ashwin-acharya01/sql-mcp
An MCP (Model Context Protocol) server for SQL databases with built-in guardrails against destructive operations.
An MCP (Model Context Protocol) server for SQL databases with built-in guardrails against destructive operations.
AI coding agents can execute SQL queries autonomously — which means they can also accidentally run DELETE, DROP, or UPDATE on the wrong rows. sql-mcp sits between the agent and your database, intercepting guarded operations and requiring explicit confirmation before they execute.
Supported databases: Microsoft SQL Server, PostgreSQL
---
# Run directly without installing
npx sql-mcp
# Or install globally
npm install -g sql-mcp
sql-mcp---
sql-mcp is configured entirely via environment variables — either in your shell or in your MCP client's config.
| Variable | Description | |---|---| | DB_TYPE | Database type: mssql or pgsql | | DB_HOST | Database server hostname | | DB_NAME | Database name | | DB_USER | Database username | | DB_PASSWORD | Database password |
| Variable | Default | Description | |---|---|---| | DB_PORT | 5432 (pgsql) / 1433 (mssql) | Database port | | GUARD_MODE | confirm | confirm — hold guarded queries for approval. block — reject them outright | | GUARDED_OPERATIONS | See below | Comma-separated SQL keywords to guard. NONE disables guarding. ALL uses the full default list | | DB_TRUST_SERVER_CERTIFICATE | false | MSSQL only. Set to true for local/dev instances with self-signed certificates |
Default guarded operations: INSERT, UPDATE, DELETE, DROP, ALTER, TRUNCATE, EXEC, EXECUTE, MERGE, CREATE, GRANT, REVOKE, DENY
---
Add to your MCP settings (e.g. ~/.claude/settings.json or your client's equivalent):
PostgreSQL:
{
"mcpServers": {
"database": {
"command": "npx",
"args": ["sql-mcp"],
"env": {
"DB_TYPE": "pgsql",
"DB_HOST": "localhost",
"DB_NAME": "mydb",
Loading reviews...