Provides secure, read-only database queries, HTTP GET requests with anti-SSRF protection, and file reading within a restricted directory.
Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
process.env. You'll be asked to provide them before it can run.DATABASE_URL— db_query(sql) Run a read-only SQL query against , returns rows as JSON SELECT/WITH only and a real READ ONLY Postgres sessionMCP_DB_MAX_ROWSMCP_URL_ALLOWLIST— http_get can't be turned into an SSRF. Only http(s), and the host must be in . Empty allowlist = nothing allowed (deny-by-default), so a misconfigured server isn't an open proxy.MCP_HTTP_MAX_BYTESMCP_FILES_ROOT— read_file(path) Read a text file under Path resolved inside the root, blocks ../ traversal & absolute pathsMCP_FILE_MAX_BYTESMCP_TRANSPORT[](https://m8ven.ai/mcp/eduardodknight-mcp-server-template-lixy17)