poly-db-mcp
by hyperpolymath
Overview
Unified MCP server that provides a single interface for natural language querying and management of 20 different databases, running on Deno and built with ReScript.
Installation
deno task startEnvironment Variables
- POSTGRES_HOST
- POSTGRES_DATABASE
- MONGODB_URL
- DRAGONFLY_HOST
- ELASTICSEARCH_URL
- NEO4J_URL
- LMDB_PATH
- ITOP_URL
- SURREAL_URL
- MEMCACHED_SERVERS
- XTDB_URL
- CASSANDRA_CONTACT_POINTS
- MARIADB_HOST
- MEILISEARCH_URL
- INFLUXDB_URL
- ARANGO_URL
- VIRTUOSO_ENDPOINT
- COUCHDB_URL
- DUCKDB_HTTP_URL
- PORT
- HOST
- MCP_HTTP_MODE
Security Notes
The PostgreSQL adapter (pg_query, pg_select, pg_insert, pg_update, pg_delete, pg_json_query, pg_create_table) uses `conn.unsafe(query)` directly with user-provided string inputs without apparent sanitization. This is a critical SQL injection vulnerability. While other adapters generally use parameterized queries or client SDKs (which are safer), this single direct injection point significantly compromises the server's security if interacting with PostgreSQL via untrusted input. Deno's broad permissions (--allow-net, --allow-read, --allow-write, --allow-env, --unstable-kv) are necessary but also mean a vulnerability can have wider impact. Hardcoded default credentials for some databases are present but are intended to be overridden by environment variables.
Similar Servers
mcp-server-neon
MCP server enabling natural language interaction and management of Neon Postgres databases.
db-mcp-server
This server acts as a unified interface for AI models to interact with multiple databases (MySQL, PostgreSQL, TimescaleDB), enabling AI assistants to execute SQL, manage transactions, explore schemas, and analyze performance.
mcp-omnisearch
A Model Context Protocol (MCP) server providing unified access to multiple search providers and AI tools for comprehensive search, AI responses, content processing, and enhancement features.
tmcp
OAuth 2.1 authorization helper for Model Context Protocol (MCP) servers.