Ariful Islam
Provides safe, structured access to MariaDB databases with read-only mode, row caps, and statement timeouts.
Provides safe, structured access to MySQL databases with read-only mode, row caps, and statement timeouts.
Provides safe, structured access to SQLite databases with read-only mode, row caps, and statement timeouts.
database-mcp
MCP servers that give AI clients safe, structured access to SQL databases.
One installable package per database engine. Every package exposes the same
minimal two-tool surface, execute_sql and search_objects, with
guardrails on by default: read-only mode, row caps, and statement timeouts.
Packages
Engine | TypeScript (npm) | Version |
SQLite | ||
libSQL | ||
MySQL | ||
MariaDB | ||
Postgres |
All five are published, provenance-attested, and pass the shared conformance suite against real databases in CI.
Python, Go, and Rust implementations are planned once the TypeScript line is complete. All packages, in every language, pass the same language-agnostic conformance suite, so behavior is identical everywhere.
Related MCP server: db-mcp-server
Design principles
Two tools, no more. A tiny tool surface keeps the model's context window clean.
search_objectsprogressively discloses schema: call it with no arguments to list tables, with a table name to get columns, indexes, and foreign keys.Safe by default. Read-only mode is enforced in two layers: a conservative SQL guard, plus a session-level read-only setting in the database itself. Rows are capped (default 1000) and statements time out (default 30s).
Configured at launch, never via chat. Connection details come from flags, a YAML config file, or environment variables. Credentials are never accepted through a tool call.
Secrets never appear in logs. Passwords live in non-printable secret types, DSNs are sanitized before logging, and a redaction filter guards the log boundary.
Quick start
Pick your engine's package; each README has the full config surface. SQLite:
{
"mcpServers": {
"sqlite": {
"command": "npx",
"args": ["-y", "@database-mcp/sqlite", "--dsn", "/absolute/path/to/database.db"]
}
}
}Networked engines take credentials from the environment (MYSQL_*,
MARIADB_*, POSTGRES_*/DATABASE_URL, LIBSQL_URL/LIBSQL_AUTH_TOKEN),
*_FILE mounted secrets, or a YAML file via --config. Never from a chat
prompt.
Contributing
See CONTRIBUTING.md. The short version: the conformance
suite is the definition of done. A change is mergeable only when
conformance/run.mjs passes against every affected server.
License
This server cannot be installed
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/arifulislamat/database-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server