pg-mcp-server

Provides a Model Context Protocol (MCP) server that connects to a PostgreSQL database and exposes MCP tools/resources for listing tables, retrieving table schema/sample data, and executing SQL queries through a controlled interface.

Evaluated Mar 30, 2026 (21d ago)

Repo ↗ Infrastructure mcp postgres database typescript stdio http agent-tools

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Security largely depends on protecting the network and using a least-privilege Postgres user in DATABASE_URL. HTTP transport is mentioned without documented auth; there is an option to enable write ops (DANGEROUSLY_ALLOW_WRITE_OPS) which increases risk if misconfigured. TLS/HTTP security details and error-safe handling of secrets are not specified in the provided content.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You run the MCP server locally or in a trusted network and want an agent-friendly bridge to Postgres with a simple configuration via DATABASE_URL.

Avoid When

You need strong transport security guarantees for remote clients, fine-grained authorization, or well-defined rate-limit/retry semantics for high-throughput production use.

Use Cases

• LLM-assisted database exploration (schemas, sample data)
• Querying PostgreSQL from an MCP-capable client via a standardized interface
• Building agent workflows that need read-only (or optionally write) access to a Postgres database

Not For

• Publicly exposed production databases without additional network/auth controls
• Use cases requiring fine-grained, per-user permissions beyond what the database user allows
• Workloads needing strict audit/compliance guarantees (not documented here)

Interface

REST API

GraphQL

gRPC

MCP Server

Yes

SDK

Webhooks

Authentication

Methods: Implicit database authentication via DATABASE_URL (Postgres user/password or connection string)

OAuth: No Scopes: No

No separate user authentication for the MCP server is described; access is governed by the Postgres credentials and the DANGEROUSLY_ALLOW_WRITE_OPS flag.

Pricing

Free tier: No

Requires CC: No

Open-source npm package (MIT) per provided metadata; no pricing details in the provided content.

Agent Metadata

Pagination

none

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ Write operations are disabled by default but can be enabled; agents should respect DANGEROUSLY_ALLOW_WRITE_OPS and database permissions.
⚠ For safety, the Postgres user in DATABASE_URL should be restricted (e.g., read-only) when using agent-driven SQL.
⚠ HTTP transport is described but no authentication/rate-limit behavior is documented; do not expose to untrusted networks.

Alternatives

Direct SQL access from the agent using a restricted DB user (with custom guardrails) PostgREST/GraphQL layers for typed access (less flexible for ad-hoc exploration) Other MCP database servers or data-access tools with explicit permissioning

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for pg-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.