mssql-read-only-mcp
Verified Safeby coston
Overview
This server provides a lightweight, read-only interface for interacting with an MSSQL database, allowing users to list tables, describe their structure, and execute SELECT queries.
Installation
npx -y mssql-read-only-mcpEnvironment Variables
- SERVER_NAME
- DATABASE_NAME
- SQL_USER
- SQL_PASSWORD
- SQL_PORT
- TRUST_SERVER_CERTIFICATE
- CONNECTION_TIMEOUT
Security Notes
The server explicitly enforces read-only operations for all tools by validating that queries start with 'SELECT' and checking for dangerous keywords ('INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE', 'ALTER', 'TRUNCATE', 'EXEC', 'EXECUTE'). It also prevents multiple statements. Parameterized queries are used for 'list_table' and 'describe_table' to prevent SQL injection for structured inputs. While the 'read_data' tool accepts raw SQL, its sanitization efforts, including a 10,000 row limit, significantly mitigate common injection and denial-of-service risks. Credentials are handled via environment variables, not hardcoded.
Similar Servers
jewei-mssql-mcp-server
Provides a Micro-Agent Protocol (MCP) server for querying Microsoft SQL Server databases and retrieving table structures.
MsSqlMCP
Provides an MCP Server for SQL Server database schema inspection and safe, read-only query execution to AI clients.
pg-mcp
A read-only PostgreSQL server providing database information and query execution via the Model Context Protocol (MCP).
pyodbc-mcp-server
Provides read-only access to Microsoft SQL Server databases for AI assistants and other clients via the Model Context Protocol (MCP), using Windows Authentication.