Script Arguments

This page documents the command-line arguments for the generation scripts.

mSCP 2.0 (Beta)

mSCP 2.0 is currently in Beta

mSCP 2.0 is under active development and should not be used in production. Please report any issues to the project. For production deployments, refer to mSCP 1.0.

---

mscp.py guidance

Generates documentation, configuration profiles, compliance scripts, and DDM components from a baseline.

./mscp.py guidance [OPTIONS] BASELINE

Argument	Description
BASELINE	Path to the baseline YAML file (required)
-A, --all	Generate all outputs
-s, --script	Generate the compliance script
-p, --profiles	Generate individual configuration profiles
--consolidated-profile	Generate a single consolidated profile
--granular-profiles	Generate granular per-setting profiles
-d, --ddm	Generate DDM components
-x, --xlsx	Generate Excel spreadsheet
-m, --markdown	Generate Markdown documentation
-l LOGO, --logo LOGO	Path to logo file for the guide
-L LANG, --language LANG	Language for output
-H HASH, --hash HASH	Sign profiles with subject key ID
--audit_name NAME	Name for audit plist and log
--reference REF	Use reference ID instead of rule ID
--dark	Dark mode output

Tip

Common usage: ./mscp.py guidance custom/baselines/800-53r5_moderate_macos_26.0.yaml -A

---

mscp.py baseline

Creates baseline YAML files by collecting rules with matching tags.

./mscp.py baseline [OPTIONS]

Argument	Description
-k KEYWORD, --keyword KEYWORD	Tag to collect rules containing the tag
-l, --list_tags	List available keyword tags and benchmarks
-t, --tailor	Customize baseline with organization values
-c, --controls	Output the 800-53 controls covered by the rules
--os_name NAME	Target OS name
--os_version VERSION	Target OS version

---

mscp.py scap

Creates SCAP 1.4 datastream, XCCDF, and OVAL documents.

./mscp.py scap [OPTIONS]

Argument	Description
-x, --xccdf	Generate XCCDF file only
-o, --oval	Generate OVAL file only
-l, --list_tags	List available keyword tags
-b BASELINE, --baseline BASELINE	Generate for a specific baseline (default: all_rules)
--disa_stig FILE	Include DISA STIG references from XCCDF file

---

mscp.py mapping

Creates custom rules and baselines for unsupported compliance frameworks.

./mscp.py mapping [OPTIONS]

Argument	Description
-c CSV, --csv CSV	Path to CSV mapping file (required)
-f FRAMEWORK, --framework FRAMEWORK	Source framework to map from (default: 800-53r5)

---

mscp.py admin translation-json

Extracts all translatable strings into a JSON template file.

./mscp.py admin translation-json [OPTIONS]

Argument	Description
-o OUTPUT, --output OUTPUT	Output file path (default: messages.json)
-d DOMAIN, --domain DOMAIN	Translation domain (default: messages)

---

mscp.py admin mo-from-json

Compiles a translated JSON file into a binary .mo file for use with gettext.

./mscp.py admin mo-from-json JSON_FILE [OPTIONS]

Argument	Description
JSON_FILE	Path to the translated JSON file (required)
-l LOCALE, --locale LOCALE	Target locale code, e.g. de, fr (required)
-m MO_FILE, --mo_file MO_FILE	Output .mo filename (default: messages.mo)
-d DOMAIN, --domain DOMAIN	Translation domain (default: messages)
-f, --use_fuzzy	Enable fuzzy translation matching

mSCP 1.0

Always Use the Correct Branch

Each macOS version has its own branch (sequoia, sonoma, ventura, etc.). Never use the main branch — it won’t work for generating content.

---

generate_guidance.py

Generates documentation, configuration profiles, compliance scripts, and DDM components from a baseline.

./scripts/generate_guidance.py [OPTIONS] BASELINE

Argument	Description
BASELINE	Path to the baseline YAML file (required)
-h, --help	Show help message
-a NAME, --audit_name NAME	Name for audit plist and log (defaults to baseline name)
-D, --ddm	Generate DDM components
-l LOGO, --logo LOGO	Path to logo file for the guide
-p, --profiles	Generate individual configuration profiles
-P, --consolidated-profile	Generate a single consolidated profile
-r REFERENCE, --reference REFERENCE	Use reference ID instead of rule ID
-s, --script	Generate the compliance script
-x, --xls	Generate Excel document
-H HASH, --hash HASH	Sign profiles with subject key ID

Tip

Common usage: ./scripts/generate_guidance.py baselines/800-53r5_moderate.yaml -p -s

---

generate_baseline.py

Creates baseline YAML files by collecting rules with matching tags.

./scripts/generate_baseline.py [OPTIONS]

Argument	Description
-h, --help	Show help message
-c, --controls	Output the 800-53 controls covered by the rules
-k KEYWORD, --keyword KEYWORD	Tag to collect rules containing the tag
-l, --list_tags	List available keyword tags
-t, --tailor	Customize baseline with organization values

Note

Running without flags lists all available keyword tags.

---

generate_scap.py

Creates SCAP 1.4 datastream, XCCDF, and OVAL documents.

./scripts/generate_scap.py [OPTIONS]

Argument	Description
-h, --help	Show help message
-x, --xccdf	Generate XCCDF file only
-o, --oval	Generate OVAL file only
-l, --list_tags	List available keyword tags
-b BASELINE, --baseline BASELINE	Generate for a specific baseline
-d FILE, --disastig FILE	Include DISA STIG references from file

Note

Without -x or -o, the script generates a complete SCAP 1.4 datastream.

---

generate_mapping.py

Creates custom rules and baselines for unsupported compliance frameworks.

./scripts/generate_mapping.py [OPTIONS] CSV_FILE

Argument	Description
CSV_FILE	Path to CSV mapping file (required)
-h, --help	Show help message
-f FRAMEWORK, --framework FRAMEWORK	Source framework to map from (default: 800-53r5)

---

Next Steps

• How to Generate Guidance — Generate documentation from baselines
• How to Generate Baselines — Create baseline files
• Generate SCAP — Create SCAP documents
• Generate Mapping — Create custom framework mappings