aiAgents_database
by Srinivs-p
Overview
Intelligent database querying system enabling natural language interaction with Oracle databases via AI agents, vector search, and Retrieval-Augmented Generation (RAG).
Installation
python example_mcp_server.pyEnvironment Variables
- LLM_API_KEY
- LLM_MODEL
- LLM_PROVIDER
- EMBEDDING_MODEL
- CHUNK_SIZE
- CHUNK_OVERLAP
- TOP_K_RESULTS
- MCP_SERVER_URL
- MCP_SERVER_PORT
- VECTOR_DB_TYPE
Security Notes
CRITICAL: The MCP server in `mcp/server.py` contains severe SQL injection vulnerabilities in `_handle_query_database` and `_handle_execute_sql` methods. User-provided `query` and `sql` parameters are directly executed via `cursor.execute()` without sanitization or proper parameterization, allowing arbitrary SQL code execution. Additionally, Oracle database credentials are expected to be hardcoded into `db_engine.py` (copied from `db_engine.example.py`), which is a significant security anti-pattern for secret management. The `config/settings.py` also validates for `VECTOR_DB_URL` as required, but the default `chroma` setup in `.env.example` does not provide it, indicating a potential configuration discrepancy or security oversight if other vector DBs are used without proper URL validation.
Similar Servers
qdrant-loader
A Model Context Protocol (MCP) server that provides advanced Retrieval-Augmented Generation (RAG) capabilities to AI development tools by bridging a QDrant knowledge base for intelligent, context-aware search.
nlp2sql
Converting natural language queries to optimized SQL for enterprise databases using multiple AI providers.
viberag
Local codebase semantic search (RAG) for AI coding assistants via MCP server.
concept-rag
This MCP server provides conceptual search, document analysis, and library exploration capabilities over a knowledge base using LanceDB and LLM-based concept extraction.