postgres-mcp-server
PostgreSQL MCP server that enables an MCP client (e.g., Claude Code) to query a PostgreSQL database using the MCP protocol. It can be run directly or configured via a generated JSON MCP config, and it blocks potentially destructive SQL statements by default unless explicitly marked unsafe.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Safety feature: potentially destructive SQL statements are blocked by default unless an explicit unsafe: true flag is set when using the pg_query tool. However, the documentation does not describe TLS enforcement requirements, least-privilege DB role guidance, auditing, query logging/redaction, parameterization, or rate limiting. Credentials are provided via connection string/environment variables; ensure they are not logged and that the Postgres user has minimal permissions.
⚡ Reliability
Best When
You want an MCP integration for a single Postgres connection and primarily read-only query workloads, with the agent constrained from destructive operations by default.
Avoid When
You cannot provide a secure PostgreSQL connection/credentials (least-privilege), or you need strong guarantees around query approval, auditing, pagination, and operational resilience that are not documented here.
Use Cases
- • Natural-language querying of PostgreSQL data via an MCP-capable agent
- • Lightweight SQL assistance for analytics/lookup tasks (SELECTs)
- • Interactive database exploration in an agent workflow (read-only by default)
Not For
- • Running untrusted agent workflows without additional safeguards
- • Production systems requiring fine-grained DB role/permission scoping per agent action (not described)
- • Handling very large result sets without pagination guidance
- • Compliance regimes requiring explicit audit logs/traceability (not described)
Interface
Authentication
No separate agent-auth mechanism is described; access appears to be controlled by the PostgreSQL credentials embedded in the connection string used by the MCP server process.
Pricing
Pricing not described (repo metadata indicates MIT license; distribution channel includes Homebrew).
Agent Metadata
Known Gotchas
- ⚠ Destructive statements (DROP/TRUNCATE/DELETE/UPDATE/ALTER/CREATE/INSERT) are blocked by default; agents may need to avoid or explicitly set unsafe behavior (described as unsafe: true) if they truly require writes.
- ⚠ The safety model depends on the server/pg_query tool behavior and the agent adhering to the documented unsafe flag; otherwise write attempts may fail.
- ⚠ Large result sets may be returned without explicit pagination controls (not described).
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for postgres-mcp-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-04-04.