wren-engine
Verified Safeby Canner
Overview
The Wren MCP Server facilitates AI agent integration by providing a Model Context Protocol interface to interact with the Wren Engine for SQL planning and data access.
Installation
uv --directory $(pwd)/mcp-server run app/wren.pyEnvironment Variables
- WREN_URL
- CONNECTION_INFO_FILE
- MDL_PATH
Security Notes
The server directly accepts SQL queries from AI agents and forwards them to the Wren Engine (or an external Java engine). While the core Wren Engine (Rust implementation) uses AST-based parsing and rewriting, which is generally more robust against SQL injection than string concatenation, the direct exposure of a SQL input surface remains a significant security concern. The overall security largely depends on the absolute robustness of the Wren Engine's SQL parser and rewriter against all forms of malicious SQL constructs. The Python code itself does not contain obvious hardcoded secrets or arbitrary code execution (`eval`) patterns. Database connection information is loaded from a file, relying on file system security. The `query` tool is explicitly marked with `destructiveHint=True` for AI agents, indicating a potential for data modification or deletion.
Similar Servers
mesh
An open-source control plane for Model Context Protocol (MCP) traffic, providing unified authentication, routing, observability, and tool management for AI agents and integrations across various services.
mcp-omnisearch
Provides a unified interface for various search, AI response, content processing, and enhancement tools via Model Context Protocol (MCP).
metorial-platform
An open source integration platform for agentic AI, connecting AI models to external APIs, data sources, and tools.
1xn-vmcp
An open-source platform for composing, customizing, and extending multiple Model Context Protocol (MCP) servers into a single logical, virtual MCP server, enabling fine-grained context engineering for AI workflows and agents.