Server data from the Official MCP Registry
20 SKILLs de auditoría interna para agentes de IA según IIA, COSO, NIST, ISO, COBIT y ACFE.
20 SKILLs de auditoría interna para agentes de IA según IIA, COSO, NIST, ISO, COBIT y ACFE.
This is a well-structured MCP server providing read-only access to audit methodology SKILLs. The codebase demonstrates good security practices: no authentication is required (appropriate for a reference tool), path traversal is properly prevented, no sensitive credentials are handled, and dependencies are minimal and legitimate. Minor code quality observations around error handling and logging do not materially impact security. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.
5 files analyzed · 8 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-marcelinero-auditoria-skills": {
"args": [
"auditoria-skills-mcp"
],
"command": "uvx"
}
}
}From the project's GitHub README.
mcp-name: io.github.marcelinero/auditoria-skills
Model Context Protocol (MCP) server exposing 20 internal-audit SKILLs grounded in globally accepted standards (IIA, COSO, NIST, ISO, IFRS, COBIT, ACFE). SKILLs are written in Spanish — the working language of the target audience.
Zero-install — one command, no repo cloning, no path configuration.
Add to claude_desktop_config.json:
~/Library/Application Support/Claude/claude_desktop_config.json%APPDATA%\Claude\claude_desktop_config.json{
"mcpServers": {
"auditoria-skills": {
"command": "uvx",
"args": ["auditoria-skills-mcp"]
}
}
}
Restart Claude Desktop. No repo cloning, no absolute paths.
claude mcp add auditoria-skills -- uvx auditoria-skills-mcp
uv# macOS / Linux
curl -LsSf https://astral.sh/uv/install.sh | sh
# Windows (PowerShell)
powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex"
uvx resuelve la versión en cada ejecución desde PyPI. Para forzar la última versión publicada:
# Forzar última versión (recomendado tras una actualización de marcos)
uvx auditoria-skills-mcp@latest
# Si quedó una versión vieja en caché, limpiarla
uv cache clean auditoria-skills-mcp
Cuando un marco de referencia se revisa (COSO, NIST, IIA, ISO…), se publica una nueva versión en PyPI y queda registrada en el CHANGELOG. Si detectas que un estándar fue actualizado y el SKILL no lo refleja, abre un issue — no hace falta escribir código.
Los SKILLs son Markdown + YAML — editables, versionables, y reutilizables.
# Clona el repo
git clone https://github.com/marcelinero/auditoria-skills-mcp.git
cd auditoria-skills-mcp
# Edita los SKILLs en ./auditoria_skills_mcp/data/skills/
# Ejemplo: ajusta matriz de controles en auditoria_skills_mcp/data/skills/procesos/evaluacion-controles/SKILL.md
# Ejecuta localmente
uv run python -m auditoria_skills_mcp
Esta es tu copia adaptada a tu contexto (matriz interna, normativa local, procedimientos propios). No requiere aprobación ni PRs.
Si mejoras algo reutilizable para otros auditores, abre un Pull Request:
Ver CONTRIBUTING.md para detalles.
| Nivel | Qué es | Quién | Control |
|---|---|---|---|
| Canónico | Versión oficial en PyPI | Mantenedor | Centralizado, sigue estándares globales |
| Local | Adaptado a tu entidad | Tú | Descentralizado, sin tocar lo común |
| Comunitario | Mejoras genéricas aceptadas | PR + revisión | Se fusionan a main si pasan criterios |
| Tool | Description |
|---|---|
list_skills | List all 20 SKILLs with type, category, and anchor standards |
get_skill | Load the full content of a SKILL by name |
search_skills | Filter by type (proceso/especialidad) and/or framework (ISO, NIST, IIA…) |
| SKILL | Anchor standards |
|---|---|
planeacion-basada-riesgos | IIA, COSO ERM, ISO 31000 |
evaluacion-controles | COSO IC-IF, IIA, SOX 404 |
muestreo | NIA/ISA 530, AICPA |
papeles-trabajo | NIA/ISA 230, IIA |
comunicacion-hallazgos | IIA Standards |
seguimiento-recomendaciones | IIA Standards |
aseguramiento-calidad | IIA, IIA QA Manual |
analitica-datos | GTAG 16, ISACA |
| SKILL | Anchor standards |
|---|---|
auditoria-financiera | NIA/ISA, NIIF/IFRS, SOX, COSO IC-IF |
auditoria-operativa | IIA, ISO 9001, INTOSAI |
auditoria-tecnologia-informacion | COBIT 2019, ITAF, ISO 27001:2022 |
auditoria-forense | ACFE, NIA 240, FATF |
auditoria-cumplimiento | ISO 37301, ISO 37001:2025 |
auditoria-esg-sostenibilidad | ISSB IFRS S1/S2, GRI, TCFD, SASB, CSRD/ESRS (post-Ómnibus) |
auditoria-ciberseguridad | NIST CSF 2.0, ISO 27001/27002:2022, CIS v8.1 |
auditoria-inteligencia-artificial | ISO/IEC 42001, NIST AI RMF, EU AI Act |
auditoria-calidad | ISO 9001, ISO 19011 |
auditoria-ambiental | ISO 14001, ISO 14064, GHG Protocol |
auditoria-gestion-desempeno | IIA, INTOSAI ISSAI, COSO ERM |
auditoria-continua | GTAG 3, AICPA, ISACA |
Load the auditoria-ciberseguridad SKILL and help me plan
an audit based on NIST CSF 2.0.
Which SKILLs in the catalog apply to ISO standards?
I'm doing a compliance audit for ISO 37301.
Load the relevant SKILLs and build the engagement plan.
This repository is the canonical source of the catalog. The 20 SKILLs live in
auditoria_skills_mcp/data/skills/ — plain Markdown + YAML, readable directly on GitHub.
Issues and contributions (new SKILLs, framework updates) → open an issue.
Español: Servidor MCP con 20 SKILLs de auditoría interna redactadas en español neutro, ancladas a normas globales (IIA, COSO, NIST, ISO, IFRS, COBIT, ACFE). Cubre procesos transversales (planeación, muestreo, papeles de trabajo) y especialidades (financiera, TI, forense, ESG, ciberseguridad, IA y más).
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.