db-read
v0.1.1
Published
Read-only MCP server for PostgreSQL, MySQL, and MongoDB.
Maintainers
Readme
db-read
db-read is a read-only MCP server for coding agents that need safe access to PostgreSQL, MySQL, and MongoDB. It supports both hosted and local databases through a git-ignored .db-read.yml.
Features
- One MCP server for PostgreSQL, MySQL, and MongoDB
- Environment-based config:
dev,staging,prod - Local and hosted connection support via
urior explicit host settings - Read-only guards for SQL and MongoDB aggregation
- MCP tools for listing connections, describing them, inspecting schema, and running read queries
Config
Copy .db-read.example.yml to .db-read.yml and fill in your credentials.
version: 1
defaultEnvironment: dev
defaults:
timeoutMs: 10000
maxRows: 1000
maxDocuments: 1000
environments:
dev:
connections:
app_pg:
kind: postgres
uri: postgresql://readonly:secret@localhost:5432/app
billing_mysql:
kind: mysql
host: db.example.com
port: 3306
user: readonly
password: secret
database: billing
ssl: true
analytics_mongo:
kind: mongodb
uri: mongodb+srv://readonly:[email protected]
database: analyticsCLI
npm run build
node dist/cli.js validate-config --config .db-read.yml
node dist/cli.js serve --env dev --config .db-read.ymlMCP client examples
Codex-style stdio config:
{
"mcpServers": {
"db-read": {
"command": "node",
"args": [
"/absolute/path/to/db-read/dist/cli.js",
"serve",
"--env",
"dev",
"--config",
"/absolute/path/to/project/.db-read.yml"
]
}
}
}Cursor and Claude Code can use the same stdio command/args pattern.
Safety model
- Use least-privileged read-only DB credentials.
- SQL tools reject multi-statement and non-read queries.
- MongoDB tools expose only
findand aggregation, and block$outand$merge. - Timeouts and result limits are enforced per request.
