cache.directory
3 entries cached

postgres-inspector

fresh

Read-only Postgres MCP server that introspects schemas, runs safe queries, and returns typed results. Auto-detects sensitive columns and masks them.

by closedlab · updated · license MIT · ★ 892 · ↓ 6.2k
postgresdatabasesqlmcpintrospection

install

npx @cache/mcp-postgres-inspector

compatibility

claude-desktop full
claude-code full
cursor full
zed partial

exposed tools

  • list_tables
  • describe_table
  • run_query
  • explain_query

What it does

Gives agents safe, read-only access to a Postgres database. The agent can list tables, describe columns with types and constraints, run SELECT queries with a configurable row limit, and fetch EXPLAIN plans — but never mutate data.

Configuration

Add to your MCP config file:

{
  "mcpServers": {
    "postgres": {
      "command": "npx",
      "args": ["@cache/mcp-postgres-inspector"],
      "env": {
        "POSTGRES_URL": "postgresql://readonly_user@host/db",
        "MAX_ROWS": "1000",
        "MASK_PII": "true"
      }
    }
  }
}

Safety model

  • Connection must be a user with SELECT grants only — the server does not enforce this itself, it trusts the connection.
  • MASK_PII=true runs column-name heuristics (email, ssn, phone, password, api_key) and masks matching columns in output. Not a replacement for proper column-level permissions, but catches accidental leaks.
  • Row limit is hard-capped at 10,000 regardless of MAX_ROWS.