The SentryFrogg MCP Server is a Node.js-based command plane that provides secure, auditable management of PostgreSQL databases, SSH connections, and HTTP APIs through MCP-compatible agents.
Core Capabilities:
PostgreSQL Management: Execute parameterized SQL queries, perform CRUD operations, discover database catalogs, and manage connection profiles with TLS support and connection profiling
SSH Operations: Securely execute commands on remote servers with sequential execution enforcement, system information retrieval, and reachability diagnostics
HTTP API Access: Perform RESTful operations (GET, POST, PUT, DELETE, PATCH) with JSON payloads, programmable headers, and bearer token authentication
Encrypted Profile Management: AES-256 encrypted storage of connection profiles with secure key lifecycle and rotation capabilities
Enterprise Security: Input validation, payload size limits, SQL injection protection, command sanitization, and comprehensive audit trail logging
Telemetry & Monitoring: Tool-level statistics generation and timestamped event capture for SIEM platforms and monitoring stack integration
The server enforces enterprise-grade security through encrypted credential storage, governance controls, and robust input validation while maintaining full auditability for compliance requirements.
Allows cloning of repositories as part of the installation process, with specific instructions for repository management in the setup documentation.
Enables execution of Node.js applications through the MCP server architecture, with version 16+ support as indicated in the documentation badges.
Provides comprehensive database management capabilities including connection profile setup, executing SQL queries, listing tables, describing table structures, and performing CRUD operations on data with built-in protection against SQL injection.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@PostgreSQL API SSH MCP Servershow me the schema for the users table"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
SentryFrogg MCP Server
Русская версия • Docs • MCP configuration • Integration stack • Changelog
SentryFrogg is a stdio-based Model Context Protocol (MCP) server that gives LLM agents a production-grade toolbox for PostgreSQL, SSH (incl. SFTP), and HTTP. Use it when you want real infrastructure access without glue scripts: profiles, streaming pipelines, runbooks, and auditability are built in.
If you want your agent to move real data (API ↔ SFTP ↔ Postgres), run controlled SSH ops, and leave a traceable trail — this is the server.
Why SentryFrogg
One profile system across Postgres, SSH, and HTTP.
Streaming pipelines between HTTP, SFTP, and Postgres for large payloads.
Reliability primitives: retry/backoff, pagination, timeouts.
Runbooks + state for multi-step workflows and repeatable ops.
Intent layer with capability registry, previewed plans, and evidence bundles.
Observability with trace/span metadata and audit logs (redacted).
Encrypted local profile store (AES-256-GCM).
Safe-by-default local writes (no overwrite unless
overwrite: true).Optional unsafe local mode for full agent autonomy (local exec + filesystem).
Related MCP server: pg-mcp
Agent-first DX (quality-of-life)
help({ query })supports keyword search across tools/actions/fields/aliases.Typos get “did you mean” suggestions for tools, actions, and parameters.
Errors are typed and actionable (usually include a
hint+ minimal working example).Safer defaults: secret redaction everywhere; “raw” secret export is opt-in and gated.
Long-running exec/SSH flows prefer explicit status/progress over “detached silence”.
Use cases
Sync or backfill data between APIs, SFTP drops, and PostgreSQL.
Run controlled remote operations via SSH with auditability.
Build repeatable incident runbooks for agents and operators.
Quick examples
Ingest JSONL into Postgres:
Export Postgres to SFTP:
Quick start
Install:
npm installConfigure your MCP client (stdio):
{ "mcpServers": { "sentryfrogg": { "command": "node", "args": ["/absolute/path/to/dist/sentryfrogg_server.js"] } } }More details:
mcp_config.md.Start:
npm startIn your MCP client: call
help(tryhelp({ query: "ssh exec" })), thenprofile_upsertfor PostgreSQL/SSH
Tools
helplegendmcp_workspacemcp_jobsmcp_artifactsmcp_psql_managermcp_ssh_managermcp_api_clientmcp_repomcp_statemcp_runbookmcp_projectmcp_contextmcp_envmcp_vaultmcp_capabilitymcp_intentmcp_evidencemcp_aliasmcp_presetmcp_auditmcp_pipelinemcp_local(unsafe, opt-in)
Short aliases are also available (e.g. sql/psql, ssh, api/http, repo, job, artifacts, workspace, intent, pipeline; plus local when unsafe mode is enabled).
Reference + examples: docs/tools.md.
Intent UX
Define capabilities in
capabilities.json(override path viaMCP_CAPABILITIES_PATH).Context snapshots are stored in
context.json(override path viaMCP_CONTEXT_PATH).mcp_intentcompiles to a runbook plan, dry-run by default; write/mixed effects requireapply: true.Evidence bundles are stored under
.sentryfrogg/evidence(override path viaMCP_EVIDENCE_DIR).
Development
npm run checknpm testnpm run smoke(Docker) — seeintegration/README.md
Security
This server can execute SQL/SSH/HTTP by design. Run it only in environments you trust.
Vulnerability reporting:
SECURITY.mdPublic release checklist:
PUBLIC_RELEASE_CHECKLIST.md
License
MIT — see LICENSE.