// SCAN REPORT

AWS HealthImaging MCP Server

39 tools. 19 can modify or destroy data without limits.

11 destructive tools with no built-in limits. Policy required.

Last updated:

19 can modify or destroy data
20 read-only
39 tools total
// TOOL MAP
Read (20) Write / Execute (8) Destructive / Financial (11)
// WHAT CAN GO WRONG

Destructive tools (bulk_delete_by_criteria, delete_datastore, delete_image_set) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (bulk_update_patient_metadata, copy_image_set, create_datastore) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (start_dicom_export_job, start_dicom_import_job) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

// RECOMMENDED RULES
Deny destructive operations
bulk_delete_by_criteria:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
bulk_update_patient_metadata:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
get_datastore:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 39 AWS HEALTHIMAGING MCP SERVER TOOLS
DESTRUCTIVE 11 tools
Destructive bulk_delete_by_criteria Destructive delete_datastore Destructive delete_image_set Destructive delete_instance_in_series Destructive delete_instance_in_study Destructive delete_patient_studies Destructive delete_series_by_uid Destructive delete_study Destructive remove_instance_from_image_set Destructive remove_series_from_image_set Destructive untag_resource
EXECUTE 2 tools
Execute start_dicom_export_job Execute start_dicom_import_job
WRITE 6 tools
Write bulk_update_patient_metadata Write copy_image_set Write create_datastore Write tag_resource Write update_image_set_metadata Write update_patient_study_metadata
READ 20 tools
Read get_datastore Read get_dicom_export_job Read get_dicom_import_job Read get_image_frame Read get_image_set Read get_image_set_metadata Read get_patient_dicomweb_studies Read get_patient_series Read get_patient_studies Read get_series_primary_image_set Read get_study_primary_image_sets Read list_datastores Read list_dicom_export_jobs Read list_dicom_import_jobs Read list_image_set_versions Read list_tags_for_resource Read search_by_patient_id Read search_by_series_uid Read search_by_study_uid Read search_image_sets
// FAQ
Can an AI agent delete data through the AWS HealthImaging MCP Server MCP server? +

Yes. The AWS HealthImaging MCP Server server exposes 11 destructive tools including bulk_delete_by_criteria, delete_datastore, delete_image_set. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through AWS HealthImaging MCP Server? +

The AWS HealthImaging MCP Server server has 6 write tools including bulk_update_patient_metadata, copy_image_set, create_datastore. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the AWS HealthImaging MCP Server MCP server expose? +

39 tools across 4 categories: Destructive, Execute, Read, Write. 20 are read-only. 19 can modify, create, or delete data.

How do I add Intercept to my AWS HealthImaging MCP Server setup? +

One line change. Instead of running the AWS HealthImaging MCP Server server directly, prefix it with Intercept: intercept -c aws-healthimaging-mcp-server.yaml -- npx -y @awslabs.healthimaging-mcp-server. Download a pre-built policy from policylayer.com/policies/aws-healthimaging-mcp-server and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Mcp Api 314 tools
adminautomation
Aibtc 308 tools
adminautomation
SmartBear MCP 243 tools
adminautomation
Google Super 200 tools
adminautomation
Arcane 180 tools
adminautomation
Propresenter 177 tools
adminautomation
Leaper Vision Toolkit 169 tools
adminautomation
Opencut Controller 161 tools
adminautomation

Let agents act without letting them run wild.

Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.

GET STARTED →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.