mcp-server-python

The 'postgres_server.py' includes an 'execute_query' tool that allows executing arbitrary SQL queries directly against the PostgreSQL database. While it supports parameterized queries for values, this function itself represents a significant SQL injection risk if not used with extremely careful input validation or strict access control, as it can execute DDL, DML, or administrative commands. The 'rest_api_server.py' uses f-strings for schema names in its SQL queries, but the 'schema' parameter is strictly validated against a whitelist ('dev', 'prod', 'test'), mitigating direct schema name injection. The use of Ngrok for public exposure is noted as optional but requires careful security measures (authentication, IP whitelisting) as advised in the README. No hardcoded secrets were found; sensitive data is loaded from .env files. Overall, the direct SQL execution capability in the PostgreSQL server is the primary critical security concern.