MDBQS
by RajwardhanMali
Overview
A multi-database query system enabling natural language querying of heterogeneous databases (SQL, NoSQL, Graph, Vector) via LLM-assisted planning and parallel execution with result fusion and provenance tracking.
Installation
./run-all-servers.shEnvironment Variables
- POSTGRES_DSN
- MONGO_URI
- MONGO_DB
- NEO4J_URI
- NEO4J_USER
- NEO4J_PASSWORD
- MILVUS_HOST
- MILVUS_PORT
- GEMINI_API_KEY
- APP_ENV
Security Notes
The system utilizes an LLM (Google Gemini) to directly generate database query strings (SQL, NoSQL filters, Cypher components) which are then executed without robust semantic validation or sanitization. This presents a high risk of prompt injection and subsequent database injection (SQL injection in PostgreSQL, potential NoSQL injection for MongoDB via '$where'/'$eval', Milvus query injection in `get_metadata` via f-string for `cust_id`). Although the SQL adapter claims 'ONLY SELECT allowed', this is an LLM instruction and not technically enforced, making it vulnerable to malicious query chains. Hardcoded database credentials (e.g., 'postgrespassword', 'neo4jpassword', 'minioadmin') are present in `docker-compose.yml` for development, which is a severe risk if used in production.
Similar Servers
mcp-neo4j
The MCP Neo4j Cypher server enables AI models to interact with a Neo4j graph database, execute Cypher queries (read and write), explore the graph schema, and manage query performance and response sizes.
DBchat
Transforms a database into an intelligent conversational partner, enabling natural language queries, instant answers, and data visualizations via MCP clients.
supermcp
A multi-tenant SQL database connector for the MCP platform, enabling AI assistants to interact with various SQL databases like PostgreSQL, MySQL, MSSQL, Oracle, Snowflake, and SQLite through a unified interface.
nlp2sql
Converting natural language queries to optimized SQL for enterprise databases using multiple AI providers.