Model Context Protocol moderate risk

Greptimedb

GreptimeDB MCP server enables AI assistants to query and analyze time-series data in GreptimeDB using SQL/TQL, with security features like read-only enforcement and data masking.

Connections & Capabilities

Connects To

GitHubMySQLKubernetes

Capabilities

readwriteexec

Quickstart

Install

pip install greptimedb-mcp-server

Config

{
  "mcpServers": {
    "greptimedb": {
      "command": "greptimedb-mcp-server",
      "args": ["--host", "localhost", "--database", "public"]
    }
  }
}

Exposed MCP Tools (10)

moderate

execute_sql

Executes SQL queries against the GreptimeDB database.

Can potentially modify data depending on the SQL query and user permissions.

safe

execute_tql

Executes TQL (PromQL-compatible) queries for time-series data analysis.

Read-only access to time-series data.

safe

query_range

Executes time-window aggregation queries with RANGE/ALIGN syntax.

Read-only access to aggregated time-series data.

safe

describe_table

Retrieves the schema of a specified table.

Provides read-only metadata about the table structure.

safe

explain_query

Analyzes the execution plan of a SQL or TQL query.

Provides read-only analysis of query execution.

safe

health_check

Checks the database connection status and server version.

Provides read-only status information.

safe

list_pipelines

Lists all pipelines or gets details of a specific pipeline.

Provides read-only access to pipeline metadata.

moderate

create_pipeline

Creates a new pipeline with YAML configuration.

Creates a new data pipeline, which can potentially impact data ingestion and processing.

safe

dryrun_pipeline

Tests a pipeline with sample data without writing to the database.

Tests a pipeline without making any persistent changes.

high

delete_pipeline

Deletes a specific version of a pipeline.

Deletes a pipeline, which can disrupt data ingestion and processing.

Safety Assessment

The GreptimeDB MCP server provides reasonable security controls, especially when configured with a read-only user and data masking enabled. However, it's crucial to properly configure allowed hosts to prevent DNS rebinding attacks and to be aware of the limitations of pattern-based data masking.

Application-level security gate blocks destructive SQL commands.
Data masking protects sensitive information.
Audit logging tracks tool invocations.
Read-only database user is recommended.

Potential for SQL injection if input sanitization is insufficient.
Data masking relies on pattern matching, which may not catch all sensitive data.
Improper configuration of allowed hosts can lead to DNS rebinding attacks.
If not configured correctly, the server can expose the database to the network.