DBMcp
by AbdelilahOu
Overview
This MCP server provides AI assistants with a standardized interface to connect, query, and manage various SQL databases, enabling data interaction and schema exploration.
Installation
./DBMcp stdio -c connections.jsonSecurity Notes
CRITICAL: Database credentials (usernames and passwords) are hardcoded directly into 'connections.json' as plain text. This file is likely committed to the repository, representing a severe exposure of sensitive information. The 'execute_query' tool allows direct execution of arbitrary SQL (INSERT, UPDATE, DELETE, CREATE, ALTER, DROP) provided by an AI, with only a weak blacklist for specific dangerous operations (like 'DROP DATABASE' or 'TRUNCATE'). This makes the server highly vulnerable to SQL injection, unauthorized data manipulation, and schema destruction if the AI's input is compromised or crafted maliciously. There is no explicit authentication or authorization layer implemented for AI clients interacting with the server's tools, relying solely on the underlying MCP transport's security (which is 'stdio' for local clients in the provided configuration, but can change).
Similar Servers
genai-toolbox
MCP Toolbox for Databases is an open-source server enabling AI agents to interact with various databases through defined tools, simplifying development, improving performance, and enhancing security for Gen AI applications.
db-mcp-server
Provides AI assistants with structured access to multiple databases, enabling them to execute SQL queries, manage transactions, explore schemas, and analyze performance through a unified interface.
mcp-mysql-server
Provides an MCP-compliant interface for AI models to securely interact with a MySQL database for CRUD operations, schema inspection, and performance analysis.
DatabaseMcpServer
This server provides a unified, secure database operation interface for AI assistants, supporting a wide range of database types and dynamic switching.