- Home
- MCP servers
- MCP SQLite Tools
MCP SQLite Tools
- typescript
7
GitHub Stars
typescript
Language
4 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Installation
Add the following to your MCP client configuration file.
Configuration
View docs{
"mcpServers": {
"spences10-mcp-sqlite-tools": {
"command": "npx",
"args": [
"-y",
"mcp-sqlite-tools"
],
"env": {
"DEBUG": "false",
"SQLITE_BACKUP_PATH": "./backups",
"SQLITE_DEFAULT_PATH": ".",
"SQLITE_MAX_QUERY_TIME": "30000",
"SQLITE_ALLOW_ABSOLUTE_PATHS": "true"
}
}
}
}You run a Model Context Protocol (MCP) server that provides safe, comprehensive access to local SQLite databases for language models and tooling. This server supports database management, table and query operations, transactions, schema handling, maintenance tasks, and robust security measures to keep data safe while enabling powerful AI-assisted workflows.
How to use
To use this MCP server, you run it as a local process or through an MCP client, then grant your AI assistant access to perform read-only queries, write operations, or schema changes according to your approval rules. You can open, describe, and export databases, list and inspect tables, execute SELECTs and data-altering statements under controlled conditions, manage transactions with savepoints, and back up or vacuum databases. The service classifies operations to help you approve or deny actions, and it validates inputs to guard against unsafe queries.
How to install
Install the MCP server and prepare it for use with your MCP client by following these steps in order.
# From npm (global installation)
npm install -g mcp-sqlite-tools
# From source
git clone <repository-url>
cd mcp-sqlite-tools
pnpm install
pnpm run build
Configuration and security
Configure the server to run with your preferred database locations and security constraints. You can set a default path for databases, control whether absolute paths are allowed, specify a backup directory, and adjust the maximum query time. The server includes automatic query classification, path validation, input validation, advanced connection pooling with health monitoring, and automatic cleanup of stale transactions to minimize risk.
Common environment variables you configure include the default path for databases, whether absolute paths are allowed, a backup path, and the maximum query time. These settings help you tailor the server’s behavior to your environment and security requirements.
Examples of usage patterns
Read-only operations such as listing tables or inspecting a table’s schema can be approved for quick read access. Destructive operations like inserting data or dropping a table require explicit, per-operation approval. Schema changes should also be reviewed and approved before execution. When performing multiple steps, wrap them in a transaction to maintain data integrity and enable rollback if needed.
If you plan to batch-insert many records, prefer the bulk insert tool to improve efficiency and reduce the number of individual transactions.
Troubleshooting and notes
If you encounter permission or path-related errors, verify that your configured SQLITE_DEFAULT_PATH is accessible by the MCP server and that you have not enabled restricted path handling inappropriately. Check that your environment variables are set in the method you use to start the server and that your MCP client configuration points to the correct MCP server command.
Development and testing
For development, build and start the server in development mode, then test tool interactions and transaction flows against a test database before connecting your AI agent to real data.
API reference overview
The server exposes a range of tools to manage databases, tables, queries, transactions, schemas, and maintenance tasks. Tools are categorized by safety: read-only operations are considered SAFE, data-modifying operations are DESTRUCTIVE, and schema changes are SCHEMA CHANGE. Use the provided guidance to approve or deny actions when integrating with an MCP client.
Notes on tool availability and approvals
Read-only tools may be auto-approved in your MCP client configuration, while destructive and schema-changing tools should require explicit approval to help prevent unintended data modifications.
Available tools
open_database
Opens or creates a SQLite database file and returns a handle for subsequent operations.
close_database
Closes an active database connection.
list_databases
Lists available database files within a directory.
database_info
Provides metadata and statistics about a database.
list_tables
Lists all tables and views in the current database.
describe_table
Returns a table's schema details, with optional verbosity levels.
create_table
Creates a new table with a defined set of columns.
drop_table
Permanently deletes a table and its data.
execute_read_query
Executes safe read-only SQL queries such as SELECT, PRAGMA, and EXPLAIN.
execute_write_query
Executes SQL statements that modify data (INSERT, UPDATE, DELETE).
execute_schema_query
Performs DDL operations like CREATE, ALTER, and DROP.
bulk_insert
Inserts multiple records into a table in batches to improve efficiency.
begin_transaction
Starts a database transaction with optional savepoint support.
commit_transaction
Commits the current transaction or releases a savepoint.
rollback_transaction
Rolls back the current transaction or to a savepoint.
export_schema
Exports the database schema to SQL or JSON format.
import_schema
Imports and executes schema from SQL or JSON content.
backup_database
Creates a backup of a database with a timestamp.
vacuum_database
Optimizes database storage by reclaiming unused space.