Skip to content
ai-supply.store
探索分类排行榜社区Agent APIFAQ
登录免费注册
catalog / Healthcare / BioMCP
◇MCP serverHealthcareFree

BioMCP

Unified MCP access to biomedical literature, clinical trials, genes, variants, and drugs.

@ai-supply
安装量1.6k
↗ 源代码仓库
← More HealthcareHealthcare leaderboard →How we grade security →Source ↗

BioMCP

BioMCP is a Model Context Protocol server that gives AI assistants and researchers unified access to trusted biomedical data sources through a single command grammar.

One query can fan out across biomedical literature (PubTator3 and Europe PMC, with an optional Semantic Scholar leg) and pivot between genes, variants, drugs, diseases, pathways, proteins, and articles, plus clinical-trial and variant databases — returning compact, evidence-oriented results over live public data with local study analytics.

It is intended for researchers, clinicians, and agents who need to search and cross-reference biomedical evidence without rebuilding a workflow for each source.

Rating rank
#1
of 11 in Healthcare
Install rank
#10
of 11 in Healthcare
Security score
95/100 · A
review
Security rank
#6
of 11 in Healthcare
Installs
1.6k
cat avg 63k
This listing vs category average
Installs
this
cat avg
Security (of 100)
this
cat avg
Adoption trend
See the Healthcare leaderboard →
! Security: Review · 9595/100 · grade Ascanned 18h ago
✓ no compromise signals50 risk-surface · 10/20 OWASP controls flagged

Compromise signals — malicious or tampered code (leaked secrets, backdoors, a dropped executable) — reduce the score, and known dependency CVEs carry a bounded penalty (they warrant review but never QUARANTINE — update the dependency to clear). Other dangerous-by-capability traits are risk surface, expected for some capabilities. Every finding is mapped to its OWASP control below.

What this capability can do · med confidence (static)
⚑ filesystem⚑ shell⚑ network⚑ secretsinstall: script:genomoncology-biomcp-ba4d160/tests/test_public_install_docs_contract.py
egress → code.claude.com, biomcp.org, ftp.ncbi.nlm.nih.gov, extranet.who.int, api.fda.gov, eutils.ncbi.nlm.nih.gov, medlineplus.gov, wsearch.nlm.nih.gov +32

Findings mapped to the OWASP Top 10 for LLM Applications (2025) and the OWASP Machine Learning Security Top 10. Expand any flagged control for the exact findings — compromise reduces the score; expected/risk-surface do not.

