mcp-server
by dimmark2
Overview
Provides an AI agent with tools to query and explore a Postgres database schema (specifically 'df365') via the Model Context Protocol (MCP).
Installation
npm run start:httpEnvironment Variables
- PGHOST
- PGPORT
- PGUSER
- PGPASSWORD
- PGDATABASE
- DATABASE_URL
- PORT
- MCP_HTTP_PORT
Security Notes
CRITICAL: The server has a hardcoded default PostgreSQL password ('qDJqEEbhMrQThzXAKRgtIFzFVKsHSaio') which is a severe security vulnerability. CRITICAL: The `sample_rows` and `describe_table` tools are vulnerable to SQL injection as they construct SQL queries by directly concatenating user-provided `schema` and `table` names without proper sanitization or parameterization for identifiers. The `run_select` tool attempts to prevent data modification and arbitrary SQL execution via a blacklist, but this approach is less secure than whitelisting or using parameterized queries for dynamic identifiers, and does not cover the other vulnerable tools.
Similar Servers
mcp-server-mysql
A backend server application for a Modular Control Platform (MCP) or Microservice Control Plane, likely built with Node.js/TypeScript and integrating with MySQL, potentially featuring AI/LLM evaluation capabilities.
tiger-gh-mcp-server
Provides a set of focused tools to Large Language Models (LLMs) for interacting with the GitHub API, enabling capabilities like fetching issues, pull requests, commits, releases, and searching code within a specified organization.
tiger-memory-mcp-server
A backend server for a Minecraft-related application, likely providing data management or proxy services.
deployhq-mcp-server
This is a backend server component, likely acting as a "Master Control Program" for deployment workflows or a core service, developed using Node.js and TypeScript.