MDBQS
by RajwardhanMali
Overview
A multi-database query system enabling natural language querying of heterogeneous databases (SQL, NoSQL, Graph, Vector) via LLM-assisted planning and parallel execution with result fusion and provenance tracking.
Installation
./run-all-servers.shEnvironment Variables
- POSTGRES_DSN
- MONGO_URI
- MONGO_DB
- NEO4J_URI
- NEO4J_USER
- NEO4J_PASSWORD
- MILVUS_HOST
- MILVUS_PORT
- GEMINI_API_KEY
- APP_ENV
Security Notes
The system utilizes an LLM (Google Gemini) to directly generate database query strings (SQL, NoSQL filters, Cypher components) which are then executed without robust semantic validation or sanitization. This presents a high risk of prompt injection and subsequent database injection (SQL injection in PostgreSQL, potential NoSQL injection for MongoDB via '$where'/'$eval', Milvus query injection in `get_metadata` via f-string for `cust_id`). Although the SQL adapter claims 'ONLY SELECT allowed', this is an LLM instruction and not technically enforced, making it vulnerable to malicious query chains. Hardcoded database credentials (e.g., 'postgrespassword', 'neo4jpassword', 'minioadmin') are present in `docker-compose.yml` for development, which is a severe risk if used in production.
Similar Servers
mcp-neo4j
Provides a Model Context Protocol (MCP) server for interacting with Neo4j graph databases, enabling Cypher query execution, schema introspection, and generating insights for AI models.
gemini-flow
An AI workflow orchestration and execution platform that enables visual programming and integrates with Google's Gemini and Vertex AI services.
nlp2sql
Converts natural language queries to optimized SQL for enterprise-scale databases, supporting multiple AI providers and robust schema management.
Dynamic-Smart-MCP
An intelligent FastMCP 2 server that converts natural language questions into SQL queries or API requests for any SQL database or OpenAPI-defined API using AI.