OWASP Top 10 for LLM Applications
⚠LLM01Prompt Injectionhigh
Adversarial instructions embedded in an artifact that hijack a downstream LLM.
•Prompt-injection phrasing — instruction-subversion language detected · genomoncology-biomcp-ba4d160/CHANGELOG.md (CWE-77)risk surface
⚠LLM02Sensitive Information Disclosurehigh
Secrets, credentials or PII shipped inside the artifact.
•Embedded credentials — found: credentials in URL · genomoncology-biomcp-ba4d160/.github/workflows/release.yml (CWE-798)expected
•Embedded credentials — found: hardcoded credential · genomoncology-biomcp-ba4d160/spec/surface/discover.md (CWE-798)expected
⚠LLM05Improper Output Handlinghigh
Code that pipes model/user output into shell, eval, SQL or paths unsafely.
•Suspicious code patterns — destructive rm -rf / · genomoncology-biomcp-ba4d160/Dockerfile (CWE-78)risk surface
•Suspicious code patterns — pipe-to-shell install · genomoncology-biomcp-ba4d160/README.md (CWE-494)risk surface
•Suspicious code patterns — OS command execution · genomoncology-biomcp-ba4d160/architecture/experiments/243-architecture-hpo-phenotype-enrichment-for-clinical-symptoms/scripts/clinical_features_spike/reports.py (CWE-78)risk surface
•Path traversal sequences — '../' present in content or name · genomoncology-biomcp-ba4d160/architecture/experiments/244-obsidian-vault-knowledge-base-with-pdf-to-markdown/harden.md (CWE-22)risk surface
•Suspicious code patterns — dynamic code execution · genomoncology-biomcp-ba4d160/tests/test_cbioportal_study_download_timeout_contract.py (CWE-95)risk surface
•Suspicious code patterns — OS command execution; dynamic code execution · genomoncology-biomcp-ba4d160/tests/test_directory_submission_contract.py (CWE-78)risk surface
•Suspicious code patterns — pipe-to-shell install; dynamic code execution · genomoncology-biomcp-ba4d160/tests/test_documentation_consistency_audit_contract.py (CWE-494)risk surface
⚠LLM06Excessive Agencyhigh
Over-broad tool/permission surface or unrestricted egress.
•External endpoints declared — 3 distinct host(s) · genomoncology-biomcp-ba4d160/.claude-plugin/marketplace.jsonrisk surface
•Broad capability surface — 3 high-impact capability categories referenced — verify least-privilege · genomoncology-biomcp-ba4d160/.github/workflows/release.yml (CWE-272)risk surface
•External endpoints declared — 1 distinct host(s) · genomoncology-biomcp-ba4d160/.github/workflows/release.ymlrisk surface
•External endpoints declared — 2 distinct host(s) · genomoncology-biomcp-ba4d160/CITATION.cffrisk surface
•Egress to a private/loopback host — 127.0.0.1 · genomoncology-biomcp-ba4d160/README.md (CWE-918)risk surface
•External endpoints declared — 4 distinct host(s) · genomoncology-biomcp-ba4d160/architecture/experiments/24-diagnostic-entity-landscape/scripts/diagnostic_landscape/probes.pyrisk surface
•External endpoints declared — 12 distinct host(s) · genomoncology-biomcp-ba4d160/architecture/experiments/243-architecture-hpo-phenotype-enrichment-for-clinical-symptoms/scripts/curated_source_landscape.pyrisk surface
•Broad capability surface — 4 high-impact capability categories referenced — verify least-privilege · genomoncology-biomcp-ba4d160/architecture/experiments/244-obsidian-vault-knowledge-base-with-pdf-to-markdown/scripts/run_all_probes.py (CWE-272)risk surface
•External endpoints declared — 9 distinct host(s) · genomoncology-biomcp-ba4d160/architecture/experiments/244-obsidian-vault-knowledge-base-with-pdf-to-markdown/scripts/run_all_probes.pyrisk surface
•External endpoints declared — 6 distinct host(s) · genomoncology-biomcp-ba4d160/architecture/experiments/245-biomedical-news-discovery-and-personalized-briefing/exploit.mdrisk surface
•External endpoints declared — 7 distinct host(s) · genomoncology-biomcp-ba4d160/architecture/experiments/245-biomedical-news-discovery-and-personalized-briefing/source_registry.jsonrisk surface
•External endpoints declared — 15 distinct host(s) · genomoncology-biomcp-ba4d160/architecture/experiments/369-score-variant-agent-source-apis/lib/source_api_scoring/external_apis.pyrisk surface
•External endpoints declared — 5 distinct host(s) · genomoncology-biomcp-ba4d160/architecture/experiments/variant-structure-annotation/variant_structure_annotation/sources.pyrisk surface
•External endpoints declared — 8 distinct host(s) · genomoncology-biomcp-ba4d160/docs/getting-started/api-keys.mdrisk surface
•External endpoints declared — 47 distinct host(s) · genomoncology-biomcp-ba4d160/docs/reference/data-sources.mdrisk surface
•External endpoints declared — 56 distinct host(s) · genomoncology-biomcp-ba4d160/docs/reference/source-licensing.mdrisk surface
