Browse Taiwan NHI 審查注意事項 clauses for a specific medical specialty (dermatology, ophthalmology, ENT, TCM, dentistry, family medicine, etc.) — returns clause headlines with risk flags (amount_limit / frequency_rule / indication) and a short preview of the procedures each clause governs. Use when an...
AI agents call lookup_audit_clauses_for_specialty to retrieve information from Opdstar Nhi without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This tool queries and retrieves reference information (audit clauses, risk flags, procedure contexts) from Taiwan's NHI database for a given medical specialty. It is purely informational and read-only, serving to provide context for claim coding decisions. No data is modified, deleted, executed, or committed financially.
From the tool's definition lookup_audit_clauses_for_specialty — retrieves audit clauses, headlines, risk flags, and procedure previews. The tool 'returns' and 'Browse' indicate data retrieval without modification. No update, delete, execute, or financial operation is performed.
Attacks that exploit this kind of access
Browse Taiwan NHI 審查注意事項 clauses for a specific medical specialty (dermatology, ophthalmology, ENT, TCM, dentistry, family medicine, etc.) — returns clause headlines with risk flags (amount_limit / frequency_rule / indication) and a short preview of the procedures each clause governs. Use when an agent needs section-wide audit context before assisting with claim coding for a specialty. Don. It is categorised as a Read tool in the Opdstar Nhi MCP Server, which means it retrieves data without modifying state.
Register the Opdstar Nhi MCP server in PolicyLayer and add a rule for lookup_audit_clauses_for_specialty: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Opdstar Nhi. Nothing to install.
lookup_audit_clauses_for_specialty is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the lookup_audit_clauses_for_specialty rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for lookup_audit_clauses_for_specialty. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
lookup_audit_clauses_for_specialty is provided by the Opdstar Nhi MCP server (tatsuju/opdstar-nhi-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →