pg-mcp
by loadept
Overview
A read-only PostgreSQL server providing database information and query execution via the Model Context Protocol (MCP).
Installation
docker run --rm -i loadept/pg-mcp:latest -u "postgres://usuario:contraseƱa@host:puerto/basedatos?sslmode=disable"Security Notes
The 'execute_query' tool directly executes user-provided SQL queries without robust input sanitization or explicit enforcement of 'SELECT only' statements in the code. Although the transaction is marked 'ReadOnly: true', malicious users could craft queries for time-based blind SQL injection, information leakage (accessing unintended tables), or resource exhaustion (complex/long-running queries), despite the README's implied 50-row limit (which is not enforced in the provided source). The PostgreSQL connection URI is passed via a command-line flag, which can expose credentials in process listings; using environment variables or a secrets manager is generally more secure.
Similar Servers
MsSqlMCP
Provides an MCP Server for SQL Server database schema inspection and safe, read-only query execution to AI clients.
mcp-postgres
Provides a read-only Model Context Protocol (MCP) server for AI tools (like Claude Code, Cursor) to query a PostgreSQL database directly.
mssql-read-only-mcp
This server provides a lightweight, read-only interface for interacting with an MSSQL database, allowing users to list tables, describe their structure, and execute SELECT queries.
database-query-server
A Go-based MCP server that provides a JSON-RPC API for executing SQL SELECT queries, prepared statements, and retrieving schema information for PostgreSQL databases.