ToxMCP is the public suite hub for guardrailed, auditable MCP servers across computational toxicology, exposure science, mechanistic reasoning, QSAR workflows, ADMET utilities, and downstream kinetic modeling.
If you want the single best place to follow the public suite, module launches, and onboarding path, star this repo.
- Preprint (bioRxiv): https://doi.org/10.64898/2026.02.06.703989
- Citation metadata:
CITATION.cff
- It is the canonical public index for the ToxMCP suite.
- It is the best place to track which modules are public now versus still in progress.
- It is the suite-level home for docs, architecture, quickstart guidance, and contribution links.
MCP (Model Context Protocol) is a standard way for LLM clients and orchestrators to call external tools over a structured interface. See the official MCP docs/spec: https://modelcontextprotocol.io/
| Module | What it covers | Upstream dependency | Requirements | Status | Repo |
|---|---|---|---|---|---|
| CompTox MCP | Identity, hazard, exposure, bioactivity, screening prioritization | EPA CompTox APIs + packaged metadata bundles | API key required (CTX_API_KEY) |
Available now | Repo |
| ADMETlab MCP | Molecule washing, SVG rendering, ADMET prediction, CSV retrieval | ADMETlab 3.0 API | No key by default; upstream instability/rate limits may cause intermittent failures | Available now | Repo |
| AOP MCP | Mechanistic pathways, scientific review, assay discovery, authoring workflows | AOP-Wiki / AOP-DB / CompTox federation | Internet access recommended; fixture fallback available for offline development | Available now | Repo |
| O-QT MCP | OECD QSAR workflows, grouping/read-across dossiers, PDF reports | OECD QSAR Toolbox WebAPI | Requires a running QSAR Toolbox WebAPI instance (typically Windows-hosted) | Available now | Repo |
| PBPK MCP | PBPK simulation, qualification, verification, dossier export | Open Systems Pharmacology Suite + rxode2 runtime |
Local worker/runtime setup required (see repo deploy scripts) | Available now | Repo |
| Direct-Use Exposure MCP | Auditable deterministic external-dose scenario construction, jurisdictional comparison, PBPK-ready handoff packaging | Versioned defaults, packaged archetypes, bounded worker/exchange surfaces | Python 3.12+; local install from repo release assets | Available now | Repo |
| Dietary Exposure MCP | Coming soon | Coming soon | Coming soon | Coming soon | Repo |
| Environmental Fate MCP | Coming soon | Coming soon | Coming soon | Coming soon | Repo |
| Bioactivity-PoD MCP | Coming soon | Coming soon | Coming soon | Coming soon | Repo |
The fastest way to get productive with ToxMCP is:
- Pick an entry point. Start with CompTox MCP for the most recognizable public toxicology data workflow, or use Direct-Use Exposure MCP when you need an auditable exposure object from the start.
- Follow that module repo’s Quickstart TL;DR.
- Run its Verification (smoke test) so you know the local setup is working before adding more modules.
- CompTox MCP: http://localhost:8000
- O-QT MCP: http://localhost:8001
- PBPK MCP: http://localhost:8002
- AOP MCP: http://localhost:8003
- ADMETlab MCP: http://localhost:8200
- Choose CompTox MCP if you want the best first-run experience and the most recognizable toxicology dataset integration today.
- Choose Direct-Use Exposure MCP if you need reviewable exposure scenarios with explicit assumptions, provenance, limitations, and fit-for-purpose framing.
- Add AOP MCP, O-QT MCP, or PBPK MCP next depending on whether the workflow needs mechanistic context, QSAR Toolbox automation, or toxicokinetic modeling.
Exposure-side stack expansion is still in progress, but the external-exposure layer is now public. Direct-Use Exposure MCP is the current suite module for deterministic exposure screening and governed external-dose handoff generation.
Start with docs/README.md for the suite-level documentation map.
- Each MCP server is versioned and released independently.
- Some modules depend on proprietary or rate-limited upstream services. Check each module README for exact setup details.
ToxMCP was developed, in part, in the context of the VHP4Safety project (see: https://github.com/VHP4Safety) and related research and engineering efforts.
Funding: Dutch Research Council (NWO) — NWA.1292.19.272 (NWA programme)
This suite integrates with third-party data sources and services (e.g., EPA CompTox, ADMETlab, AOP resources, OECD QSAR Toolbox, Open Systems Pharmacology). Those upstream resources are owned and governed by their respective providers; users are responsible for meeting any access, API key, rate limit, and license/EULA requirements described in each module.
Apache-2.0
Djidrovski, I. ToxMCP: Guardrailed, Auditable Agentic Workflows for Computational Toxicology via the Model Context Protocol. bioRxiv (2026). https://doi.org/10.64898/2026.02.06.703989
@article{djidrovski2026toxmcp,
title = {ToxMCP: Guardrailed, Auditable Agentic Workflows for Computational Toxicology via the Model Context Protocol},
author = {Djidrovski, Ivo},
journal = {bioRxiv},
year = {2026},
doi = {10.64898/2026.02.06.703989},
url = {https://doi.org/10.64898/2026.02.06.703989}
}Citation metadata: CITATION.cff
Please see CONTRIBUTING.md. If you’re not sure which repository to use, open an issue here: https://github.com/ToxMCP/toxmcp/issues
See SUPPORT.md.
