Is Mcp Sqlalchemy Server safe to use?

Mcp Sqlalchemy Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install Mcp Sqlalchemy Server?

Mcp Sqlalchemy Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Mcp Sqlalchemy Server do?

Mcp Sqlalchemy Server provides 10 tools: podbc_get_schemas, podbc_get_tables, podbc_describe_table, podbc_filter_table_names, podbc_query_database and 5 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Mcp Sqlalchemy Server?

Mcp Sqlalchemy Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is Mcp Sqlalchemy Server actively maintained?

Mcp Sqlalchemy Server is less actively maintained — last commit was 360 days ago. It has 23 GitHub stars.

Mcp Sqlalchemy Server

Name: Mcp Sqlalchemy Server
Author: OpenLinkSoftware

@modelcontextprotocol/inspector · by OpenLinkSoftware

A simple MCP ODBC server using FastAPI, ODBC and SQLAlchemy.

23 210.2k/wk 10 tools GitHub npm PyPI

No known CVEs

MIT license

Stale

Last commit 360d ago

Works with most clients

Transport: stdio, http

10 tools · ~1.3k tok

Grade B · 0.7% of 200K ctx

Edit this pageView history

Data

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "my_database": {
      "env": {
        "API_KEY": "sk-xxx",
        "ODBC_DSN": "dsn_name",
        "ODBC_USER": "username",
        "ODBC_PASSWORD": "password"
      },
      "args": [
        "--directory",
        "/path/to/mcp-sqlalchemy-server",
        "run",
        "mcp-sqlalchemy-server"
      ],
      "command": "uv"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-sqlalchemy-server)](https://mcppedia.org/s/mcp-sqlalchemy-server)

Read me

What Mcp Sqlalchemy Server does

A lightweight MCP (Model Context Protocol) server for ODBC built with FastAPI, pyodbc, and SQLAlchemy. This server is compatible with Virtuoso DBMS and other DBMS backends that implement a SQLAlchemy provider.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/inspector' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

79/100across 5 weighted dimensions

How we score →

0255075100

−21

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

6 fixed

GHSA-pjjw-68hj-v9mwmedium · fixedCVSS 4

uv vulnerable to arbitrary file deletion through RECORD entries

## Impact Wheel RECORD entries can contain relative paths that traverse outside of the wheel’s installation prefix. In versions 0.11.5 and earlier of uv, these wheels were not rejected on installation and the RECORD was respected without validation on uninstall. uv uses the RECORD to determine files to remove on uninstall. Consequently, a malicious or malformed wheel could induce deletion of arbitrary files outside of the wheel’s installation prefix on uninstall. uv does not use the RECORD fi

Affected: >= 0Fixed in 0.11.6source →

CVE-2025-13327medium · fixedCVSS 4

uv allows ZIP payload obfuscation through parsing differentials

### Impact In versions 0.9.5 and earlier of uv, ZIP archives were handled in a manner that enabled two parsing differentials against other components of the Python packaging ecosystem: 1. Central directory entries in a ZIP archive can contain comment fields. However, uv would assume that these fields were not present, since they aren't widely used. Consequently, a ZIP archive could be constructed where uv would interpret the contents of a central directory comment field as ZIP control structur

Affected: >= 0Fixed in 0.9.6source →

GHSA-w476-p2h3-79g9info · fixed

uv has differential in tar extraction with PAX headers

### Impact In versions 0.9.4 and earlier of uv, tar archives containing PAX headers with file size overrides were not handled properly. As a result, an attacker could contrive a source distribution (as a tar archive) that would extract differently when installed via uv versus other Python package installers. The underlying parsing differential here originates with astral-tokio-tar, which disclosed this vulnerability as CVE-2025-62518. In practice, the impact of this vulnerability is **low**:

