MCP-Server-and-PostgreSQL-Sample-Retail
by microsoft
Overview
Provides AI assistants with secure, intelligent access to retail sales data through PostgreSQL for sales analytics and product discovery.
Installation
docker compose up -dEnvironment Variables
- POSTGRES_DB_HOST
- POSTGRES_DB_PORT
- POSTGRES_DB
- POSTGRES_USER
- POSTGRES_PASSWORD
- AZURE_OPENAI_ENDPOINT
- EMBEDDING_MODEL_DEPLOYMENT_NAME
- APPLICATIONINSIGHTS_CONNECTION_STRING
- AZURE_CLIENT_ID
- AZURE_CLIENT_SECRET
- AZURE_TENANT_ID
- PROJECT_ENDPOINT
Security Notes
The `scripts/run-mcp-server.sh` script contains hardcoded PostgreSQL credentials (password 'change-me') and an Application Insights connection string, posing a significant security risk if used directly in production. While the `docker-compose.yml` and Azure deployment (Bicep) use environment variables and managed identities, the presence of this script with hardcoded secrets is a critical vulnerability. Other security features like Row Level Security (RLS) for multi-tenancy, Azure Entra ID integration, input validation (SQL injection prevention), and comprehensive audit logging are well-implemented, but the script flaw lowers the overall score.
Similar Servers
MCP-PostgreSQL-Ops
This MCP server provides comprehensive PostgreSQL database operations, monitoring, and management through natural language queries.
powerbi-mcp
Enables AI assistants to interact with Power BI Desktop and Service for querying data, managing models, and performing safe bulk operations through natural language, ensuring enterprise-grade security and preserving report visual integrity during refactoring.
metabase-ai-assistant
An AI-powered assistant for Metabase and PostgreSQL databases, facilitating natural language SQL generation, dashboard creation, and direct DDL operations via Model Context Protocol for Claude Desktop/Code.
nlp2sql
Converts natural language queries to optimized SQL for enterprise-scale databases, supporting multiple AI providers and robust schema management.