mxp-mcp-server

The server uses environment variables for all sensitive credentials (MXP and database). SQL queries from the LLM-exposed `execute_read_only_query` tool are intended to be parameterized, which helps prevent SQL injection, though a poorly instructed LLM could theoretically bypass this if it embeds values directly into the query string. The prompt template `sql_query_from_natural_language` explicitly guides the LLM to generate read-only SQL and use parameterized calls, acting as a safeguard. The REST API has open CORS (`allow_origins='*'`) which is acceptable for development/testing but should be restricted in production environments. Communication with the MXP backend uses HTTP Basic Authentication, which requires HTTPS for secure transport in production. Overall, it follows good security practices for credential management and SQL interaction, with appropriate cautions for deployment.