Affected: >= 0Fixed in 0.9.5source →

CVE-2025-58444medium · fixedCVSS 4

MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server

An XSS flaw exists in the MCP Inspector local development tool when it renders a redirect URL returned by a remote MCP server. If the Inspector connects to an untrusted server, a crafted redirect can inject script into the Inspector context and, via the built-in proxy, be leveraged to trigger arbitrary command execution on the developer machine. Version 0.16.6 hardens URL handling/validation and prevents script execution. > Thank you to the following researchers for their reports and contributi

Affected: >= 0Fixed in 0.16.6source →

CVE-2025-54368medium · fixedCVSS 4

uv allows ZIP payload obfuscation through parsing differentials

## Impact In versions 0.8.5 and earlier of uv, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. This enabled two parser differentials against other Python package installers: 1. An attacker could contrive a ZIP archive that would extract with legitimate contents on some package installers, and malicious contents on others due to multiple local file entries. The attacker could choose which installer to target

Affected: >= 0Fixed in 0.8.6source →

Inventory

Tools (10)

Click any tool to inspect its schema.

~1.3k tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Sqlalchemy Server safe to use?: Mcp Sqlalchemy Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Mcp Sqlalchemy Server?: Mcp Sqlalchemy Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Sqlalchemy Server do?: Mcp Sqlalchemy Server provides 10 tools: podbc_get_schemas, podbc_get_tables, podbc_describe_table, podbc_filter_table_names, podbc_query_database and 5 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Sqlalchemy Server?: Mcp Sqlalchemy Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Mcp Sqlalchemy Server actively maintained?: Mcp Sqlalchemy Server is less actively maintained — last commit was 360 days ago. It has 23 GitHub stars.

Similar servers

Others in data

View all →

Supabase MCP Server97

Manage Supabase projects — databases, auth, storage, and edge functions

2.7k 4

Firecrawl Mcp Server95

🔥 Official Firecrawl MCP Server - Adds powerful web scraping and search to Cursor, Claude and any other LLM clients.

6.3k 4

Apify Mcp Server94

The Apify MCP server enables your AI agents to extract data from social media, search engines, maps, e-commerce sites, or any other website using thousands of ready-made scrapers, crawlers, and automation tools available on the Apify Store.

1.2k 1

Mcp Server Qdrant94

An official Qdrant Model Context Protocol (MCP) server implementation

1.4k 2

MCP Security Weekly

Get CVE alerts and security updates for Mcp Sqlalchemy Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Data

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "my_database": {
      "env": {
        "API_KEY": "sk-xxx",
        "ODBC_DSN": "dsn_name",
        "ODBC_USER": "username",
        "ODBC_PASSWORD": "password"
      },
      "args": [
        "--directory",
        "/path/to/mcp-sqlalchemy-server",
        "run",
        "mcp-sqlalchemy-server"
      ],
      "command": "uv"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-sqlalchemy-server)](https://mcppedia.org/s/mcp-sqlalchemy-server)

Read me

What Mcp Sqlalchemy Server does

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/inspector' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

MCP Server ODBC via SQLAlchemy

A lightweight MCP (Model Context Protocol) server for ODBC built with FastAPI, pyodbc, and SQLAlchemy. This server is compatible with Virtuoso DBMS and other DBMS backends that implement a SQLAlchemy provider.

Features

Get Schemas: Fetch and list all schema names from the connected database.
Get Tables: Retrieve table information for specific schemas or all schemas.
Describe Table: Generate a detailed description of table structures, including:
- Column names and data types
- Nullable attributes
- Primary and foreign keys
Search Tables: Filter and retrieve tables based on name substrings.
Execute Stored Procedures: In the case of Virtuoso, execute stored procedures and retrieve results.
Execute Queries:
- JSONL result format: Optimized for structured responses.
- Markdown table format: Ideal for reporting and visualization.

