@modelcontextprotocol/server-postgres

Anthropic's official reference MCP server for PostgreSQL databases. Gives agents read-only SQL query access to a Postgres database with automatic schema inspection.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Databases postgres postgresql sql database mcp anthropic official
⚙ Agent Friendliness
84
/ 100
Can an agent use this?
🔒 Security
84
/ 100
Is it safe for agents?
⚡ Reliability
82
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
88
Documentation
85
Error Messages
82
Auth Simplicity
88
Rate Limits
72

🔒 Security

TLS Enforcement
85
Auth Strength
82
Scope Granularity
80
Dep. Hygiene
88
Secret Handling
88

Read-only by design is the primary security control. Use a dedicated read-only Postgres user. Connection string in env var (not args) is recommended. No row-level security enforcement from the MCP layer.

⚡ Reliability

Uptime/SLA
78
Version Stability
85
Breaking Changes
85
Error Recovery
78
AF Security Reliability

Best When

Your agent needs to query a PostgreSQL database. Read-only by design — safe to use with production databases. Schema introspection built in so agents know table structure.

Avoid When

You need write operations (INSERT/UPDATE/DELETE), or your database isn't PostgreSQL.

Use Cases

  • Agents querying production databases to answer business questions
  • Data analysis tasks where agents run SQL and interpret results
  • Schema-aware data retrieval — agent sees table structures before writing queries
  • Debugging and monitoring workflows that need to check database state
  • Generating reports from database data without building custom API endpoints

Not For

  • Write operations — this server is read-only by design
  • MySQL, SQLite, or other databases (PostgreSQL-specific)
  • Databases requiring row-level security or column-level access control (no RLS support)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: connection_string
OAuth: No Scopes: No

PostgreSQL connection string via POSTGRES_CONNECTION_STRING environment variable or passed as argument. Standard postgres:// URI format. Use read-only database user for safety.

Pricing

Model: open_source
Free tier: Yes
Requires CC: No

MIT licensed, free. Requires Node.js runtime and a PostgreSQL database.

Agent Metadata

Pagination
none
Idempotent
Full
Retry Guidance
Not documented

Known Gotchas

  • Read-only — no INSERT, UPDATE, DELETE. Agents expecting write access will fail.
  • Long-running queries block the MCP server — no query timeout configured by default
  • Connection pool is small by default — concurrent agent calls may queue
  • Schema changes require restarting the server to refresh schema cache
  • No prepared statement support — all queries are raw SQL strings (SQL injection risk if user input flows through)

Alternatives

mcp-server-sqlite pgmcp neon-api supabase-mcp planetscale-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for @modelcontextprotocol/server-postgres.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5208
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered