mcp-trino
Verified Safeby txn2
Overview
A Model Context Protocol (MCP) server for Trino, enabling AI assistants to query and explore data warehouses with optional semantic context from metadata catalogs.
Installation
docker run --rm -i -e TRINO_HOST=trino.example.com -e TRINO_USER=your_user -e TRINO_PASSWORD=your_password ghcr.io/txn2/mcp-trino:latestEnvironment Variables
- TRINO_HOST
- TRINO_PORT
- TRINO_USER
- TRINO_PASSWORD
- TRINO_CATALOG
- TRINO_SCHEMA
- TRINO_SSL
- TRINO_SSL_VERIFY
- TRINO_TIMEOUT
- TRINO_SOURCE
- TRINO_ADDITIONAL_SERVERS
- MCP_TRINO_CONFIG
- MCP_TRINO_EXT_LOGGING
- MCP_TRINO_EXT_METRICS
- MCP_TRINO_EXT_READONLY
- MCP_TRINO_EXT_QUERYLOG
- MCP_TRINO_EXT_METADATA
- MCP_TRINO_EXT_ERRORS
- SEMANTIC_STATIC_FILE
- SEMANTIC_STATIC_WATCH_INTERVAL
- DATAHUB_ENDPOINT
- DATAHUB_TOKEN
- DATAHUB_PLATFORM
- DATAHUB_ENVIRONMENT
- DATAHUB_TIMEOUT
Security Notes
The server implements strong security defaults including a read-only mode (blocking DML/DDL operations), query row limits, and timeouts. SQL identifiers are properly quoted, mitigating basic SQL injection risks for schema exploration tools. For direct SQL execution tools (`trino_query`, `trino_explain`), the system relies on configurable query interceptors (the `ReadOnlyInterceptor` is enabled by default) for deeper validation. Releases are secured with SLSA Level 3 provenance and Cosign signatures, enhancing supply chain security. SSL verification is enabled by default for remote Trino connections. The primary remaining risks would involve crafting highly resource-intensive SELECT queries (mitigated by timeouts) or intentionally disabling/misconfiguring core security extensions.
Similar Servers
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
mcp-trino
Enables AI assistants to interact with Trino's distributed SQL query engine for data analytics through a standardized Model Context Protocol (MCP) server.
mcp-trino-python
The MCP Trino Server provides seamless integration with Trino and Iceberg for advanced data exploration, querying, and table maintenance capabilities through a standard interface.
MCP-Agent
An autonomous AI agent designed to discover, connect to, and utilize tools and resources from various Model Context Protocol (MCP) servers to accomplish tasks.