// SCAN REPORT

Nonmem

22 tools. 7 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated:

7 can modify or destroy data
15 read-only
22 tools total

Community server · catalogue entry verified 11/06/2026

How to control Nonmem ↓

TOOL MAP

What Nonmem exposes to your agents

Read (15) Write / Execute (6) Destructive / Financial (1)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
Critical Risk

The most dangerous Nonmem tools

Destructive · High cancel_run Cancelling a running job is an irreversible action — it terminates the execution and any intermediate results or state from that job cannot be recovered. Execute · High execute_psn_bootstrap This tool executes complex pharmacometric analyses (bootstrapping) through an external system (PsN/NONMEM). Execute · High execute_psn_vpc This tool runs pharmacometric simulations and diagnostics via the PsN (Perl Speaks NONMEM) workflow manager. Execute · Medium run_diagnostics The tool executes a suite of diagnostic computations (boundary checks, condition number calculation, shrinkage, RSE, convergence analysis) rather than merely reading static data.

7 of Nonmem's 22 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Nonmem

PolicyLayer is an MCP gateway — it sits between your AI agents and Nonmem, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "cancel_run": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Cap read operations
{
  "compare_models": {
    "limits": [
      {
        "counter": "compare_models_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Nonmem — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON NONMEM →

Free to start. No card required.

FULL CATALOGUE

All 22 Nonmem tools

DESTRUCTIVE 1 tools
Destructive cancel_run Cancel a running NONMEM job.
EXECUTE 6 tools
Execute execute_psn_bootstrap Run bootstrap using PsN (async). Returns job ID for polling. Requires PsN + NONMEM. Execute execute_psn_vpc Run VPC using PsN (async). Returns job ID for polling. Requires PsN + NONMEM. Execute run_diagnostics Run comprehensive post-run diagnostics: boundary checks, condition number, shrinkage, precision (RSE), converg Execute simulate_mrgsolve Run a simulation using mrgsolve (R). No NONMEM needed. Provide model code or model file path. Execute generate_vpc_data Generate VPC data using mrgsolve + vpc R package. No NONMEM needed. Requires observed data and model. Execute submit_run Submit a NONMEM run (async). Returns a job ID for polling. Requires NONMEM installation.
READ 15 tools
Read compare_models Compare multiple NONMEM runs by OFV, delta-OFV, parameter counts, and AIC. Accepts a list of run directories o Read parse_control_stream Parse a NONMEM control stream (.ctl/.mod) into structured components: $THETA, $OMEGA, $SIGMA, $EST options, in Read parse_psn_results Parse results from an existing PsN output directory (VPC or bootstrap). No PsN/NONMEM installation needed. Read summarize_run Generate a comprehensive summary of a NONMEM run by combining control stream, .ext, and .lst results. Read check_nonmem_setup Check NONMEM, PsN, R, and mrgsolve installation status and paths. Read check_psn_status Check status and progress of a PsN VPC or bootstrap job. Read check_r_setup Check R installation and required packages (mrgsolve, vpc, dplyr, ggplot2). Read check_run_status Check the status and progress of a submitted NONMEM run by job ID. Read get_run_results Get full parsed results of a completed NONMEM run by job ID. Read list_runs Scan a project directory for NONMEM run files and list their status (completed/failed/running). Read read_ext_file Parse a NONMEM .ext file to extract parameter estimates, standard errors, OFV, eigenvalues, and condition numb Read read_lst_file Parse a NONMEM .lst file for termination status, minimization success, shrinkage, condition number, and warnin Read read_nm_dataset Read and summarize a NONMEM dataset: subject count, observation count, dose records, missing values, and colum Read read_nm_tables Parse NONMEM table output files (SDTAB, PATAB, etc.) and compute summary statistics for key columns (CWRES, PR Read translate_to_mrgsolve Translate a NONMEM control stream (.ctl/.mod) to mrgsolve model code. Handles ADVAN1-13, THETAs, OMEGAs, $PK,
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
adminautomation
Mcp Afip 1300 tools
adminautomation
Mcp Ap2 1300 tools
adminautomation
BNB Chain MCP 1240 tools
adminautomation
Nodebench 824 tools
adminautomation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
adminautomation
Amazon Data Processing MCP Server 805 tools
adminautomation
Amazon ECS MCP Server 805 tools
adminautomation
FAQ

Questions about Nonmem

Can an AI agent delete data through the Nonmem MCP server? +

Yes. The Nonmem server exposes 1 destructive tools including cancel_run. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How many tools does the Nonmem MCP server expose? +

22 tools across 4 categories: Destructive, Execute, Read, Write. 15 are read-only. 7 can modify, create, or delete data.

How do I enforce a policy on Nonmem? +

Register the Nonmem MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Nonmem tool call.

Deterministic rules across all 22 Nonmem tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON NONMEM →

Free to start. No card required.

22 Nonmem tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.