Skip to main content
Glama

SQL Server MCP Service

by vini-cius
MIT License
1

SQL Server MCP Service

A secure and robust Model Context Protocol (MCP) service for executing SQL Server queries via MCP protocol. This service provides a safe way to interact with SQL Server databases while preventing destructive operations and SQL injection attacks.

🚀 Features

  • 🔒 Secure Query Execution: Built-in protection against SQL injection and destructive operations
  • 📊 Schema Discovery: Get table, function, and procedure schemas and database information
  • 🛠️ Multiple Tools: 9 specialized tools for different database operations
  • ⚡ High Performance: Connection pooling for efficient database operations
  • 🔧 TypeScript Support: Full TypeScript implementation with type safety
  • 🧪 Comprehensive Testing: Jest-based test suite for reliability

🛠️ Available Tools

1. execute_query

Executes safe SQL queries with parameter support.

Parameters:

  • query (string, required): The SQL query to execute
  • parameters (object, optional): Query parameters for prepared statements

Example:

{ "query": "SELECT * FROM Users WHERE Status = @status", "parameters": { "status": "active" } }

2. get_table_schema

Retrieves detailed column information for a specific table.

Parameters:

  • tableName (string, required): Name of the table
  • schemaName (string, optional): Schema name (default: "dbo")

Example:

{ "tableName": "Users", "schemaName": "dbo" }

3. list_tables

Lists all tables in the database with optional schema filtering.

Parameters:

  • schemaName (string, optional): Filter tables by specific schema

Example:

{ "schemaName": "dbo" }

4. get_database_info

Retrieves general database information (name, version, edition, etc.).

Parameters: None

5. list_procedures

Lists all stored procedures in the database, optionally filtered by schema.

Parameters:

  • schemaName (string, optional): Filter procedures by schema

Example:

{ "schemaName": "dbo" }

6. list_functions

Lists all functions (scalar and table-valued) in the database, optionally filtered by schema and function type.

Parameters:

  • schemaName (string, optional): Filter functions by schema
  • functionType (string, optional): 'SCALAR' or 'TABLE'

Example:

{ "schemaName": "dbo", "functionType": "SCALAR" }

7. get_procedure_schema

Gets the schema and parameters of a specific stored procedure.

Parameters:

  • procedureName (string, required): Name of the procedure
  • schemaName (string, optional): Schema name (default: "dbo")

Example:

{ "procedureName": "MyProcedure", "schemaName": "dbo" }

8. get_function_schema

Gets the schema and parameters of a specific function.

Parameters:

  • functionName (string, required): Name of the function
  • schemaName (string, optional): Schema name (default: "dbo")

Example:

{ "functionName": "MyFunction", "schemaName": "dbo" }

9. execute_procedure

Executes a stored procedure with parameters.

Parameters:

  • procedureName (string, required): Name of the procedure
  • parameters (object, optional): Procedure parameters
  • schemaName (string, optional): Schema name (default: "dbo")

Example:

{ "procedureName": "MyProcedure", "parameters": { "param1": 123, "param2": "abc" }, "schemaName": "dbo" }

📦 Installation

Prerequisites

  • Node.js >= 20.0.0
  • SQL Server instance
  • pnpm (recommended)

Install Dependencies

pnpm install

⚙️ Configuration

  1. Copy Environment Template
cp .env.example .env
  1. Configure Environment Variables
VariableDescriptionDefault
HTTP_PORTHTTP server port3333
NODE_ENVNode environment (development/production)development
ORIGINAllowed CORS origins (comma-separated)-
SQL_SERVERSQL Server hostname/IPlocalhost
SQL_DATABASEDatabase namemaster
SQL_USERDatabase username-
SQL_PASSWORDDatabase password-
SQL_PORTSQL Server port1433
SQL_ENCRYPTEnable encryptiontrue
SQL_TRUST_CERTTrust server certificatefalse

Example .env:

HTTP_PORT=3333 NODE_ENV=development ORIGIN=http://localhost:3000,http://example.com SQL_SERVER=localhost SQL_DATABASE=master SQL_USER=sa SQL_PASSWORD=YourSecurePassword123! SQL_PORT=1433 SQL_ENCRYPT=true SQL_TRUST_CERT=false

🚀 Usage

pnpm run dev:http # or pnpm run start:http

Build for Production

pnpm run build

Running Tests

pnpm run test

🔒 Security Features

Query Validation

The service automatically blocks potentially destructive operations:

  • DROP TABLE
  • DELETE FROM
  • TRUNCATE TABLE
  • INSERT INTO
  • UPDATE
  • CREATE TABLE
  • ALTER TABLE
  • ❌ Stored procedures (sp_, xp_)
  • ❌ SQL injection patterns
  • ❌ Comments (--, /* */)

Allowed Operations

  • SELECT queries
  • WITH clauses (CTEs)
  • SHOW commands
  • DESCRIBE commands
  • EXPLAIN commands
  • ✅ Safe EXEC/EXECUTE for procedures/functions

Parameter Sanitization

All query and procedure parameters are automatically sanitized to prevent injection attacks.

🧪 Testing

The project includes comprehensive tests for schema validation and core functionality:

# Run all tests pnpm run test # Run tests in watch mode pnpm run test -- --watch # Run tests with coverage pnpm run test -- --coverage

📝 License

This project is licensed under the MIT License - see the LICENSE file for details.

👨‍💻 Author

Vinicius de Souza Santos

🙏 Acknowledgments


⭐ If this project helps you, please give it a star!

Related MCP Servers

  • A
    security
    A
    license
    A
    quality
    Enables execution of SQL queries and management of Microsoft SQL Server database connections through the Model Context Protocol.
    Last updated -
    29
    54
    14
    TypeScript
    MIT License
    • Apple
    • Linux
  • -
    security
    A
    license
    -
    quality
    A Model Context Protocol server that enables secure and structured interaction with Microsoft SQL Server databases, allowing AI assistants to list tables, read data, and execute SQL queries with controlled access.
    Last updated -
    39
    Python
    MIT License
    • Linux
    • Apple
  • A
    security
    A
    license
    A
    quality
    A Model Context Protocol server that enables secure interaction with Microsoft SQL Server databases, allowing AI assistants to list tables, read data, and execute SQL queries through a controlled interface.
    Last updated -
    1
    194
    Python
    MIT License
    • Linux
    • Apple
  • A
    security
    A
    license
    A
    quality
    A Model Context Protocol server that enables executing SQL queries and managing connections with Microsoft SQL Server databases.
    Last updated -
    1
    54
    5
    TypeScript
    MIT License

View all related MCP servers

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/vini-cius/mcp-sqlserver'

If you have feedback or need assistance with the MCP directory API, please join our Discord server