Deterministic patient search using semantic mappings. Only uses validated friendly field mappings - no column guessing. Requires semantic mapping for PATIENT_MASTER table.
AI agents call searchPatients to retrieve information from MCP Oracle Server without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
searchPatients is a deterministic read-only query tool constrained to use pre-validated semantic mappings. It retrieves patient data without side effects (no creation, modification, deletion, or execution of arbitrary operations). The restriction to semantic mappings and validated field mappings further limits risk.
From the tool's definition Tool performs 'patient search' using 'semantic mappings' and 'validated friendly field mappings' with explicit requirement that PATIENT_MASTER table has semantic mapping.
Attacks that exploit this kind of access
Deterministic patient search using semantic mappings. Only uses validated friendly field mappings - no column guessing. Requires semantic mapping for PATIENT_MASTER table. It is categorised as a Read tool in the MCP Oracle Server MCP Server, which means it retrieves data without modifying state.
Register the MCP Oracle Server MCP server in PolicyLayer and add a rule for searchPatients: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches MCP Oracle Server. Nothing to install.
searchPatients is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the searchPatients rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for searchPatients. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
searchPatients is provided by the MCP Oracle Server MCP server (jaikishpai/mcp-server-nodejs). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →