45
grade D
4 days ago
glama
postgres-mcp
MCP server with 14 tools for PostgreSQL database operations. Query databases, explore schemas, analyze tables, with SQL injection prevention and read-only mode by default.
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
// key findings
✅
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
✅
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 1 credential: POSTGRES_PASSWORD
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from
process.env. You'll be asked to provide them before it can run.config
ALLOW_WRITE_OPERATIONS— false Enable INSERT/UPDATE/DELETEconfig
MAX_ROWS— 1000 Maximum rows returnedconfig
POSTGRES_DB— e =your_database \config
POSTGRES_HOST— e =localhost \🔐 secret
POSTGRES_PASSWORD— e =your_password \config
POSTGRES_PORT— 5432 Database portconfig
POSTGRES_SSLMODE— prefer SSL modeconfig
POSTGRES_USER— e =your_user \config
QUERY_TIMEOUT— 30 Query timeout (seconds)// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 1 concrete improvement we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[](https://m8ven.ai/mcp/javimaligno-postgres-mcp-q3khdy)commit: 79804a4d5645eecf165f1191955d89d0c7095abe
code hash: b3b1a0b25db10929071ab2e5e554e7e0e56dc4cf1e63814b71e36deed9cc246d
verified: 4/18/2026, 7:00:11 PM