•External endpoints declared — 48 distinct host(s) · genomoncology-biomcp-ba4d160/docs/reference/source-versioning.mdrisk surface
•External endpoints declared — 16 distinct host(s) · genomoncology-biomcp-ba4d160/scripts/contract-smoke.shrisk surface
•External endpoints declared — 14 distinct host(s) · genomoncology-biomcp-ba4d160/scripts/source-contracts.mdrisk surface
•External endpoints declared — 39 distinct host(s) · genomoncology-biomcp-ba4d160/src/cli/health/catalog.rsrisk surface
•External endpoints declared — 22 distinct host(s) · genomoncology-biomcp-ba4d160/src/render/markdown/evidence.rsrisk surface
•External endpoints declared — 10 distinct host(s) · genomoncology-biomcp-ba4d160/src/render/markdown/evidence/tests.rsrisk surface
•Egress to a private/loopback host — 127.0.0.1, 10.0.0.5, 169.254.169.254 · genomoncology-biomcp-ba4d160/src/sources/figshare/tests/construction.rs (CWE-918)risk surface
•External endpoints declared — 24 distinct host(s) · genomoncology-biomcp-ba4d160/tests/test_source_pages_docs_contract.pyrisk surface
⚠LLM07System Prompt Leakagehigh
Secrets, internal hosts or proprietary logic exposed in shipped prompts.
•Embedded credentials — found: credentials in URL · genomoncology-biomcp-ba4d160/.github/workflows/release.yml (CWE-798)expected
•Embedded credentials — found: hardcoded credential · genomoncology-biomcp-ba4d160/spec/surface/discover.md (CWE-798)expected
•Internal host / private infrastructure reference — shipped content references a private IP range or internal-only host · genomoncology-biomcp-ba4d160/src/sources/figshare/tests/construction.rs (CWE-200)risk surface
⚠LLM03Supply Chainmedium
Vulnerable/compromised dependencies, models or archives in the artifact.
•Vulnerable dependencies — 13 known vulnerabilities in: bincode@1.3.3, fxhash@0.2.1, instant@0.1.13, memmap2@0.5.10, quinn-proto@0.11.14, rustls-pemfile@2.2.0, ttf-parser@0.24.1, anyhow@1.0.102 (CWE-1395)known CVE · -5 pts
⚠LLM10Unbounded Consumptionmedium
Unbounded loops/recursion causing DoS or runaway cost.
Enforced at runtime by the gateway (rate limits + spend caps + size caps); static check flags unbounded loops.
•Potentially unbounded loop — an infinite loop (while True / while(1) / for(;;)) may cause runaway consumption · genomoncology-biomcp-ba4d160/architecture/experiments/24-diagnostic-entity-landscape/scripts/diagnostic_landscape/landscape.py (CWE-835)risk surface
§LLM09MisinformationGovernance
Artifacts designed to produce false/deceptive output.
Detectable only by runtime behavioral evaluation; addressed via responsible-use attestation.
✓LLM04Data and Model PoisoningPassed
Backdoors/poisoning in training data or serialized models.
Behavioral poisoning needs model execution; static check covers unsafe serialization + dataset skew only.
✓LLM08Vector and Embedding WeaknessesPassed
PII or plaintext source leakage in embedding/vector exports.
Embedding inversion/poisoning is largely runtime; static check covers PII in vector exports.
OWASP Machine Learning Security Top 10
⚠ML02Data Poisoninghigh
Poisoned training datasets with triggers or anomalous distributions.
Static check covers trigger phrasing, PII and label skew; full poisoning detection is runtime.
•Prompt-injection phrasing — instruction-subversion language detected · genomoncology-biomcp-ba4d160/CHANGELOG.md (CWE-77)risk surface
⚠ML09Output Integrityhigh
Middleware tampering with model outputs in transit.
Gateway enforces TLS + response integrity; static check flags output-rewriting code.
•Suspicious code patterns — destructive rm -rf / · genomoncology-biomcp-ba4d160/Dockerfile (CWE-78)risk surface
•Suspicious code patterns — pipe-to-shell install · genomoncology-biomcp-ba4d160/README.md (CWE-494)risk surface
•Suspicious code patterns — OS command execution · genomoncology-biomcp-ba4d160/architecture/experiments/243-architecture-hpo-phenotype-enrichment-for-clinical-symptoms/scripts/clinical_features_spike/reports.py (CWE-78)risk surface
•Path traversal sequences — '../' present in content or name · genomoncology-biomcp-ba4d160/architecture/experiments/244-obsidian-vault-knowledge-base-with-pdf-to-markdown/harden.md (CWE-22)risk surface
•Suspicious code patterns — dynamic code execution · genomoncology-biomcp-ba4d160/tests/test_cbioportal_study_download_timeout_contract.py (CWE-95)risk surface
•Suspicious code patterns — OS command execution; dynamic code execution · genomoncology-biomcp-ba4d160/tests/test_directory_submission_contract.py (CWE-78)risk surface
•Suspicious code patterns — pipe-to-shell install; dynamic code execution · genomoncology-biomcp-ba4d160/tests/test_documentation_consistency_audit_contract.py (CWE-494)risk surface
