mcp-server-postgres
Provides an MCP (Model Context Protocol) server that exposes PostgreSQL metadata and read-only query capabilities (primarily SELECT) via MCP tools. The server accepts dynamic database connection parameters per request and supports listing schemas/tables and running read-only queries with validation.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security claims include SELECT/WITH/SHOW/EXPLAIN/DESCRIBE allowlisting and input validation, which is a strong intention for preventing writes. However, the README does not describe transport security/TLS requirements for MCP, does not document MCP-level authentication/authorization, and requires per-request database passwords as tool arguments—raising risk of secret exposure if the agent or client mishandles logs/telemetry. No details are provided on rate limiting, query sandboxing beyond validation, or dependency/security posture.
⚡ Reliability
Best When
You need controlled, read-only PostgreSQL access for an MCP client/agent and can supply database connection details securely per request (or via a trusted environment).
Avoid When
Avoid if you need data-changing operations, if you cannot enforce network/database access restrictions, or if you cannot securely handle per-request credentials.
Use Cases
- • LLM/agent-driven database exploration (list schemas/tables) via MCP
- • Read-only analytics and data retrieval with constrained SQL (SELECT-only policy)
- • Integrating PostgreSQL data access into MCP-compatible clients (e.g., Claude Desktop)
- • Prototyping agent workflows that need controlled database access
Not For
- • Writing/modifying data in PostgreSQL (not intended for non-read-only operations)
- • Exposing a public internet-facing database tool without additional network/security controls
- • Workloads requiring complex pagination controls, mutations, or full SQL dialect support without constraints
Interface
Authentication
README shows database credentials (host/database/username/password) are provided as tool arguments per request; no separate MCP authentication mechanism is described.
Pricing
Open-source project (MIT) with no hosted pricing described.
Agent Metadata
Known Gotchas
- ⚠ Tool inputs include database credentials; agents must avoid logging or leaking them.
- ⚠ Read-only validation is described, but exact SQL validation rules/edge cases are not documented in detail.
- ⚠ Results pagination/limits are only superficially described (e.g., limit parameter) without clear cursoring strategy.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-server-postgres.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-04-04.