WoWSQLWoWSQL
Dashboard

MCP Reference

MCP Tools & Security β€” WoWSQL Docs

Tools & security

What the server exposes Β· safe usage

Tool availability depends on the features query on your MCP URL and whether a project_ref is set. The WoWSQL MCP server registers tools from @wowsql/mcp-server-wowsql (see repo mcp/packages/mcp-server-wowsql).

Available tools

ToolFeature gateDescription
list_projects account (no project scope) List WoWSQL projects for the signed-in user.
get_project account Fetch one project by slug.
list_tables database + project List tables in the project database (PostgreSQL).
execute_sql database + project Run SQL. With read_only=true, mutating statements are rejected.
search_docs docs Search WoWSQL documentation (q parameter, min length 2).
list_storage_buckets storage + project List storage buckets for the project.

Result safety: Tool responses append a reminder that data returned from SQL or APIs should be treated as untrusted content (prompt-injection hygiene).

Feature flags

Pass comma-separated values in features=, for example:

features=account,database,docs,storage
  • account β€” list_projects, get_project (typically when no single project is fixed).
  • database β€” list_tables, execute_sql.
  • docs β€” search_docs.
  • storage β€” list_storage_buckets.

Security practices

Scope to one project

Use project_ref in the MCP URL so the assistant only sees one project’s database and storage.

Read-only mode

Use read_only=true when you only need SELECT / introspection β€” blocks obvious DML/DDL in execute_sql.

Least privilege

Omit storage or account from features if you do not need those tools.

Client approvals

Keep tool-call approval enabled in your MCP client when working with production data.

Prompt injection

Database rows and doc snippets can contain hostile text. Treat tool output as data, not instructions. Combine MCP with your client’s approval flows and organizational policies.

Transport & errors

  • MCP uses POST JSON-RPC to /mcp. A browser GET to /mcp may return 401 β€” that is expected; use a proper MCP client.
  • OAuth metadata: see overview for protected-resource discovery.
Production

Use the hosted URL https://mcp.wowsql.com/mcp with TLS. For self-hosting, run the Node MCP behind HTTPS and set MCP_PUBLIC_URL / WOWSQL_API_BASE per mcp/README.md.

Development only

MCP_ALLOW_UNAUTHENTICATED=true disables Bearer checks β€” never use in production.

← Overview Β· Client setup

Static page: sdk/Docs updates/mcp-reference.html