db-mcp
Provides a read-only interface to PostgreSQL databases, allowing schema exploration, table description, DDL retrieval, index and relationship inspection, and safe read-only SQL queries.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@db-mcpshow me the tables in the public schema"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
db-mcp — Read-Only Database MCP Server
A Model Context Protocol server that lets AI assistants safely explore a PostgreSQL database — schema, tables, columns, relationships, indexes, constraints, DDL, and sample data — without ever modifying it.
Safety model
Read-only is enforced at three independent layers, so a failure in any one layer is still caught by the others:
Least-privilege database role. You connect with a role that only has
CONNECT/USAGE/SELECT. The database itself rejects anything else.Read-only transaction. Every query runs inside
BEGIN TRANSACTION READ ONLYon a session forced todefault_transaction_read_only = onwith astatement_timeout. The query is always rolled back.Application-level validation. Arbitrary SQL (the
run_readonly_querytool) is parsed withlibpg-query— the real PostgreSQL parser compiled to wasm — and rejected unless it is a single read-only statement. This catches multi-statement input, DDL/DML,EXPLAIN ANALYZE,SELECT INTO, and data-modifying CTEs (WITH x AS (INSERT ... RETURNING ...) SELECT ...).
Additional guards: a maximum query length, a hard row cap on every result, a sample-row cap (default 50), and secrets are never logged (config is redacted before any diagnostic output).
Related MCP server: PostgreSQL MCP Server
Tools
Tool | Description |
| Databases the read-only role can connect to. |
| Schemas visible to the role (system schemas excluded). |
| Tables/views in a schema: type, row estimate, comment. |
| Columns, PK, FKs, unique/check constraints, indexes. |
| Reconstructed |
| Foreign keys, referenced tables, cardinality hint. |
| Index names, columns, order, uniqueness, type, predicate. |
| A small sample of rows (capped at 50). |
| Validated read-only SQL; returns columns, rows, timing. |
| Search names + comments across tables/columns/constraints/indexes. |
Requirements
Node.js >= 18.17
A reachable PostgreSQL database and a read-only role (see below).
Setup
npm install
npm run buildCreate a least-privilege read-only role
Run as a superuser or the database owner:
CREATE ROLE readonly_user LOGIN PASSWORD 'CHANGE_ME';
GRANT CONNECT ON DATABASE your_db TO readonly_user;
GRANT USAGE ON SCHEMA public TO readonly_user;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly_user;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readonly_user;
-- Optional extra safety:
ALTER ROLE readonly_user SET default_transaction_read_only = on;Configure
Copy .env.example and fill in your connection. Configuration is read from the
environment (no .env is loaded automatically — export the vars, or have your
MCP client pass them in its env block).
Variable | Default | Purpose |
| — | Full connection string (wins over |
| — | Discrete connection settings. |
|
|
|
|
| Database driver. |
|
| Hard cap for |
|
| Hard cap for |
|
| Per-statement timeout. |
|
| Reject longer queries. |
|
| Schema used when omitted. |
Running locally
export DATABASE_URL="postgres://readonly_user:***@localhost:5432/your_db"
npm startThe server speaks MCP over stdio. To poke at it interactively, use the MCP Inspector:
npx @modelcontextprotocol/inspector node dist/server.jsConnecting from Claude Code
Add an entry to your MCP config (e.g. .mcp.json in your project, or the global
Claude Code config):
{
"mcpServers": {
"db-mcp": {
"command": "node",
"args": ["/absolute/path/to/db-mcp/dist/server.js"],
"env": {
"DATABASE_URL": "postgres://readonly_user:***@localhost:5432/your_db"
}
}
}
}Then ask Claude to, e.g., "list the tables in the public schema" or "show me the DDL for the orders table".
Tests
npm testTests are pure unit tests (no live database required): exhaustive SQL-validation cases (allowed reads vs. rejected mutations and bypass attempts), identifier quoting, DDL reconstruction, and config parsing/redaction.
Extending to other databases
Tools depend only on the DatabaseDriver interface (src/db/driver.ts). To add
MySQL, SQLite, or Snowflake:
Implement
DatabaseDriverfor the new engine undersrc/db/<engine>/.Register it in
createDriver(src/db/factory.ts).Provide an engine-appropriate read-only enforcement (read-only role + read-only session/transaction) and SQL validation.
Project layout
src/
server.ts MCP server setup + stdio transport
config.ts env parsing + secret redaction
errors.ts typed error classes
types.ts shared result types
validation/
validateReadOnly.ts libpg-query-based read-only enforcement
db/
driver.ts DatabaseDriver interface
factory.ts driver selection
postgres/
pool.ts read-only pool, transactions, row-capped cursor
identifiers.ts safe identifier quoting
introspection.ts catalog/information_schema queries
ddl.ts CREATE TABLE reconstruction (pure)
PostgresDriver.ts DatabaseDriver implementation
tools/ one module per MCP tool + registry
tests/ pure unit testsMaintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/eklemen/db-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server