The SentryFrogg MCP Server is a Node.js-based command plane that provides secure, auditable management of PostgreSQL databases, SSH connections, and HTTP APIs through MCP-compatible agents.
Core Capabilities:
PostgreSQL Management: Execute parameterized SQL queries, perform CRUD operations, discover database catalogs, and manage connection profiles with TLS support and connection profiling
SSH Operations: Securely execute commands on remote servers with sequential execution enforcement, system information retrieval, and reachability diagnostics
HTTP API Access: Perform RESTful operations (GET, POST, PUT, DELETE, PATCH) with JSON payloads, programmable headers, and bearer token authentication
Encrypted Profile Management: AES-256 encrypted storage of connection profiles with secure key lifecycle and rotation capabilities
Enterprise Security: Input validation, payload size limits, SQL injection protection, command sanitization, and comprehensive audit trail logging
Telemetry & Monitoring: Tool-level statistics generation and timestamped event capture for SIEM platforms and monitoring stack integration
The server enforces enterprise-grade security through encrypted credential storage, governance controls, and robust input validation while maintaining full auditability for compliance requirements.
Allows cloning of repositories as part of the installation process, with specific instructions for repository management in the setup documentation.
Enables execution of Node.js applications through the MCP server architecture, with version 16+ support as indicated in the documentation badges.
Provides comprehensive database management capabilities including connection profile setup, executing SQL queries, listing tables, describing table structures, and performing CRUD operations on data with built-in protection against SQL injection.
SentryFrogg MCP Server
Русская версия • Docs • MCP configuration • Integration stack • Changelog
SentryFrogg is a stdio-based Model Context Protocol (MCP) server that gives LLM agents a production-grade toolbox for PostgreSQL, SSH (incl. SFTP), and HTTP. Use it when you want real infrastructure access without glue scripts: profiles, streaming pipelines, runbooks, and auditability are built in.
If you want your agent to move real data (API ↔ SFTP ↔ Postgres), run controlled SSH ops, and leave a traceable trail — this is the server.
Why SentryFrogg
One profile system across Postgres, SSH, and HTTP.
Streaming pipelines between HTTP, SFTP, and Postgres for large payloads.
Reliability primitives: retry/backoff, pagination, timeouts.
Runbooks + state for multi-step workflows and repeatable ops.
Intent layer with capability registry, previewed plans, and evidence bundles.
Observability with trace/span metadata and audit logs (redacted).
Encrypted local profile store (AES-256-GCM).
Safe-by-default local writes (no overwrite unless
overwrite: true).Optional unsafe local mode for full agent autonomy (local exec + filesystem).
Related MCP server: pg-mcp
Use cases
Sync or backfill data between APIs, SFTP drops, and PostgreSQL.
Run controlled remote operations via SSH with auditability.
Build repeatable incident runbooks for agents and operators.
Quick examples
Ingest JSONL into Postgres:
Export Postgres to SFTP:
Quick start
Install:
npm installConfigure your MCP client (stdio):
{ "mcpServers": { "sentryfrogg": { "command": "node", "args": ["/absolute/path/to/sentryfrogg_server.cjs"] } } }More details:
mcp_config.md.Start:
npm startIn your MCP client: call
help, thenprofile_upsertfor PostgreSQL/SSH
Tools
helpmcp_psql_managermcp_ssh_managermcp_api_clientmcp_statemcp_runbookmcp_projectmcp_contextmcp_workspacemcp_capabilitymcp_intentmcp_evidencemcp_aliasmcp_presetmcp_auditmcp_pipelinemcp_local(unsafe, opt-in)
Short aliases are also available (sql, psql, ssh, http, api, state, runbook, workspace, pipeline; plus local when unsafe mode is enabled).
Reference + examples: docs/tools.md.
Intent UX
Define capabilities in
capabilities.json(override path viaMCP_CAPABILITIES_PATH).Context snapshots are stored in
context.json(override path viaMCP_CONTEXT_PATH).mcp_intentcompiles to a runbook plan, dry-run by default; write/mixed effects requireapply: true.Evidence bundles are stored under
.sentryfrogg/evidence(override path viaMCP_EVIDENCE_DIR).
Development
npm run checknpm testnpm run smoke(Docker) — seeintegration/README.md
Security
This server can execute SQL/SSH/HTTP by design. Run it only in environments you trust.
Vulnerability reporting:
SECURITY.mdPublic release checklist:
PUBLIC_RELEASE_CHECKLIST.md
License
MIT — see LICENSE.