MCP Server: Database Query Tool

Open MCP Endpoint (No Auth)

Secured MCP Endpoint (Auth0 OAuth)

Two databases, ~2 million rows of cricket ball-by-ball data (2013-2025):

• Postgres (Supabase) - ODI cricket, ~1M rows
• DuckDB (embedded) - T20 cricket, ~1M rows
• Both read-only at database and application level
• JSON and TSV output (TSV uses ~70% fewer tokens)

Connect from Claude Code, Claude Desktop, Claude.ai (web connectors), Claude in Excel, or any MCP-compatible client. Setup instructions in the README.

The open endpoint is intentionally public - no auth, anyone with the URL can query. This is safe because of a 23-layer defense stack covering:

• Cloudflare WAF + application-level rate limiting
• Per-IP and global concurrency caps
• 12-layer SQL validation - prefix allowlist, keyword blocklist, resource exhaustion blocking, self-join detection, response size limits, comment rejection
• System catalog and metadata function blocking
• Query timeouts with DuckDB engine interrupt
• Database-level read-only enforcement (Postgres + DuckDB)
• DuckDB resource limits + container resource limits
• Error message sanitization - no internal details leaked
• Auth0 OAuth with JWT verification on the secured endpoint

Full details in the README. For a broader web app security checklist (95 items across all stacks), see tigzig.com/security.

The source code is open (Apache 2.0). Clone, configure your databases, and deploy:

git clone https://github.com/amararun/shared-fastapi-database-mcp.git
pip install -r requirements.txt
cp .env.example .env  # add your DB connection strings
uvicorn app:app --host 0.0.0.0 --port 8000

Swap in your own Postgres or DuckDB databases. Auth0 OAuth is optional - set the AUTH0_* environment variables to enable the secured endpoint, or leave them unset to run with just the open endpoint.

Stack: FastAPI, asyncpg, DuckDB, fastapi-mcp, python-jose, SlowAPI.