",
"mapped_vulnerability_classes": ["I"],
"finding_count": 4,
"affected_mcps": 2,
"max_severity": "medium",
"status": "non_compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP08"
},
{
"risk_id": "MCP09",
"risk_name": "Insufficient Logging",
"mapped_vulnerability_classes": ["J"],
"finding_count": 0,
"affected_mcps": 0,
"max_severity": null,
"status": "compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP09"
},
{
"risk_id": "MCP10",
"risk_name": "Denial of Service",
"mapped_vulnerability_classes": ["M", "N"],
"finding_count": 0,
"affected_mcps": 0,
"max_severity": null,
"status": "compliant",
"findings_url": "/api/v1/grc/vulnerabilities?owasp_mcp=MCP10"
}
],
"overall_compliance_rate": 0.40
},
"meta": {
"generated_at": "2026-02-28T12:00:00Z",
"organization_id": "550e8400-e29b-41d4-a716-446655440000",
"api_version": "2026-02-28"
}
}
GRC Module Mapping: Compliance Frameworks – MCP Hub is the only security tool that can provide OWASP MCP Top 10 compliance data. Each risk includes direct links to the relevant findings for drill-down.
7. Audit Events
GET /api/v1/grc/audit-events
Returns the organization’s audit trail with timestamped events for SOC compliance and security monitoring.
Query Parameters:
| Parameter | Type | Description |
|---|---|---|
page | integer | Page number (default: 1) |
per_page | integer | Items per page (default: 50, max: 100) |
action | string | Filter by action type (e.g., mcp.created, mcp.accessed, policy.updated) |
actor_type | string | Filter by actor: user, service_token, system |
resource_type | string | Filter by resource: mcp, policy, member, token |
from | date | Start date (ISO 8601) |
to | date | End date (ISO 8601) |
Example Request:
curl -s -H "Authorization: Bearer mcp_svc_abc123..." \
"https://your-hub.example.com/api/v1/grc/audit-events?from=2026-02-01&to=2026-02-28&page=1&per_page=50"
Response:
{
"data": {
"total": 234,
"page": 1,
"per_page": 50,
"has_more": true,
"events": [
{
"id": "e5f6a7b8-c9d0-1234-ef01-345678901234",
"timestamp": "2026-02-28T09:15:00Z",
"actor_id": "f6a7b8c9-d0e1-2345-f012-456789012345",
"actor_type": "user",
"actor_name": "[email protected]",
"action": "mcp.accessed",
"resource_type": "mcp",
"resource_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"details": {
"mcp_name": "my-mcp-server"
},
"ip_address": "203.0.113.42",
"user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)"
},
{
"id": "a7b8c9d0-e1f2-3456-0123-567890123456",
"timestamp": "2026-02-28T08:30:00Z",
"actor_id": "b8c9d0e1-f2a3-4567-1234-678901234567",
"actor_type": "service_token",
"actor_name": "ci-pipeline-token",
"action": "mcp.created",
"resource_type": "mcp",
"resource_id": "c9d0e1f2-a3b4-5678-2345-789012345678",
"details": {
"mcp_name": "new-api-gateway",
"repo_url": "https://github.com/acme/new-api-gateway"
},
"ip_address": "198.51.100.10",
"user_agent": "smcp/1.2.0"
}
]
},
"meta": {
"generated_at": "2026-02-28T12:00:00Z",
"organization_id": "550e8400-e29b-41d4-a716-446655440000",
"api_version": "2026-02-28"
}
}
GRC Module Mapping: SOC Operations – complete audit trail with actor identification, IP tracking, and user agent logging for compliance evidence.
GRC Module Mapping Summary
| Endpoint | GRC Module | Key Risk Indicators |
|---|---|---|
/grc/risk-posture | Risk Analytics | Average score, certification distribution, severity totals, risk trend |
/grc/vulnerabilities | Vulnerability Management | Open findings by severity, CWE coverage, MTTR |
/grc/controls | GRC & Compliance | Pass rate per control, MCP-critical failures |
/grc/controls/summary | GRC & Compliance | Aggregated pass rates by category, worst controls |
/grc/evidence | Evidence Vault | Immutable snapshots, SHA-256 chain, toolchain traceability |
/grc/compliance/owasp-mcp-top10 | Compliance Frameworks | OWASP MCP Top 10 compliance rate per risk |
/grc/audit-events | SOC Operations | User actions, access logs, policy changes |
Integration Guide
Follow these steps to connect MCP Hub’s GRC API with your GRC platform.
Step 1: Enable Enterprise Plan
The GRC API is available exclusively on the Enterprise plan. Contact your MCP Hub account manager or upgrade through the billing settings in your organization dashboard.
Step 2: Create a Service Token
- Log into MCP Hub and navigate to your organization’s Settings.
- Go to Service Tokens and click Create Token.
