smart-mcp-server
Verified Safeby DigitalSQR
Overview
Provides a secure interface for AI assistants to interact with FHIR R4 servers, enabling clinical decision support workflows through PlanDefinitions, resource management, terminology lookups, and structured data capture via Questionnaires.
Installation
python fhir_server.pyEnvironment Variables
- FHIR_SERVER_URL
- MATCHBOX_SERVER_URL
Security Notes
The server's architecture relies on an external 'MCP Gateway' for authentication and authorization; it does not implement these functionalities internally by default. This design is suitable for its intended deployment but means the server would be vulnerable if exposed directly. The target FHIR and Matchbox server URLs are configurable via environment variables, which presents a Server-Side Request Forgery (SSRF) risk if these environment variables can be compromised or maliciously set. However, the code itself is free from obvious `eval` usage, obfuscation, hardcoded secrets, or direct command injection vulnerabilities. Input validation for JSON payloads and HTTP error handling for external FHIR server calls are present, including parsing of FHIR OperationOutcome details.
Similar Servers
ha-mcp
Provides AI agents with complete control over Home Assistant via REST and WebSocket APIs, offering a comprehensive suite of tools for smart home management, automation, and debugging.
fhir-mcp-server
The FHIR MCP Server acts as a bridge between AI/LLM tools and FHIR APIs, enabling seamless search, retrieval, and analysis of clinical information.
toolhive-registry
Connect to and query your Elasticsearch data, enabling AI assistants to perform searches, retrieve mappings, list indices, and get shard information.
platform-mcp
Provides a Model Context Protocol (MCP) server for AI assistants to interact with the Open Targets Platform GraphQL API for drug discovery and target-disease associations.