npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@gishubperu/mcp-postgresql

v1.0.6

Published

Presentation layer — MCP server with stdio and HTTP transports.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

ghsacghsac

Keywords

mcppostgresqlpostgresmodel-context-protocolsecureread-only

Readme

@gishubperu/mcp-postgresql

Secure PostgreSQL MCP server for AI agents. Read-only by default, with runtime permission control.

Features

  • 12 MCP tools — query, list tables, describe schema, execute DML/DDL/DCL, manage permissions and profiles
  • SQL injection protection — 20+ pattern rules (stacked queries, file I/O, dblink, function creation, privilege escalation, XXE)
  • Runtime permissions — agent enables/disables DML/DDL/DCL without restarting
  • Named profiles — switch databases without exposing credentials
  • Zero-config start — just create .ghp/postgres.json

Quick start

npx @gishubperu/mcp-postgresql

Create .ghp/postgres.json in your workspace root:

{
  "url": "postgresql://user:pass@host:5432/db",
  "permissions": { "dml": true, "ddl": true, "dcl": false }
}

MCP client config

Claude Desktop / Qwen Code / Cursor

{
  "mcpServers": {
    "postgres": {
      "command": "npx",
      "args": ["-y", "@gishubperu/mcp-postgresql"]
    }
  }
}

The server reads .ghp/postgres.json from the workspace root automatically.

Configuration

.ghp/postgres.json

Simple (one database):

{
  "url": "postgresql://user:pass@host:5432/mydb",
  "permissions": { "dml": true, "ddl": true, "dcl": false }
}

Multi-profile (multiple databases):

{
  "profiles": {
    "dev": {
      "url": "postgresql://dev:pass@localhost:5432/myapp_dev",
      "permissions": { "dml": true, "ddl": true, "dcl": false }
    },
    "prod": {
      "url": "postgresql://reader:pass@prod-host:5432/myapp_prod",
      "permissions": { "dml": false, "ddl": false, "dcl": false }
    }
  },
  "default": "dev"
}

Profiles include permission defaults — switching to prod automatically locks down write access.

Global config

Place ~/.ghp/postgres.json for cross-project access. Workspace config takes precedence.

Environment variables

| Variable | Description | |---|---| | DATABASE_URL | Connection string fallback | | PROFILE | Profile name at startup | | MCP_TRANSPORT | stdio (default) or http | | MCP_HTTP_PORT | Port for HTTP (default 3000) | | DEBUG | Print SQL to stderr |

Tools

| Tool | Description | |---|---| | query | SELECT / EXPLAIN / SHOW / FETCH — parameterized $1, $2 | | list_tables | Tables with row counts and sizes | | describe_table | Columns, indexes, constraints | | execute_dml | INSERT / UPDATE / DELETE / CALL — supports multi-statement transactions | | execute_ddl | CREATE / ALTER / DROP / TRUNCATE | | execute_dcl | GRANT / REVOKE / CREATE ROLE | | configure_permissions | Enable/disable DML/DDL/DCL at runtime | | get_permissions | Current permission policy status | | set_profile | Switch to a named connection profile | | list_profiles | Available profiles (credentials redacted) | | get_current_profile | Active profile and connection details | | setup_config | Configuration guide with exact JSON format examples |

All tools are always available. Permissions start disabled (DQL only).

Agent workflow

Agent: get_permissions()
→ { dql: true, dml: false, ddl: false, dcl: false }

Agent: configure_permissions({ "ddl": true })
→ { previous: {...}, current: { dml: false, ddl: true, ... } }

Agent: execute_ddl({ sql: "ALTER TABLE ..." })
→ { rowCount: 0 }

Agent: configure_permissions({ "ddl": false })
→ back to safe defaults

Security

  • SQL injection protection: Blocklist of 20+ patterns covering stacked queries, file I/O, dblink, large objects, function creation, privilege escalation, XXE, and more
  • Parameterized queries: All user values use $1, $2, ...
  • Credential hiding: Profile tools never expose full connection strings
  • Per-profile permissions: Each profile defines its own access level

License

MIT © GisHub Perú