Skip to main content
Glama
HenkDz

PostgreSQL MCP Server

pg_manage_rls

Enable, disable, or manage PostgreSQL Row-Level Security policies to control data access at the row level for specific tables.

Instructions

Manage PostgreSQL Row-Level Security - enable/disable RLS and manage policies. Examples: operation="enable" with tableName="users", operation="create_policy" with tableName, policyName, using, check

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
connectionStringNoPostgreSQL connection string (optional)
operationYesOperation: enable/disable RLS, create_policy, edit_policy, drop_policy, get_policies
tableNameNoTable name (required for enable/disable/create_policy/edit_policy/drop_policy, optional filter for get_policies)
schemaNoSchema name (defaults to public)
policyNameNoPolicy name (required for create_policy/edit_policy/drop_policy)
usingNoUSING expression for policy (required for create_policy, optional for edit_policy)
checkNoWITH CHECK expression for policy (optional for create_policy/edit_policy)
commandNoCommand the policy applies to (for create_policy)
roleNoRole the policy applies to (for create_policy)
replaceNoWhether to replace policy if exists (for create_policy)
rolesNoList of roles for policy (for edit_policy)
ifExistsNoInclude IF EXISTS clause (for drop_policy)
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It mentions operations but doesn't describe critical behavioral traits: whether these are destructive changes (e.g., dropping policies), authentication requirements (connection string usage), error handling, or side effects. The examples hint at parameter usage but don't explain system impact or safety considerations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized with two sentences: a clear purpose statement followed by concrete examples. It's front-loaded with the core functionality and uses the examples efficiently to illustrate usage without unnecessary elaboration. Every sentence serves a functional purpose.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (12 parameters, multiple operations including potentially destructive ones like 'drop_policy'), no annotations, and no output schema, the description is incomplete. It doesn't address critical context: what the tool returns, error conditions, permission requirements, or the safety profile of different operations. For a database management tool with mutation capabilities, this creates significant gaps for an AI agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents all 12 parameters thoroughly. The description adds minimal value beyond the schema by listing example parameter combinations in the examples clause, but doesn't provide additional semantic context like parameter interdependencies or operational constraints not captured in the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Manage PostgreSQL Row-Level Security - enable/disable RLS and manage policies.' It specifies the verb ('manage') and resource ('PostgreSQL Row-Level Security') with concrete operations. However, it doesn't explicitly differentiate from sibling tools like pg_manage_constraints or pg_manage_schema, which also manage PostgreSQL database objects.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides implied usage through examples ('Examples: operation="enable" with tableName="users", operation="create_policy" with tableName, policyName, using, check'), showing when to use specific operations. However, it lacks explicit guidance on when to choose this tool over alternatives (e.g., vs. pg_manage_constraints for security vs. constraint management) or prerequisites like database permissions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/HenkDz/postgresql-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server