sqlens-mcp
Read-only MCP server giving AI agents schema inspection and safe SELECT/EXPLAIN access to Postgres, MySQL and SQLite.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for sqlens-mcp, derived from its capabilities.
AIVSS 6.3 ยท Medium
View MAESTRO 7-layer threat model โOverview
sqlens-mcp connects an AI assistant to local development databases (Postgres, MySQL, SQLite) over a read-only surface. Tools inspect schemas, run SELECT queries and explain query plans without leaving the conversation. Security surface: a DEVDB_URL connection string with database credentials and the risk of prompt-injected queries scraping data through the read path.
Key features
- Read-only SELECT/EXPLAIN over Postgres, MySQL, SQLite
- Schema and table metadata discovery
- Query-plan explanation for tuning
- Single DEVDB_URL connection config
Use cases
- Let an agent explore a dev database schema
- Safely answer analytics questions over app data