Thoth MCP
Provides read-only query execution, table listing, and schema inspection for MySQL databases through MCP tools such as query_mysql, list_tables, and describe_table.
Provides read-only query execution, table listing, and schema inspection for PostgreSQL databases through MCP tools such as query_postgres, list_tables_postgres, and describe_table_postgres.
Provides safe, read-only command execution for Redis, including GET, HGETALL, LRANGE, SMEMBERS, and other explicitly allowed operations via the query_redis tool.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Thoth MCPlist all tables in the MySQL prod_db datasource"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Thoth MCP
A security-first, read-only MCP server for AI assistants to safely query MySQL, PostgreSQL, and Redis.
Every query passes through a layered safety pipeline before it ever reaches your database — so you can give an AI assistant data-access capabilities without handing it a loaded gun.
Table of Contents
Related MCP server: postgres-mcp-query-tool
Why use this?
Read-only by design. Writes are structurally impossible — there is no
executepath that ever mutates data.Defense in depth. SQL is validated three ways (SELECT enforcement → injection detection → automatic LIMIT). Redis commands are restricted to an explicit allowlist.
Secrets never leave your config. Passwords are loaded from env vars and stripped from logs and error messages.
One server, many datasources. Connect to all your databases through a single MCP endpoint.
Works with any MCP client — Claude Code, Cursor, Windsurf, and anything else that speaks MCP.
Features
Query multiple MySQL, PostgreSQL, and Redis instances through one server
Three-layer SQL safety (SELECT enforcement + injection detection + automatic LIMIT)
Redis command allowlist (only explicitly safe read-only commands)
Markdown output for efficient AI context usage
stdio, SSE, and streamable-http transports
Docker Compose stack with seed data for local development
Quick Start
Requirements
Python 3.10+
Docker and Docker Compose (optional, for containerized deployment)
Install and run locally
# Clone
git clone https://github.com/pennxiv/thoth-mcp.git
cd thoth-mcp
# Set up a virtual environment
python -m venv .venv
source .venv/bin/activate # or .venv\Scripts\activate on Windows
# Install
pip install -e ".[dev]"
# Point at your datasources and run
export THOTH_DATASOURCES_FILE=config/datasources.yaml
python -m thoth_mcpRun with Docker
# Starts the server in streamable-http mode on port 8080
docker compose up -d --build
# Connect from any machine on your network:
# http://<server-ip>:8080/mcpConnect your MCP client
Claude Code (~/.claude.json or project .mcp.json):
{
"mcpServers": {
"thoth": {
"url": "http://<server-ip>:8080/mcp",
"transport": "streamable-http"
}
}
}Cursor / Windsurf (.cursor/mcp.json):
{
"mcpServers": {
"thoth": {
"url": "http://<server-ip>:8080/mcp",
"transport": "streamable-http"
}
}
}For local-only use, configure the client to launch the server over stdio instead — no HTTP exposure needed.
Configuration
Create a datasources.yaml file (or set THOTH_DATASOURCES_FILE to point at one):
mysql:
prod_db:
host: mysql.example.com
port: 3306
user: readonly_user
password: ${MYSQL_PROD_PASSWORD} # overridden via environment variable
database: production
min_pool_size: 1
max_pool_size: 10
redis:
cache:
host: redis.example.com
port: 6379
db: 0
min_pool_size: 1
max_pool_size: 10Supplying secrets
Passwords should never live in config files. Override them via environment variables using the pattern THOTH_<TYPE>__<NAME>__PASSWORD:
export THOTH_MYSQL__PROD_DB__PASSWORD=secret123
export THOTH_POSTGRES__WAREHOUSE__PASSWORD=another_secret
export THOTH_REDIS__CACHE__PASSWORD=redis_secretSee config/datasources.yaml for a full example with all three datasource types.
MCP Tools
Tool | Description |
| Execute a SELECT query against a MySQL datasource |
| List all tables in a MySQL datasource |
| Show column details for a MySQL table |
| Execute a SELECT query against a PostgreSQL datasource |
| List all tables in a PostgreSQL datasource (public schema) |
| Show column details for a PostgreSQL table |
| Execute a safe read-only Redis command |
| List all configured MySQL, PostgreSQL, and Redis datasources |
Security
This server is built around the assumption that anything reaching the database must be read-only and injection-free.
