sql-server-mcp

jpcanter/sql-server-mcp

3.2

If you are the rightful owner of sql-server-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

A production-ready Model Context Protocol (MCP) server for Microsoft SQL Server with comprehensive stored procedure management, virtual filesystem protocol, and safe write operations.

Tools
5
Resources
0
Prompts
0

MSSQL MCP Server

A production-ready Model Context Protocol (MCP) server for Microsoft SQL Server with comprehensive stored procedure management, virtual filesystem protocol, and safe write operations.

Features

  • Virtual Filesystem: Browse database objects (stored procedures, views, functions) as files
  • Discovery Tools: Search stored procedures, inspect table schemas, analyze dependencies
  • Safe Write Operations: SQL validation, transaction management, audit logging
  • SP Management: Draft ā†’ Test ā†’ Deploy ā†’ Rollback workflow with version control
  • Performance Analysis: Query execution statistics from plan cache
  • Security: SQL injection prevention, blocked keywords, row limits

Installation

npm install
npm run build

Configuration

Copy .env.example to .env and configure:

cp .env.example .env

Key configuration options:

  • DB_SERVER: SQL Server hostname
  • DB_DATABASE: Database name
  • DB_USER/DB_PASSWORD: Credentials
  • ENABLE_WRITE_OPERATIONS: Enable INSERT/UPDATE/DELETE (default: true)
  • ENABLE_SP_MODIFICATIONS: Enable stored procedure management (default: true)
  • DRAFT_SCHEMA: Schema for testing SPs before deployment (default: dbo_draft)

See .env.example for all options.

Usage with Claude Code

Add to your MCP configuration file (.claude.json or ~/.claude.json):

{
  "mcpServers": {
    "mssql": {
      "command": "node",
      "args": ["/absolute/path/to/db_mcp/dist/index.js"],
      "env": {
        "DB_SERVER": "localhost",
        "DB_DATABASE": "MyDatabase",
        "DB_USER": "sa",
        "DB_PASSWORD": "YourPassword",
        "ENABLE_WRITE_OPERATIONS": "true",
        "ENABLE_SP_MODIFICATIONS": "true"
      }
    }
  }
}

Available Tools

Discovery & Schema

  • search_stored_procedures: Search SPs by name or content
  • get_table_schema: Get table structure with columns, indexes, foreign keys
  • get_dependencies: Analyze object dependencies (callers and references)
  • analyze_sp_performance: View execution statistics from plan cache

Execution

  • execute_query_write: Execute INSERT/UPDATE/DELETE with validation

Transactions

  • begin_transaction: Start a new transaction
  • commit_transaction: Commit changes
  • rollback_transaction: Undo changes

Stored Procedure Management

  • create_sp_draft: Create a draft SP in separate schema
  • test_sp_draft: Test draft with parameters
  • deploy_sp: Deploy to production (auto-backs up current version)
  • rollback_sp: Restore previous version
  • list_sp_versions: View version history

Example Workflows

Searching for Stored Procedures

search for stored procedures that modify the Orders table

Viewing Database Objects as Files

show me /database/stored_procedures/dbo/GetCustomerOrders.sql

Modifying a Stored Procedure

I need to update GetCustomerOrders to include email.
Create a draft, test it with CustomerId=123, then deploy.

Safe Data Modifications

Start a transaction, update Customer set Status='Active' where Id=123,
show me the result, then commit.

Performance Analysis

Analyze performance of GetDailySalesReport and show execution stats

Architecture

Phase 1: Read-Only Foundation

  • Virtual filesystem for database objects
  • Connection pooling (read-only pool)
  • Query execution with error handling
  • Discovery and schema inspection tools

Phase 2: Safe Writes

  • SQL validation and injection prevention
  • Transaction manager with timeout protection
  • Audit logging for compliance
  • Write operation tools

Phase 3: SP Management

  • Version control with SPVersionHistory table
  • Draft schema for safe testing
  • Deploy/rollback workflow
  • Automatic backups before deployment

Phase 4: Advanced Features

  • Dependency analysis
  • Performance monitoring from DMVs
  • Reference finding

Security Features

  • SQL Validation: Blocks dangerous keywords and patterns
  • Parameterized Queries: Prevents SQL injection
  • Row Limits: Prevents accidental mass updates
  • Transaction Timeouts: Auto-rollback after 5 minutes
  • Audit Trail: Logs all operations to file
  • Separate Credentials: Optional read-only and read-write connections

Testing

A complete test environment is included in the test/ directory:

cd test
./setup.sh init

This sets up a Docker container with SQL Server 2022 and a test database (MCPTestDB) pre-populated with:

  • Sample tables (Customers, Products, Orders, etc.)
  • 13 test stored procedures
  • Views and functions
  • Sample data for testing all MCP features

Connection string for testing:

Server=localhost,1433;Database=MCPTestDB;User Id=sa;Password=McpTest123!;TrustServerCertificate=true

Running Tests

After setting up the test database:

# Run all tests
npm run test:all

# Or run specific tests
npm run test:connection  # Basic connectivity test
npm run test:db         # Database object verification
npm run test:scenarios  # Comprehensive functionality tests

See test/README.md for detailed testing scenarios and management commands.

Development

# Development mode with auto-reload
npm run dev

# Build
npm run build

# Run production build
npm start

# Lint
npm run lint

# Format
npm run format

Project Structure

sql-server-mcp/
ā”œā”€ā”€ src/
ā”‚   ā”œā”€ā”€ index.ts                    # Entry point
ā”‚   ā”œā”€ā”€ server.ts                   # MCP server setup
ā”‚   ā”œā”€ā”€ types/                      # TypeScript interfaces
ā”‚   ā”œā”€ā”€ config/                     # Configuration and logging
ā”‚   ā”œā”€ā”€ database/                   # Connection, query execution, transactions
ā”‚   ā”œā”€ā”€ filesystem/                 # Virtual filesystem protocol
ā”‚   ā”œā”€ā”€ tools/                      # MCP tool implementations
ā”‚   ā”‚   ā”œā”€ā”€ discovery/              # Search and discovery
ā”‚   ā”‚   ā”œā”€ā”€ schema/                 # Schema inspection
ā”‚   ā”‚   ā”œā”€ā”€ execution/              # Query execution
ā”‚   ā”‚   ā”œā”€ā”€ sp-management/          # SP lifecycle
ā”‚   ā”‚   ā””ā”€ā”€ transactions/           # Transaction control
ā”‚   ā”œā”€ā”€ security/                   # Validation, audit logging
ā”‚   ā””ā”€ā”€ utils/                      # Version manager, helpers
ā”œā”€ā”€ test/                           # Test environment (Docker + SQL Server)
ā”‚   ā”œā”€ā”€ docker-compose.yml          # SQL Server 2022 container
ā”‚   ā”œā”€ā”€ setup.sh                    # Management script
ā”‚   ā”œā”€ā”€ init-scripts/               # Database initialization
ā”‚   ā””ā”€ā”€ backups/                    # Database backups
ā”œā”€ā”€ .env.example                    # Configuration template
ā””ā”€ā”€ package.json

License

MIT

Contributing

Contributions are welcome! Please ensure all tools follow security best practices.