Prerequisites

Install uv:
```
pip install uv
```
Or use Homebrew:
```
brew install uv
```
unixODBC Runtime Environment Checks:
Check installation configuration (i.e., location of key INI files) by running: odbcinst -j
List available data source names by running: odbcinst -q -s

ODBC DSN Setup: Configure your ODBC Data Source Name (~/.odbc.ini) for the target database. Example for Virtuoso DBMS:

[VOS]
Description = OpenLink Virtuoso
Driver = /path/to/virtodbcu_r.so
Database = Demo
Address = localhost:1111
WideAsUTF16 = Yes

SQLAlchemy URL Binding: Use the format:
```
virtuoso+pyodbc://user:password@VOS
```

Installation

Clone this repository:

git clone https://github.com/OpenLinkSoftware/mcp-sqlalchemy-server.git
cd mcp-sqlalchemy-server

Environment Variables

Update your .envby overriding the defaults to match your preferences

ODBC_DSN=VOS
ODBC_USER=dba
ODBC_PASSWORD=dba
API_KEY=xxx

Configuration

For Claude Desktop users: Add the following to claude_desktop_config.json:

{
  "mcpServers": {
    "my_database": {
      "command": "uv",
      "args": ["--directory", "/path/to/mcp-sqlalchemy-server", "run", "mcp-sqlalchemy-server"],
      "env": {
        "ODBC_DSN": "dsn_name",
        "ODBC_USER": "username",
        "ODBC_PASSWORD": "password",
        "API_KEY": "sk-xxx"
      }
    }
  }
}

Usage

Database Management System (DBMS) Connection URLs

Here are the pyodbc URL examples for connecting to DBMS systems that have been tested using this mcp-server.

Database	URL Format
Virtuoso DBMS	`virtuoso+pyodbc://user:password@ODBC_DSN`
PostgreSQL	`postgresql://user:password@localhost/dbname`
MySQL	`mysql+pymysql://user:password@localhost/dbname`
SQLite	`sqlite:///path/to/database.db`
Once connected, you can interact with your WhatsApp contacts through Claude, leveraging Claude's AI capabilities in your WhatsApp conversations.

Tools Provided

Overview

name	description
podbc_get_schemas	List database schemas accessible to connected database management system (DBMS).
podbc_get_tables	List tables associated with a selected database schema.
podbc_describe_table	Provide the description of a table associated with a designated database schema. This includes information about column names, data types, nulls handling, autoincrement, primary key, and foreign keys
podbc_filter_table_names	List tables, based on a substring pattern from the `q` input field, associated with a selected database schema.
podbc_query_database	Execute a SQL query and return results in JSONL format.
podbc_execute_query	Execute a SQL query and return results

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

79/100across 5 weighted dimensions

How we score →

0255075100

−21

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

6 fixed

GHSA-pjjw-68hj-v9mwmedium · fixedCVSS 4

uv vulnerable to arbitrary file deletion through RECORD entries

Affected: >= 0Fixed in 0.11.6source →

CVE-2025-13327medium · fixedCVSS 4

uv allows ZIP payload obfuscation through parsing differentials

Affected: >= 0Fixed in 0.9.6source →

GHSA-w476-p2h3-79g9info · fixed

uv has differential in tar extraction with PAX headers

Affected: >= 0Fixed in 0.9.5source →

CVE-2025-58444medium · fixedCVSS 4

MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server

Affected: >= 0Fixed in 0.16.6source →

CVE-2025-54368medium · fixedCVSS 4

uv allows ZIP payload obfuscation through parsing differentials

Affected: >= 0Fixed in 0.8.6source →

Inventory

Tools (10)

Click any tool to inspect its schema.

~1.3k tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Sqlalchemy Server safe to use?: Mcp Sqlalchemy Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Mcp Sqlalchemy Server?: Mcp Sqlalchemy Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Sqlalchemy Server do?: Mcp Sqlalchemy Server provides 10 tools: podbc_get_schemas, podbc_get_tables, podbc_describe_table, podbc_filter_table_names, podbc_query_database and 5 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Sqlalchemy Server?: Mcp Sqlalchemy Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Mcp Sqlalchemy Server actively maintained?: Mcp Sqlalchemy Server is less actively maintained — last commit was 360 days ago. It has 23 GitHub stars.