pg-python-mcp
Provides secure database operations for PostgreSQL, including listing databases, tables, describing table structures, and executing SQL queries with built-in safety checks and AST-based SQL parsing.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@pg-python-mcpdescribe the users table"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
PostgreSQL Python MCP Server
δΈζζζ‘£ | English
A Python-based PostgreSQL MCP server providing secure database operations with built-in safety checks and AST-based SQL parsing.
Features
π Database Listing: List all databases in the PostgreSQL instance
π Table Listing: View all tables in the configured database
π Table Description: Detailed table structure information
π Safe Querying: Execute SQL queries (SELECT only by default)
π‘οΈ Security Boundaries: Strict operation limits within configured database
βοΈ Configurable: Support for enabling additional operations via environment variables
π JSON Output: Structured JSON responses optimized for AI consumption
π³ AST-Based Security: Advanced SQL parsing using Abstract Syntax Trees for 100% accuracy
Related MCP server: postgresql-mcp
Security Features
Default Safe Mode
Only allows
SELECT,SHOW,DESCRIBE,EXPLAINqueriesBlocks all
WITHstatements because they can wrap write operationsBlocks dangerous operations like
DROP,DELETE,UPDATE,INSERTStrictly limits operations to the configured database scope
Prevents SQL injection attacks using AST-based analysis
Detects nested dangerous operations and UNION-based attacks
Advanced Mode (Optional)
Set environment variable PG_ALLOW_DANGEROUS=true to enable:
Full CRUD operations
Extended database management functions
Configuration
Environment Variables
Variable | Description | Required |
| PostgreSQL host address and port (format: host:port or host) | Yes |
| PostgreSQL username | Yes |
| PostgreSQL password | Yes |
| Target database name | Yes |
| Allow dangerous operations (true/false) | No (default: false) |
Claude Desktop Configuration Example
Add to your Claude Desktop configuration file:
{
"mcpServers": {
"postgresql": {
"command": "uvx",
"args": [
"--from",
"git+https://github.com/hexonal/pg-python-mcp-.git",
"pg-python-mcp"
],
"env": {
"PG_HOST": "your-postgres-host:5432",
"PG_USER": "your-username",
"PG_PASSWORD": "your-password",
"PG_DATABASE": "your-database"
}
}
}
}Available Tools
1. list_databases
Lists all databases in the PostgreSQL instance (current configured database is highlighted).
2. list_tables
Lists all tables in the currently configured database.
3. describe_table
Describes the structure of a specified table, including column names, types, null constraints, and key information.
Parameters:
table_name(string): Name of the table to describe
4. execute_query
Executes SQL query statements and returns results in JSON format.
Parameters:
query(string): SQL statement to execute
Security Constraints:
Default mode only allows query operations (SELECT, SHOW, DESCRIBE, EXPLAIN)
WITHstatements are always rejected in safe modeAutomatically detects and blocks dangerous operations using AST parsing
Operations limited to the configured database scope
100% accuracy in detecting SQL injection attempts
JSON Output Format:
{
"status": "success",
"message": "Query executed successfully, returned 2 rows",
"columns": ["id", "name", "email"],
"data": [
{
"id": 1,
"name": "User 1",
"email": "user1@example.com"
},
{
"id": 2,
"name": "User 2",
"email": "user2@example.com"
}
]
}Installation and Usage
Using uvx (Recommended)
# Install from Git
uvx --from git+https://github.com/hexonal/pg-python-mcp-.git pg-python-mcp
# Or for local development
uvx pg-python-mcpManual Installation
# Clone repository
git clone https://github.com/hexonal/pg-python-mcp-.git
cd pg-python-mcp
# Install dependencies
pip install -e .
# Run server
python -m pg_mcpUsage Examples
List All Databases
Tool: list_databasesList Tables in Current Database
Tool: list_tablesDescribe Table Structure
Tool: describe_table
Parameters: {"table_name": "users"}Execute Query
Tool: execute_query
Parameters: {"query": "SELECT * FROM users LIMIT 10"}Development
Project Structure
pg-python-mcp/
βββ pg_mcp/
β βββ __init__.py # Main MCP server entry point
β βββ __main__.py # Run script
β βββ pg_handler.py # PostgreSQL handler with AST security
βββ test_ast_security.py # AST security validation tests
βββ test_stdio.py # MCP protocol testing
βββ pyproject.toml # Project configuration
βββ README.md # English documentation
βββ README_zh.md # Chinese documentationLocal Development
# Clone project
git clone https://github.com/hexonal/pg-python-mcp-.git
cd pg-python-mcp
# Install development dependencies
pip install -e ".[dev]"
# Run security tests
python test_ast_security.py
# Test MCP protocol
python test_stdio.py
# Code formatting
black pg_mcp/
isort pg_mcp/
# Type checking
mypy pg_mcp/Technology Stack
FastMCP 2.0: Modern MCP framework with decorator-based tool registration
asyncpg: Async PostgreSQL database operations
sqlparse: SQL Abstract Syntax Tree parsing for security analysis
Python 3.8+: Broad compatibility support
Security Implementation
AST-Based SQL Analysis
The server uses Abstract Syntax Tree parsing to achieve 100% accuracy in SQL security checking:
def is_query_safe(self, query: str) -> tuple[bool, str]:
"""Check query safety using AST parsing"""
try:
parsed = sqlparse.parse(query)
for statement in parsed:
is_safe, error_msg = self._check_statement_safety(statement)
if not is_safe:
return False, error_msg
return True, ""Security Test Results
β Safe queries: 8/8 (100%)
π‘οΈ Dangerous queries blocked: 10/10 (100%)
π― Overall accuracy: 100%
License
MIT License
Security Notice
β οΈ Important Security Guidelines:
All environment variables are required with no unsafe defaults
Ensure minimal PostgreSQL user permissions in production
Regularly rotate database passwords
Avoid using administrative database users in configuration
Run this MCP server in isolated environments
Default safe mode provides basic protection but cannot replace comprehensive security policies
Troubleshooting
Common Issues
Connection Failed: Check if PostgreSQL service is running and network connectivity
Environment Variable Error: Verify all required environment variables are properly set
Permission Error: Confirm PostgreSQL user has access permissions to the specified database
Query Rejected: Check if query contains forbidden keywords, or consider enabling advanced mode
MCP Protocol Issues: Ensure you're using FastMCP 2.0 compatible configuration
Getting Help
Check the Chinese documentation for additional details
Review the test files for usage examples
Examine the AST security tests for supported query patterns
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/hexonal/pg-python-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server