Skip to main content
Glama

SQLite MCP Server

by berthojoris
GitHub
TypeScript
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

SQLite MCP Server

A comprehensive Model Context Protocol (MCP) server implementation for SQLite databases, providing secure and controlled access to SQLite operations through a standardized interface.

๐Ÿš€ Features

Core Functionality

  • MCP Protocol Compliance: Full implementation of the Model Context Protocol for seamless integration with MCP clients

  • SQLite Integration: Native SQLite support using better-sqlite3 for optimal performance

  • Granular Permissions: Fine-grained permission system with 9 distinct permission types

  • Security First: Comprehensive SQL injection protection and query validation

  • Schema Introspection: Complete database schema analysis and reporting

  • Connection Pooling: Efficient database connection management

  • Audit Logging: Detailed operation logging for security and compliance

Permission System

The server implements a granular permission system with the following types:

  • list - List tables and schemas

  • read - SELECT queries and data retrieval

  • create - INSERT operations

  • update - UPDATE operations

  • delete - DELETE operations

  • execute - Execute stored procedures/functions

  • ddl - Data Definition Language (CREATE, ALTER, DROP)

  • transaction - Transaction control (BEGIN, COMMIT, ROLLBACK)

  • utility - Utility operations (VACUUM, ANALYZE, PRAGMA, etc.)

Security Features

  • SQL Injection Prevention: Parameterized queries and pattern detection

  • Query Validation: Comprehensive query analysis and sanitization

  • Permission Enforcement: Operation-level permission checking

  • Rate Limiting: Configurable request rate limiting

  • Audit Trail: Complete operation logging with client tracking

  • Input Sanitization: Parameter validation and sanitization

๐Ÿ“ฆ Installation

NPX Usage (Recommended)

npx @berthojoris/mcp-sqlite-server sqlite:////path/to/your/database.sqlite list,read,utility

Global Installation

npm install -g @berthojoris/mcp-sqlite-server mcp-sqlite-server sqlite:////path/to/your/database.sqlite list,read,create,update

Local Installation

npm install @berthojoris/mcp-sqlite-server

๐Ÿ”ง Configuration

MCP Client Configuration

Add to your MCP client configuration:

{ "mcpServers": { "sqlite": { "command": "npx", "args": [ "-y", "@berthojoris/mcp-sqlite-server", "sqlite:////absolute/path/to/your/database.sqlite", "list,read,create,update,delete,utility" ] } } }

Connection String Formats

The server supports multiple SQLite connection string formats:

# Absolute path sqlite:////absolute/path/to/database.sqlite # Relative path sqlite://./relative/path/to/database.sqlite # In-memory database sqlite://:memory: # Direct file path /path/to/database.sqlite

Permission Combinations

Common permission combinations for different use cases:

# Read-only access list,read # Basic CRUD operations list,read,create,update,delete # Full database access list,read,create,update,delete,execute,ddl,transaction,utility # Analytics/reporting list,read,utility # Development/testing list,read,create,update,delete,ddl,transaction,utility

๐Ÿ› ๏ธ CLI Usage

Start MCP Server

# Basic usage mcp-sqlite-server sqlite:////path/to/db.sqlite list,read,utility # With additional options mcp-sqlite-server sqlite:////path/to/db.sqlite list,read,create,update \ --read-only \ --log-level debug \ --max-connections 5

Schema Information

# View complete schema mcp-sqlite-server schema sqlite:////path/to/db.sqlite # View specific table mcp-sqlite-server schema sqlite:////path/to/db.sqlite --table users # JSON output mcp-sqlite-server schema sqlite:////path/to/db.sqlite --format json

Database Backup

mcp-sqlite-server backup sqlite:////path/to/source.sqlite /path/to/backup.sqlite

Generate Configuration

# Basic configuration mcp-sqlite-server config --output mcp-config.json # Template with multiple servers mcp-sqlite-server config --template --output mcp-template.json

๐Ÿ”Œ Available Tools

The MCP server provides the following tools:

sqlite_query

Execute SELECT queries with full result sets.

Parameters:

  • query (string): SQL SELECT statement

  • parameters (array, optional): Query parameters for prepared statements

Required Permissions: read

Example:

SELECT * FROM users WHERE age > ? AND city = ? Parameters: [25, "New York"]

sqlite_insert

Insert new records into tables.

Parameters:

  • query (string): SQL INSERT statement

  • parameters (array, optional): Values to insert

Required Permissions: create

Example:

INSERT INTO users (name, email, age) VALUES (?, ?, ?) Parameters: ["John Doe", "john@example.com", 30]

sqlite_update

Update existing records.

Parameters:

  • query (string): SQL UPDATE statement

  • parameters (array, optional): Update values

Required Permissions: update

Example:

UPDATE users SET email = ? WHERE id = ? Parameters: ["newemail@example.com", 123]

sqlite_delete

Delete records from tables.

Parameters:

  • query (string): SQL DELETE statement

  • parameters (array, optional): Condition parameters

Required Permissions: delete

Example:

DELETE FROM users WHERE last_login < ? Parameters: ["2023-01-01"]

sqlite_schema

Get comprehensive database schema information.

Parameters:

  • table (string, optional): Specific table name

Required Permissions: list

Returns: Complete schema information including tables, columns, indexes, views, triggers, and foreign keys.

sqlite_tables

List all tables in the database.

Required Permissions: list

Returns: Array of table names with basic metadata.

sqlite_transaction

Execute multiple queries within a transaction.

