pgsql-mcp-server

A Model Context Protocol (MCP) tool server that connects to a PostgreSQL database (via DSN) and exposes MCP-callable tools to introspect schema (schemas/tables/columns/indexes/foreign keys) and run SQL for DQL/DML/DDL/DCL operations within transactions (as described).

Evaluated Apr 04, 2026 (0d ago)
Homepage ↗ Repo ↗ Infrastructure mcp postgresql pgsql python database tool-server
⚙ Agent Friendliness
50
/ 100
Can an agent use this?
🔒 Security
38
/ 100
Is it safe for agents?
⚡ Reliability
36
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
70
Documentation
60
Error Messages
0
Auth Simplicity
55
Rate Limits
0

🔒 Security

TLS Enforcement
70
Auth Strength
30
Scope Granularity
0
Dep. Hygiene
55
Secret Handling
40

Security is largely dependent on PostgreSQL credentials provided via DSN and on network-level deployment controls. No explicit MCP-server authentication, authorization, query allowlisting, audit logging, or secret-handling/redaction guidance is described. TLS is not explicitly mandated for the Postgres connection in the provided content.

⚡ Reliability

Uptime/SLA
0
Version Stability
55
Breaking Changes
40
Error Recovery
50
AF Security Reliability

Best When

Used by trusted operators/agents in a secured network environment to perform controlled database inspection and SQL execution through MCP.

Avoid When

Avoid exposing this server to untrusted networks or users, especially for DML/DDL/DCL, unless you implement strong authorization, query allowlisting, and monitoring.

Use Cases

  • Schema exploration for PostgreSQL (e.g., listing tables/columns/indexes/foreign keys) via MCP tooling
  • Agent-assisted query generation and execution against a Postgres database
  • Administrative SQL execution (DDL/DCL) in controlled environments
  • Debugging and testing database interactions using an MCP inspector

Not For

  • Internet-facing, public deployments without additional network and credential hardening
  • Untrusted users directly invoking DML/DDL/DCL without strict allowlisting and auditing
  • Workloads requiring automatic paging/search over large result sets (pagination/limits not described)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: DSN provided at startup (postgres credentials embedded in DSN as shown in README)
OAuth: No Scopes: No

README describes passing a PostgreSQL DSN via CLI. No additional server-side authentication/authorization mechanism is described in the provided content.

Pricing

Free tier: No
Requires CC: No

No pricing information provided; appears to be a self-hosted open-source tool server.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • Tools allow running DML/DDL/DCL; agents may produce destructive statements unless you constrain/allowlist queries.
  • Pagination/row limits are not described; large SELECT results may be heavy.
  • Idempotency is not documented; retries could repeat non-idempotent statements.

Alternatives

Direct MCP PostgreSQL tooling with a purpose-built, security-reviewed connector A REST/GraphQL API layer over PostgreSQL with strict query allowlisting PostgREST / Hasura (for safe CRUD/query patterns) where applicable

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for pgsql-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered