ORACLE-MCP-SERVER
by bharathRathod23
Overview
A Model Context Protocol (MCP) server that connects to an Oracle Database, allowing LLM models to interact with the database and retrieve data.
Installation
npm startEnvironment Variables
- ORACLE_USER
- ORACLE_PASSWORD
- ORACLE_HOST
- ORACLE_PORT
- ORACLE_SERVICE_NAME
Security Notes
The `execute_query` tool directly passes the LLM-generated `query` string to the `oracledb.execute` function without robust sanitization or specific bind variable usage for the query itself. This creates a critical SQL Injection vulnerability, allowing a malicious or flawed LLM to execute arbitrary SQL commands (including DDL/DML if the database user has permissions). While the README recommends using a read-only database user, the code does not enforce this, making it inherently unsafe for untrusted input. Hardcoded default Oracle password 'Oracle18' exists in the Docker setup script, but is intended for local dev setup and should be overridden by `.env` for runtime.
Similar Servers
mcp
This repository provides a collection of Model Context Protocol (MCP) servers to enable AI agents to interact with and manage various Oracle Cloud Infrastructure (OCI) services, Oracle Database, and MySQL databases through natural language.
opensearch-mcp-server-py
Enables AI assistants and LLMs to interact with OpenSearch clusters by providing a standardized Model Context Protocol (MCP) interface through built-in and dynamic tools.
emceepee
A proxy server enabling AI agents to dynamically connect to and interact with multiple Model Context Protocol (MCP) backend servers, exposing the full MCP protocol via a simplified tool interface or a sandboxed JavaScript execution environment.
mcp-server-db2i
Enables AI assistants to query and inspect IBM DB2 for i databases using the Model Context Protocol (MCP) via stdio or HTTP.