⚠ML06AI Supply Chainmedium
Compromised PyPI/npm packages, typosquats, unsafe serialized models.
•Vulnerable dependencies — 13 known vulnerabilities in: bincode@1.3.3, fxhash@0.2.1, instant@0.1.13, memmap2@0.5.10, quinn-proto@0.11.14, rustls-pemfile@2.2.0, ttf-parser@0.24.1, anyhow@1.0.102 (CWE-1395)known CVE · -5 pts
§ML01Input Manipulation (Adversarial)Governance
Models vulnerable to adversarial perturbations.
Requires runtime robustness evaluation; addressed via publisher robustness attestation.
§ML03Model InversionGovernance
Training data reconstructable from a model's outputs.
Runtime/evaluation property; addressed via model-card data-provenance + DP attestation.
§ML04Membership InferenceGovernance
Determining whether a record was in the training set.
Runtime/evaluation property; addressed via overfitting disclosure + DP attestation.
§ML08Model SkewingGovernance
Models trained on skewed data producing biased output.
Requires fairness evaluation; addressed via model-card bias/limitations disclosure.
✓ML05Model TheftPassed
Unlicensed re-distribution / license-incompatible derivatives.
Static check verifies license declaration; extraction throttling is runtime.
✓ML07Transfer Learning AttackPassed
Backdoored base models / LoRA adapters propagating to derivatives.
Backdoor detection needs behavioral probing; static check covers unsafe serialization + provenance.
✓ML10Model Poisoning (Weights)Passed
Tampered model weight files; integrity must be verifiable.
Static check enforces safe formats + records a content hash for downstream verification.
Other findings (22) · hygiene / uncategorized
•Unrecognized file type — '.dockerignore' is not on the allowlist · genomoncology-biomcp-ba4d160/.dockerignorerisk surface
•Unrecognized file type — '.gitattributes' is not on the allowlist · genomoncology-biomcp-ba4d160/.gitattributesrisk surface
•Unrecognized file type — '.gitignore' is not on the allowlist · genomoncology-biomcp-ba4d160/.gitignorerisk surface
•Unrecognized file type — '.mcpbignore' is not on the allowlist · genomoncology-biomcp-ba4d160/.mcpbignorerisk surface
•Unrecognized file type — '.cff' is not on the allowlist · genomoncology-biomcp-ba4d160/CITATION.cffrisk surface
•Unrecognized file type — '.?' is not on the allowlist · genomoncology-biomcp-ba4d160/Dockerfilerisk surface
•Suspicious network references — raw IP URL (6 URLs) · genomoncology-biomcp-ba4d160/README.mdrisk surface
•Suspicious network references — raw IP URL (3 URLs) · genomoncology-biomcp-ba4d160/RUN.mdrisk surface
•Unrecognized file type — '.jsonl' is not on the allowlist · genomoncology-biomcp-ba4d160/benchmarks/bioasq/annotations/validity.jsonlrisk surface
•Suspicious network references — raw IP URL (1 URLs) · genomoncology-biomcp-ba4d160/examples/rmcp_streamable_http_contract.rsrisk surface
•Suspicious network references — raw IP URL (2 URLs) · genomoncology-biomcp-ba4d160/examples/streamable-http/README.mdrisk surface
•Unrecognized file type — '.proto' is not on the allowlist · genomoncology-biomcp-ba4d160/protos/dna_model.protorisk surface
•Suspicious network references — raw IP URL (4 URLs) · genomoncology-biomcp-ba4d160/scripts/release-smoke.shrisk surface
•Suspicious network references — raw IP URL (34 URLs) · genomoncology-biomcp-ba4d160/spec/fixtures/setup-article-fulltext-source-fixture.shrisk surface
•Suspicious network references — raw IP URL (30 URLs) · genomoncology-biomcp-ba4d160/spec/surface/mcp.mdrisk surface
•Suspicious network references — raw IP URL (21 URLs) · genomoncology-biomcp-ba4d160/src/entities/discover.rsrisk surface
•Possible obfuscation — very long lines · genomoncology-biomcp-ba4d160/src/entities/disease/fixtures/medlineplus/chronic_venous_insufficiency_topics.jsonrisk surface
•Suspicious network references — raw IP URL (14 URLs) · genomoncology-biomcp-ba4d160/src/sources/figshare/tests/construction.rsrisk surface
•Unrecognized file type — '.j2' is not on the allowlist · genomoncology-biomcp-ba4d160/templates/adverse_event.md.j2risk surface
•Suspicious network references — URL shortener (30 URLs) · genomoncology-biomcp-ba4d160/testdata/sources/myvariant/get_braf_v600e.jsonrisk surface
•Suspicious network references — URL shortener (5 URLs) · genomoncology-biomcp-ba4d160/testdata/sources/myvariant/search_braf.jsonrisk surface
•Suspicious network references — raw IP URL (13 URLs) · genomoncology-biomcp-ba4d160/tests/test_docs_changelog_refresh.pyrisk surface
✔ verified source · pinned genomoncology-biomcp-ba4d160 · changed since last scan (-5 pts)
Check against a policy

