MCP-SERVER-POSTGRES

Name: MCP-SERVER-POSTGRES
Author: AnhQuanengineer

Verified Safe

by AnhQuanengineer

View Source

Overview

Provides an MCP server for PostgreSQL database interaction (schema listing, read-only querying) and AI-powered sentiment analysis using either external LLMs or local Hugging Face models.

Installation

Run Command

python postgres.py

Environment Variables

POSTGRES_HOST
POSTGRES_PORT
POSTGRES_DB
POSTGRES_USER
POSTGRES_PASSWORD
LLM_PROVIDER
OPENROUTER_API_KEY
OPENROUTER_MODEL
GOOGLE_API_KEY
GOOGLE_MODEL
HF_MODEL_NAME
PRELOAD_MODEL

Security Notes

The `postgres.py` component implements robust SQL query validation (`validate_sql_query`) to restrict operations to `SELECT` statements only, prevent multiple statements, and filter dangerous patterns (e.g., SQL comments, file operations, stored procedures). This significantly mitigates SQL injection risks for its defined read-only functions. API keys and database credentials are managed via environment variables. The `sentiment.py` component includes a rate limiter for LLM API calls, preventing abuse, and attempts to parse LLM responses as JSON with a fallback for malformed output. No direct use of `eval` or `exec` is present. A potential future risk exists if the `update_sentiment` prompt (currently unimplemented in `postgres.py`'s `handle_call_tool`) were to be implemented without similar stringent input validation and parameterization.

Similar Servers

MCP-PostgreSQL-Ops

131

The MCP server provides professional operations, monitoring, and management capabilities for PostgreSQL databases using natural language queries.

Other

$Medium

enhanced-postgres-mcp-server

This server acts as a Model Context Protocol interface for PostgreSQL, enabling LLMs to query data, modify records, and manage database schema objects with read and write capabilities.

Other

$Medium