hj-mcp-server
Verified Safeby Daulet151
Overview
AI-powered natural language SQL query generation and data analysis for the Hero's Journey data warehouse, integrated with Slack and Model Context Protocol (MCP) clients.
Installation
cd deployment; docker-compose up -dEnvironment Variables
- OPENAI_API_KEY
- SLACK_BOT_TOKEN
- SLACK_SIGNING_SECRET
- DB_HOST
- DB_USER
- DB_PASSWORD
Security Notes
The `execute_sql` MCP tool directly executes user-provided SQL after a basic `SELECT` prefix check, which is susceptible to SQL injection if the database user has broader permissions than strictly `SELECT`. The system logs all generated and executed SQL queries, which could inadvertently capture Personally Identifiable Information (PII) if sensitive data is used in user prompts that get reflected in the SQL. While the documentation recommends read-only database access and marks PII fields, enforcement relies on external configuration and careful usage. No evident use of `eval` or deliberate obfuscation.
Similar Servers
DBchat
Transforms a database into an intelligent conversational partner, enabling natural language queries, instant answers, and data visualizations via MCP clients.
tiger-slack
An AI-powered Slack bot, likely integrating with Claude, designed to process and respond to messages within a Slack workspace.
postgres-mcp
A PostgreSQL database management and optimization expert system, offering interactive workflows for query analysis, index tuning, health monitoring, backup strategies, and advanced functionalities like vector search and geospatial data management. It helps users understand and improve their PostgreSQL database performance and health.
nlp2sql
Converting natural language queries to optimized SQL for enterprise databases using multiple AI providers.