MCP.so
ログイン

Db Whisper

@404-UNKNOW

Db Whisper について

概要はまだありません

基本情報

カテゴリ

データベース

ライセンス

MIT

ランタイム

node

トランスポート

stdio

公開者

404-UNKNOW

投稿者

Dennis LIU

設定

以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。

{
  "mcpServers": {
    "db-whisper": {
      "command": "npx",
      "args": [
        "-y",
        "db-whisper-mcp"
      ],
      "env": {
        "DATABASE_URL": "postgresql://username:password@host:port/database",
        "NODE_ENV": "production"
      }
    }
  }
}

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is Db Whisper?

DB-Whisper is a production-hardened, read-only database inspection server built on the Model Context Protocol (MCP). It is designed for AI assistants such as Cursor and Claude Desktop, using deep AST validation and strict security boundaries to ensure that AI can safely and securely query databases in a controlled, read-only environment.

How to use Db Whisper?

Db Whisper is invoked via npx -y db-whisper-mcp and configured through environment variables such as DATABASE_URL, ALLOWED_TABLES, DB_SSL, and QUERY_TIMEOUT_MS. Integration with Claude Desktop or Cursor requires adding a JSON configuration block under mcpServers with the appropriate command, args, and env.

Key features of Db Whisper

  • Deep AST firewall with strict whitelist and default-deny policy.
  • Isolation from system metadata tables (e.g., information_schema, pg_catalog, sqlite_schema).
  • Complexity limits: AST nodes ≤150, nesting depth ≤8.
  • Driver-level read-only enforcement for SQLite and PostgreSQL.
  • Rate limiting: default 10 queries per minute via token bucket.
  • Zero‑information leakage on security blocks; audit masking for sensitive data.

Use cases of Db Whisper

  • Safely allow AI assistants to inspect production database schemas and data.
  • Enable read-only, rate‑limited database queries from MCP clients like Cursor.
  • Provide a hardened bridge between AI tools and databases without write risk.
  • Audit and limit AI‑generated SQL to prevent resource exhaustion or information leakage.

FAQ from Db Whisper

What security mechanisms does Db Whisper use?

It enforces a deep AST firewall with a whitelist of allowed SELECT node types, isolates system metadata, limits AST complexity, and uses driver-level read-only (SQLite PRAGMA query_only, PostgreSQL BEGIN READ ONLY).

Which databases are supported?

Db Whisper supports SQLite (in forced read‑only mode) and PostgreSQL (transactions are wrapped in BEGIN READ ONLY).

How do I restrict which tables the AI can access?

Set the ALLOWED_TABLES environment variable with a comma‑separated list of allowed table names. If unset, only blacklist mode is active (system tables are blocked).

What is the default query rate limit?

The default rate limit is 10 queries per minute per server instance, enforced by a token bucket mechanism.

Does Db Whisper support SSL?

Yes. By default rejectUnauthorized: true is enabled. You can additionally force SSL verification via the DB_SSL environment variable.

コメント

「データベース」の他のコンテンツ