postgresql-mcp-server
by techslaves
Overview
Integrates Spring AI with a PostgreSQL database to expose read-only database operations as tools for AI agents.
Installation
java -Dspring.main.banner-mode=off -Dserver.port=0 -jar target/postgres-mcp-server-0.0.1-SNAPSHOT.jarEnvironment Variables
- DB_URL
- DB_USER
- DB_PASSWORD
Security Notes
CRITICAL: The `DatabaseService.executeQuery` method directly executes user-provided SQL strings without proper parameterization, making it highly vulnerable to SQL injection, even with the `SELECT` prefix check. An attacker could craft a `SELECT` statement to exfiltrate sensitive data, perform denial-of-service, or execute other malicious queries depending on database permissions. The example `claude_desktop_config.json` also hardcodes database credentials, which is a security risk if not managed properly.
Similar Servers
MCP-PostgreSQL-Ops
The MCP server provides professional operations, monitoring, and management capabilities for PostgreSQL databases using natural language queries.
enhanced-postgres-mcp-server
This server acts as a Model Context Protocol interface for PostgreSQL, enabling LLMs to query data, modify records, and manage database schema objects with read and write capabilities.
dx-mcp-server
Empowers AI applications to interact with and query a user-provided Postgres database via the Model Context Protocol (MCP).
mcp-postgres
Provides a read-only Model Context Protocol (MCP) server for AI tools (like Claude Code, Cursor) to query a PostgreSQL database directly.