node-sqlite-mcp
node-sqlite-mcp enables an AI agent to perform read-only exploration and querying of local SQLite database files via three tools:
list_tables– Lists all tables and views in a given.db/.sqlitefile (requires an absolute path).describe_table– Returns column details (name, type, NOT NULL constraint, default value, primary key flag) for a specified table or view.query– Executes a single read-only SQL statement and returns results as TSV (tab-separated values). Write operations (INSERT,UPDATE,DELETE, schema changes) are blocked at the engine level.
Key characteristics:
All operations are strictly read-only — no data can be modified.
Results are not truncated, so use
LIMITand select only needed columns to manage payload size.The server can open any SQLite file readable by the OS user — there is no allowlist or directory restriction.
Uses Node's built-in
node:sqlitemodule, so no native compilation or system-wide SQLite installation is needed.NULLvalues, BLOBs, and booleans have specific handling in TSV output, with special characters escaped.
Provides tools for querying SQLite database files: list_tables, describe_table, and query, all read-only with TSV output.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@node-sqlite-mcpList tables in /home/user/chinook.db"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
node-sqlite-mcp
An MCP server that lets an AI agent query SQLite database files on the local machine.
It uses Node's built-in node:sqlite
module, so there is no native module to compile and no system SQLite to
install — the only thing you need on the host is a recent Node.
Requirements
Node.js 22.16 or newer (which ships
node:sqliteunflagged). Node 24+ is recommended.
Check with node --version.
Related MCP server: SQLite MCP Server
Install
The server is published to npm and is installed into your agent with
add-mcp:
npx add-mcp node-sqlite-mcpadd-mcp detects your installed agents (Claude Code, Claude Desktop, Cursor,
VS Code, …) and registers the server as a local stdio command. Nothing is
cloned or installed globally — the command is fetched and run on demand.
You can also run it directly to sanity-check it:
npx -y node-sqlite-mcpIt speaks MCP over stdio and waits for a client; there is nothing interactive to see.
Tools
Every tool takes the database as an argument — path should be an absolute
path to a .db / .sqlite file. The database is always opened read-only.
Tool | Arguments | Returns |
|
| The tables and views in the database. |
|
| Columns, types, a boolean not-null flag, defaults and a boolean primary-key flag for one table or view. |
|
| The rows returned by a single read-only SQL statement. |
Output format
Results come back as TSV: a tab-separated header row of column names, one line per row, then a blank line and a row count. This is used instead of JSON because it does not repeat column names on every row, keeping the payload small.
NULLis rendered as an empty field.Tabs, carriage returns, newlines and backslashes inside values are escaped (
\t,\r,\n,\\). Other control characters are escaped as\xNN(e.g. NUL as\x00).BLOBs are rendered as a SQLite hex literal, e.g.
x'deadbeef'.The
describe_tablenot_nullandprimary_keycolumns are booleans (true/false).
Read-only
The SQLite connection is opened read-only, so INSERT / UPDATE / DELETE
and schema changes fail at the engine level — not merely by convention. The
query tool runs a single statement per call and does not truncate
results, so a broad SELECT * on a large table can return a very large payload;
the tool description tells the agent to add a LIMIT and select only needed
columns.
Security note
This is a local, trust-the-user tool. It will open any SQLite file the operating-system user running the server can already read — there is no allowlist or directory confinement.
Development
npm install # installs deps and builds via the "prepare" script
npm run build # compile TypeScript to dist/Source is TypeScript in src/; the published package ships compiled JavaScript
in dist/ (the bin entry point). Consumers never run a build step.
Releases & publishing
Releases are automated with Release Please, driven by Conventional Commits:
Every push to
mainopens or updates a standing release PR that bumps the version inpackage.json/package-lock.jsonand updatesCHANGELOG.md, derived from the commits since the last release (fix:→ patch,feat:→ minor, a!orBREAKING CHANGE:→ major).Merging that release PR tags the version, creates a GitHub Release, and triggers
npm publish(on-push-main.yml→workflow-call.release.yml).
So the normal flow is: land Conventional-Commit PRs on main, then merge the
release PR when you want to cut a version — no manual tag or npm publish.
Publishing uses npm trusted publishing (OIDC) — no tokens. Configure the
trusted publisher on npmjs.com against this repository, the entry workflow
on-push-main.yml, and the production environment. The publish job
runs with id-token: write on npm ≥ 11.5.1, and provenance is generated
automatically.
To publish by hand instead (e.g. the first release, to bootstrap the package before a trusted publisher can be configured), from a logged-in machine:
npm publishCommit messages
This repo uses Conventional Commits.
Because PRs are merged (not squashed), every commit lands on main verbatim and
is what Release Please parses — so each commit in a PR is linted against the
convention (on-pr.yml → workflow-call.lint-pr.yml, config in
.commitlintrc.json). Common types: feat:, fix:, docs:, chore:,
refactor:, test:, ci:. A feat!: prefix or a BREAKING CHANGE: footer
marks a breaking change.
License
MIT
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Tools
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/djgadd/sqlite-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server