The same gate an agent runs before installing (POST /api/v1/trust/biomcp-server/check). Click a policy:

Consume BioMCP programmatically. Authenticate with an API key or session — see Authorize an agent.

# Agents: CHECK BEFORE YOU INSTALL (no auth) — score, grade, level, capability manifest
curl https://ai-supply.store/api/v1/trust/biomcp-server

# Gate against your org policy (returns { pass, violations })
curl -X POST https://ai-supply.store/api/v1/trust/biomcp-server/check \
  -H "Content-Type: application/json" \
  -d '{"minGrade":"B","denyPermissions":["shell"],"denyUnknownEgress":true}'

# CLI
npx ai-supply add biomcp-server

# REST (install → download)
curl -X POST https://ai-supply.store/api/v1/listings/biomcp-server/install \
  -H "Authorization: Bearer $AIM_KEY"

# MCP tool
install_listing({ "slug": "biomcp-server" })
OpenAPI spec →
vlatest
! Security: Review · 951d ago

Curated mirror — latest upstream source. See the repository for tagged releases.

Sign in and install this listing to leave a review.

More from @ai-supply

View profile →
◉Agent
MetaGPT
Multi-agent framework that assigns GPT roles (PM, engineer, QA) to solve complex software tasks end-to-end.
↓ 1.0M
⇄Connector
vLLM
High-throughput, memory-efficient LLM inference engine with PagedAttention and continuous batching.
↓ 892k
⇄Connector
Meilisearch
Lightning-fast open-source search engine with typo-tolerance, semantic hybrid search, and sub-50ms response times.
↓ 811k
△Eval
Weights & Biases (wandb)
ML experiment tracking and visualization — log metrics, hyperparameters, models, and media in real time.
↓ 784k
ai-supply.store

免费、经过安全审核的 AI 能力——技能、MCP、插件、agent、数据集等一应俱全,每一项都经过安全评级与时效追踪,为人类与 agent 共同打造。

api · v3.1status · all green
联系
support@ai-supply.storesecurity@ai-supply.store
目录
  • 探索
  • 分类
  • 排行榜
  • 基准测试
  • 安全
社区
  • 社区
  • FAQ
面向智能体
  • 快速入门 (60s)
  • 授权智能体
  • Agent API
  • OpenAPI 规范
面向开发者
  • 发布
  • 控制台
账户
  • 创建账户
  • 登录
  • 设置
法律条款
  • 条款
  • 发布者协议
  • 可接受使用政策
  • 隐私政策