omcp
by fastomop
Overview
The server enables Large Language Models (LLMs) to securely query and analyze healthcare data stored in the OMOP Common Data Model format through a standardized Model Context Protocol interface.
Installation
python -m omcp.mainEnvironment Variables
- DB_TYPE
- DB_PATH
- DB_READ_ONLY
- DB_USERNAME
- DB_PASSWORD
- DB_HOST
- DB_PORT
- DB_DATABASE
- DB_TOKEN
- DB_HTTP_PATH
- DB_CATALOG
- DB_SCHEMA
- CDM_SCHEMA
- VOCAB_SCHEMA
- MCP_TRANSPORT
- MCP_HOST
- MCP_PORT
- ENABLE_LOGGING
- ENABLE_LANGFUSE
- LOG_FILE
- DEBUG
- LANGFUSE_PUBLIC_KEY
- LANGFUSE_SECRET_KEY
- LANGFUSE_HOST
- LANGFUSE_TRACE_CONTEXT_FILE
Security Notes
CRITICAL: The `lookup_drug` and `lookup_condition` functions in `src/omcp/main.py` are vulnerable to SQL injection. User input for the `term` parameter is directly interpolated into SQL queries using f-strings without proper sanitization or parameterization. This allows a malicious user to inject arbitrary SQL commands, potentially leading to unauthorized data access, modification, or other database compromises, even with the `SQLValidator` in place, as the validator acts *after* the injection occurs. The system also bypasses validation for 'system queries' which could be a nuanced risk depending on the specific database backend. While there are good intentions with `SQLValidator` and `ibis`, the direct f-string interpolation of user input in the lookup functions creates a severe vulnerability.
Similar Servers
mcp
This repository provides a collection of Model Context Protocol (MCP) servers to enable AI agents to interact with and manage various Oracle Cloud Infrastructure (OCI) services, Oracle Database, and MySQL databases through natural language.
awesome-oceanbase-mcp
The `awesome-oceanbase-mcp` project provides a collection of Model Context Protocol (MCP) servers designed to enable AI assistants to interact directly with OceanBase databases and its ecosystem components.
opensearch-mcp-server-py
Enables AI assistants and LLMs to interact with OpenSearch clusters by providing a standardized Model Context Protocol (MCP) interface through built-in and dynamic tools.
pyomop
A Python library providing tools for managing OMOP Common Data Model databases, including LLM-powered natural language querying, FHIR-to-OMOP data conversion, and PyHealth/PLP compatibility for machine learning pipelines.