- Select the
grc:readscope. - Give the token a descriptive name (e.g.,
riskitera-connectorordrata-integration). - Copy and securely store the token. It will have the
mcp_svc_prefix.
Step 3: Configure Your GRC Platform Connector
In your GRC platform, create a new data source or connector with the following settings:
| Setting | Value |
|---|---|
| Base URL | https://your-hub.example.com/api/v1/grc/ |
| Authentication | Bearer Token |
| Token | mcp_svc_... (from Step 2) |
| Content-Type | application/json |
Step 4: Map Data Fields
Map the GRC API response fields to your platform’s schema. Common mappings:
| GRC API Field | Common GRC Platform Field |
|---|---|
vulnerabilities[].cwe | CWE ID |
vulnerabilities[].cvss | CVSS Score |
vulnerabilities[].severity | Severity Level |
vulnerabilities[].remediation | Remediation Guidance |
controls[].passed | Control Status |
controls[].org_pass_rate | Control Effectiveness |
evidence[].integrity.tarball_sha256 | Evidence Hash |
audit_events[].action | Event Type |
audit_events[].actor_name | User Identity |
Step 5: Set Polling Interval
Configure your connector to poll the GRC API at regular intervals:
| Use Case | Recommended Interval |
|---|---|
| Real-time risk monitoring | Every 6 hours |
| Daily compliance reporting | Every 24 hours |
| Weekly executive dashboards | Every 168 hours (7 days) |
A polling interval of every 6 to 24 hours is recommended for most organizations. MCP Hub re-analyzes official MCPs on configurable intervals (default: 24 hours), so polling more frequently than every 6 hours provides diminishing returns.
Rate Limits
| Limit | Value |
|---|---|
| Requests per minute per token | 100 |
| Maximum items per page | 100 |
| Maximum evidence items per page | 50 |
When the rate limit is exceeded, the API returns 429 Too Many Requests with a Retry-After header indicating when you can retry.
GRC endpoints share the organization’s APICallsPerMin quota from the Enterprise plan limits.
Error Codes
| HTTP Status | Error Code | Description |
|---|---|---|
401 | unauthorized | Missing or invalid Authorization header. Ensure the token has the mcp_svc_ prefix and has not been revoked. |
403 | forbidden_scope | The service token does not have the grc:read scope. Create a new token with the correct scope. |
403 | enterprise_required | The organization is not on the Enterprise plan. Upgrade to access the GRC API. |
404 | not_found | The requested organization or resource was not found. |
422 | invalid_parameters | Invalid query parameters (e.g., malformed UUID, invalid date format). |
429 | rate_limit_exceeded | Too many requests. Wait for the duration specified in the Retry-After header. |
500 | internal_error | An unexpected error occurred. Contact support if this persists. |
Error Response Format:
{
"error": "enterprise_required",
"message": "GRC API requires Enterprise plan. Upgrade at https://your-hub.example.com/settings/billing"
}
Complete cURL Examples
Fetch organization risk posture
curl -s \
-H "Authorization: Bearer mcp_svc_abc123def456..." \
"https://your-hub.example.com/api/v1/grc/risk-posture" | jq .
List critical and high vulnerabilities
curl -s \
-H "Authorization: Bearer mcp_svc_abc123def456..." \
"https://your-hub.example.com/api/v1/grc/vulnerabilities?severity=critical,high&per_page=100" | jq .
Get vulnerabilities for a specific MCP server
curl -s \
-H "Authorization: Bearer mcp_svc_abc123def456..." \
"https://your-hub.example.com/api/v1/grc/vulnerabilities?mcp_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890" | jq .
Fetch all security controls
curl -s \
-H "Authorization: Bearer mcp_svc_abc123def456..." \
"https://your-hub.example.com/api/v1/grc/controls" | jq .
Get controls summary statistics
curl -s \
-H "Authorization: Bearer mcp_svc_abc123def456..." \
"https://your-hub.example.com/api/v1/grc/controls/summary" | jq .
Fetch evidence chain for date range
curl -s \
-H "Authorization: Bearer mcp_svc_abc123def456..." \
"https://your-hub.example.com/api/v1/grc/evidence?from=2026-01-01&to=2026-02-28&per_page=50" | jq .
Check OWASP MCP Top 10 compliance
curl -s \
-H "Authorization: Bearer mcp_svc_abc123def456..." \
"https://your-hub.example.com/api/v1/grc/compliance/owasp-mcp-top10" | jq .
Fetch audit events for the last month
curl -s \
-H "Authorization: Bearer mcp_svc_abc123def456..." \
"https://your-hub.example.com/api/v1/grc/audit-events?from=2026-02-01&to=2026-02-28&per_page=100" | jq .
Filter audit events by action type
curl -s \
-H "Authorization: Bearer mcp_svc_abc123def456..." \
"https://your-hub.example.com/api/v1/grc/audit-events?action=mcp.created&from=2026-02-01&to=2026-02-28" | jq .