symfoware-mcp-server
by toshio999
Overview
Enables local LLM clients (like Claude Desktop) to query on-premise Symfoware databases using natural language.
Installation
C:\Tools\SymfowareMcp\SymfowareMcpServer.exeEnvironment Variables
- SYMFOWARE_CONNECTION_STRING
- SYMFOWARE_SELECT_ONLY
Security Notes
The primary security concern is the `query_database` function, which allows LLM-generated SQL queries to be executed directly against the Symfoware database. While a `SYMFOWARE_SELECT_ONLY` flag exists to restrict operations to `SELECT` statements, it does not prevent SQL injection attacks that could lead to data exfiltration or denial of service through complex queries. The provided documentation does not detail any robust SQL sanitization, parameterization, or allowlisting mechanisms to mitigate these risks. Without the actual C# source code for query execution, a significant risk of SQL injection must be assumed. No 'eval' or obfuscation is apparent, and hardcoded secrets are not visible as the connection string is expected to be an environment variable.
Similar Servers
DBchat
Transforms a database into an intelligent conversational partner, enabling natural language queries, instant answers, and data visualizations via MCP clients.
mcp-node
Enables natural language interaction with Algolia data through Claude Desktop by exposing Algolia APIs via the Model Context Protocol (MCP).
consult-llm-mcp
An MCP server that allows AI agents like Claude Code to consult stronger, more capable AI models (e.g., GPT-5.2, Gemini 3.0 Pro) for complex code analysis, debugging, and architectural advice.
symfony-mcp-server
Build intelligent AI agents by transforming Symfony applications into Model Context Protocol (MCP) servers, enabling LLM interaction with application logic, tools, prompts, and resources.