Skip to content

jparkerweb/mcp-sqlite

MCP Data & Storage

Model Context Protocol (MCP) server that provides comprehensive SQLite database interaction capabilities

Track releases GitHub Website
JavaScript Latest 1.0.9 · 2mo ago Security brief →

Features

  • Full CRUD (Create, Read, Update, Delete) operations on SQLite tables
  • Database introspection: list tables and retrieve table schemas
  • Execute arbitrary custom SQL queries via a dedicated `query` tool

Recent releases

View all 3 releases →
1.0.9 Security relevant
Security fixes
  • SQL injection vulnerability (CWE-89) in CRUD operations and get_table_schema fixed with table and column name validation
Full changelog

What's New 🎉

[1.0.9] - 2026-04-04

🛡️ Security

  • Fixed SQL injection vulnerability (CWE-89) in all CRUD operations and get_table_schema
  • Table names are now validated against sqlite_master before query construction
  • Column names are now validated against the target table's schema
  • All SQL identifiers are properly quoted with double-quote escaping
View release on GitHub
1.0.8 Bugfix

Minor fixes and improvements.

Full changelog

What's New 🎉

[1.0.8] - 2026-03-14

🐛 Fixed

  • Fixed Zod v4 compatibility by using explicit string keys
View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
107
Forks
16
Language
JavaScript
Downloads/week
13 ↑80%
NPM Maintainers
2
Contributors
2
View on GitHub View on npm Homepage

Install & Platforms

Install via
npm

Community & Support

Sponsor / Fund

Similar tools

xexr/mcp-libsql
andyWang1688/sql-query-mcp
mbentham/SqlAugur
kiliczsh/mcp-mongo-server
designcomputer/mysql_mcp_server

Beta — feedback welcome: [email protected]