SQL safety (three-layer defense)
SELECT-only enforcement — only SELECT statements are permitted.
Injection pattern detection — blocks UNION injection, comment obfuscation, and multi-statement attacks.
Automatic LIMIT injection — queries without a LIMIT clause receive a default limit (100 rows) to prevent unbounded scans.
Redis safety
Only these read-only commands are permitted: GET, HGET, HGETALL, LRANGE, SMEMBERS, TTL, TYPE, LLEN, SCARD, EXISTS, HEXISTS, SRANDMEMBER, ZCARD, ZSCORE, ZRANGE.
Commands like SET, DEL, KEYS, and FLUSHALL are explicitly blocked.
Error sanitization
Error messages never expose hostnames, IPs, connection strings, or credentials. This holds even when connection setup or query execution fails.
Network exposure
When running in streamable-http or sse mode, the server listens on 0.0.0.0:8080 by default. Place it behind authenticated network boundaries — do not expose it directly to the public internet without additional auth. See SECURITY.md.
Transports
Mode | Use case | Env |
| Client and server on the same machine |
|
| Remote clients over HTTP |
|
| Browser-based / unidirectional streaming |
|
Variable | Default | Description |
|
| Transport mode |
|
| Listen host (http/sse only) |
|
| Listen port (http/sse only) |
SSE mode exposes /sse (client connections) and /messages/ (POST endpoint).
Architecture
┌──────────────────────────────────────────────────────────────┐
│ FastMCP Server │
│ ┌─────────────┐ ┌──────────────┐ ┌─────────────┐ │
│ │ MySQL Tools │ │PostgreSQL │ │ Redis Tools │ │
│ │ │ │Tools │ │ │ │
│ └──────┬──────┘ └──────┬───────┘ └──────┬──────┘ │
│ │ │ │ │
│ ┌──────▼──────┐ ┌──────▼───────┐ ┌──────▼──────┐ │
│ │ MySQL Pool │ │PostgreSQL │ │ Redis Pool │ │
│ │ Manager │ │Pool Manager │ │ Manager │ │
│ └──────┬──────┘ └──────┬───────┘ └──────┬──────┘ │
│ │ │ │ ┌──────────┐ │
│ ┌──────▼──────┐ ┌──────▼───────┐ ┌──────▼──────┐ │
│ │ SQL Safety │ │ SQL Safety │ │Redis Safety │ │
│ └──────┬──────┘ └──────┬───────┘ └──────┬──────┘ │
│ └───────────────┴────────────────┴───│ Config │ │
│ └──────────┘ │
└──────────────────────────────────────────────────────────────┘
│ │ │
┌────▼────┐ ┌────▼─────┐ ┌────▼────┐
│ MySQL │ │PostgreSQL│ │ Redis │
│ DB │ │ DB │ │Instance │
└─────────┘ └──────────┘ └─────────┘Development
# Run the test suite
pytest tests/ -v
# Run a single test file
pytest tests/test_mysql_tools.py -v
# Run with coverage
pytest tests/ --cov=src/thoth_mcp --cov-report=html
# Lint
ruff check src/ tests/See CONTRIBUTING.md for contribution guidelines and CHANGELOG.md for version history.
Project structure
thoth-mcp/
├── src/thoth_mcp/
│ ├── config.py # Configuration loading
│ ├── server.py # FastMCP server assembly
│ ├── __main__.py # Entry point
│ ├── db/ # Connection pool managers (mysql, postgresql, redis)
│ ├── tools/ # MCP tools (mysql, postgresql, redis, discovery)
│ └── utils/ # Safety layers, formatters, logging
├── tests/ # Test suite
├── docker/ # Docker seed data
├── config/ # Example configurations
└── pyproject.tomlLicense
MIT License — see LICENSE.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/pennxiv/thoth-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server