PostgreSQL MCP
Read-only PostgreSQL MCP server that enforces READ ONLY transactions for schema discovery and safe SELECT queries.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for PostgreSQL MCP, derived from its capabilities.
AIVSS 5.6 ยท Medium
View MAESTRO 7-layer threat model โOverview
PostgreSQL MCP exposes a Postgres database to AI agents through explicit READ ONLY transactions, supporting schema discovery, table metadata and bounded SELECT queries with a configurable max-row cap. Security surface: it holds a DATABASE_URL with full DB credentials; the READ ONLY transaction and row cap are the primary guardrails against data exfiltration and runaway queries.
Key features
- READ ONLY transaction enforcement
- Configurable MCP_MAX_ROWS result cap
- Schema and table metadata tools
- Connection via DATABASE_URL
Use cases
- Expose a production replica for safe agent queries
- Analytics over Postgres without write risk