postgresql-mcp-server

The server has critical SQL injection vulnerabilities. Table names, schema names, column names, and SQL fragments (like WHERE clauses) are often directly interpolated into SQL queries without proper escaping or identifier quoting. For example, `export_table`, `vacuum_table`, `analyze_table`, `insert_data`, `update_data`, and `delete_data` tools are susceptible. An attacker or a malicious/uncontrolled AI agent could craft inputs to these tools (e.g., in `table`, `schema`, `data` keys, `where`, or `returning` arguments) to execute arbitrary SQL commands like `DROP TABLE` or `DELETE` sensitive data. While `pg` parameterization is used for *values*, it does not protect against injection of SQL identifiers or clauses themselves. No direct use of `eval` or obfuscation was found, and credentials are handled via environment variables, but the SQL injection risk is severe.