Parameters:

  • queries (array): Array of query objects with query and optional parameters

Required Permissions: transaction + permissions for individual operations

Example:

{ "queries": [ { "query": "INSERT INTO accounts (name, balance) VALUES (?, ?)", "parameters": ["Alice", 1000] }, { "query": "INSERT INTO accounts (name, balance) VALUES (?, ?)", "parameters": ["Bob", 500] } ] }

sqlite_backup

Create a backup of the database.

Parameters:

  • backupPath (string): Path for the backup file

Required Permissions: utility

๐Ÿ”’ Security Guidelines

Best Practices

  1. Principle of Least Privilege: Only grant necessary permissions

  2. Use Parameterized Queries: Always use parameters for dynamic values

  3. Regular Backups: Implement automated backup strategies

  4. Monitor Audit Logs: Review operation logs regularly

  5. Connection Limits: Set appropriate connection pool limits

  6. Read-Only When Possible: Use read-only mode for reporting/analytics

Security Features

  • SQL Injection Protection: Automatic detection of dangerous patterns

  • Query Validation: Comprehensive query analysis before execution

  • Permission Enforcement: Operation-level access control

  • Rate Limiting: Configurable request throttling

  • Audit Logging: Complete operation tracking

  • Input Sanitization: Parameter validation and cleaning

Dangerous Operations

The server automatically blocks or restricts:

  • Multiple statement execution

  • Dangerous SQL patterns (UNION-based injections, etc.)

  • Unauthorized schema modifications

  • Excessive query complexity

  • Operations without proper permissions

๐Ÿ“Š Performance & Monitoring

Connection Pooling

  • Configurable maximum connections

  • Automatic connection lifecycle management

  • Connection reuse optimization

  • Idle connection cleanup

Performance Metrics

  • Query execution time tracking

  • Success/failure rate monitoring

  • Connection pool statistics

  • Rate limiting metrics

Logging

Comprehensive logging includes:

  • Query execution details

  • Permission checks

  • Security violations

  • Performance metrics

  • Error conditions

๐Ÿงช Development & Testing

Building from Source

git clone <repository> cd mcp-sqlite-server npm install npm run build

Running Tests

npm test

Development Mode

npm run dev

Type Checking

npm run check

๐Ÿ“ API Reference

Configuration Options

  • --config <path>: Configuration file path

  • --log-level <level>: Logging level (debug, info, warn, error)

  • --read-only: Open database in read-only mode

  • --max-connections <number>: Maximum database connections

  • --backup-dir <path>: Directory for automatic backups

Environment Variables

  • LOG_LEVEL: Default logging level

  • MCP_SQLITE_CONFIG: Default configuration file path

๐Ÿค Contributing

  1. Fork the repository

  2. Create a feature branch

  3. Make your changes

  4. Add tests for new functionality

  5. Ensure all tests pass

  6. Submit a pull request

๐Ÿ“„ License

MIT License - see LICENSE file for details.

๐Ÿ†˜ Support

For issues, questions, or contributions:

๐Ÿ”„ Version History

v1.0.0

  • Initial release

  • Full MCP protocol implementation

  • Comprehensive permission system

  • Security features and audit logging

  • CLI interface and schema introspection

  • Connection pooling and performance optimization

Note: This server is designed for secure, controlled access to SQLite databases through the Model Context Protocol. Always follow security best practices and regularly review audit logs in production environments.

This server cannot be installed

-
security - not tested
F
license - not found
-
quality - not tested

How are these scores calculated?

local-only server

The server can only run on the client's local machine because it depends on local resources.

Enables secure and controlled access to SQLite databases through the Model Context Protocol. Provides comprehensive database operations with granular permissions, SQL injection protection, and audit logging for safe database interactions.

  1. ๐Ÿš€ Features
    1. Core Functionality
    2. Permission System
    3. Security Features
  2. ๐Ÿ“ฆ Installation
    1. NPX Usage (Recommended)
    2. Global Installation
    3. Local Installation
  3. ๐Ÿ”ง Configuration
    1. MCP Client Configuration
    2. Connection String Formats
    3. Permission Combinations
  4. ๐Ÿ› ๏ธ CLI Usage
    1. Start MCP Server
    2. Schema Information
    3. Database Backup
    4. Generate Configuration
  5. ๐Ÿ”Œ Available Tools
    1. sqlite_query
    2. sqlite_insert
    3. sqlite_update
    4. sqlite_delete
    5. sqlite_schema
    6. sqlite_tables
    7. sqlite_transaction
    8. sqlite_backup
  6. ๐Ÿ”’ Security Guidelines
    1. Best Practices
    2. Security Features
    3. Dangerous Operations
  7. ๐Ÿ“Š Performance & Monitoring
    1. Connection Pooling
    2. Performance Metrics
    3. Logging
  8. ๐Ÿงช Development & Testing
    1. Building from Source
    2. Running Tests
    3. Development Mode
    4. Type Checking
  9. ๐Ÿ“ API Reference
    1. Configuration Options
    2. Environment Variables
  10. ๐Ÿค Contributing
    1. ๐Ÿ“„ License
      1. ๐Ÿ†˜ Support
        1. ๐Ÿ”„ Version History
          1. v1.0.0

        New MCP Servers

        MCP directory API

        We provide all the information about MCP servers via our MCP API.

        curl -X GET 'https://glama.ai/api/mcp/v1/servers/berthojoris/sqlite-mcp'

        If you have feedback or need assistance with the MCP directory API, please join our Discord server