Skip to content

tse-wei-chen/hs-sql-agent

Repository files navigation

hs-sql-agent

The high-performance MCP server for instant SQL interaction and secure enterprise governance.

License: Apache 2.0 Docker NuGet CodeQL Advanced Tests Deploy on Zeabur

hs-sql-agent is an HTTP MCP server for relational databases (SQLite, PostgreSQL, MySQL, SQL Server, Oracle, Firebird) with a built-in Admin Panel for governance.

πŸ€” Why hs-sql-agent?

Most "Chat with your Data" tools ask the LLM to write raw SQL β€” a recipe for hallucinations, dialect confusion, and injection risks. hs-sql-agent takes a structured approach: the AI can write SQL, the server parses it into structured definitions, validates the result, and rebuilds the final query through the SQL builder before execution. Zero hallucinated syntax, zero direct string injection into the database.

  • Structured SQL Pipeline β€” The AI can write SQL, but the server parses it into structured definitions, validates it, and rebuilds the final query through the SQL builder before execution.
  • Universal DB Support β€” One agent for SQLite, PostgreSQL, MySQL, SQL Server, Oracle, and Firebird. The same MCP endpoint switches engines transparently.
  • Enterprise Governance β€” Built-in Admin Web UI, key-level connection mapping, table whitelisting, per-key CORS, rate limiting, and full audit logs.
  • Semantic Layer β€” Map cryptic legacy column names to business-friendly labels so the LLM understands your schema.

Where to use it

Use case Description
Cursor / Claude Desktop Let devs query dev/test DBs in natural language from their AI IDE.
Multi-DB agents One MCP server per database, each secured with its own API key. The agent aggregates multiple MCP connections to seamlessly orchestrate workflows across PostgreSQL, MySQL, and Oracle.
Enterprise chatbots Connect internal AI agents to ERP/CRM systems with table-level permission isolation.
Legacy modernization Bridge modern AI to decades-old databases via the semantic layer.

πŸš€ Quick Start

cp .env.example .env      # set HMAC_KEY and JWT_KEY (32+ bytes)
docker compose up -d       # http://localhost:8080

πŸ“¦ NuGet for Existing .NET APIs

Already have an ASP.NET Core API? Embed the full MCP SQL Agent + Admin UI in minutes:

dotnet add package HsSqlAgent.Server
builder.Services.AddHsSqlAgent(options => { ... });
app.UseHsSqlAgent();                    // API-only
// app.UseHsSqlAgent().ServeAdminUi();  // with Admin UI

The Admin UI is embedded in the DLL β€” no external files to deploy. See the NuGet Package guide for details.

πŸ“– Documentation

Detailed docs are on the Wiki:

Topic Link
πŸš€ Getting Started Getting-Started
✨ Features Features
πŸ“˜ MCP Tools MCP-Tools-Reference
πŸ–₯️ Admin Panel Admin-Panel
βš™οΈ Configuration Configuration
🐳 Deployment Deployment
🏠 Development Development
πŸ“‘ API Reference API-Reference
❓ FAQ FAQ

SQL Execution Flow

%%{init: {
  'theme': 'base',
  'themeVariables': {
    'primaryColor': '#18181B',
    'primaryTextColor': '#FAFAFA',
    'primaryBorderColor': '#27272A',
    'lineColor': '#52525B',
    'secondaryColor': '#27272A',
    'tertiaryColor': '#09090B',
    'mainBkg': '#09090B'
  }
}}%%

flowchart TD
    LLM(["Client :: LLM / MCP Client"])
    MCP["Server :: HsSqlAgent"]
    AUTH["Middleware :: Authentication<br/>Access Key | DB Binding | Whitelist"]
    ROUTE{"Gateway :: Router"}

    LLM -->|Call tool with SQL| MCP
    MCP --> AUTH
    AUTH --> ROUTE

    subgraph Query_Flow [" πŸ” Query Pipeline (SELECT) "]
        QPARSE["Parse Query SQL<br/>SqlDefinitionParser.ParseQuery"]
        QDEF["QueryDefinition<br/>AST Structure Data"]
        QVALID["DefinitionValidator<br/>Rule Verification"]
        QBUILD["SQL Strategy Compiler<br/>Compile Strategy"]
        QEXEC["Execution Engine<br/>Execute SELECT"]
        QRESULT(["Result :: Rows / JSON"])
        
        QPARSE --> QDEF
        QDEF --> QVALID
        QVALID --> QBUILD
        QBUILD --> QEXEC
        QEXEC --> QRESULT
    end

    subgraph DML_Flow [" ✏️ Mutation Pipeline (DML) "]
        DPARSE["Parse Mutation SQL<br/>SqlDefinitionParser.ParseDml"]
        DDEF["DmlDefinition<br/>AST Structure Data"]
        DVALID["DefinitionValidator<br/>Rule Verification"]
        DRYRUN["Transaction Dry-run<br/>Uncommitted State"]
        ELICIT["MCP Elicitation<br/>User Approval Prompt"]
        DECIDE{" Action :: Decision"}
        DEXEC["Transaction :: Commit<br/>Apply Changes"]
        DROLLBACK["Transaction :: Rollback<br/>Discard Changes"]
        
        DPARSE --> DDEF
        DDEF --> DVALID
        DVALID --> DRYRUN
        DRYRUN --> ELICIT
        ELICIT --> DECIDE
        
        DECIDE -->|Allowed| DEXEC
        DECIDE -->|Denied| DROLLBACK
    end

    ROUTE -->|execute_query_sql| QPARSE
    ROUTE -->|execute_dml_sql| DPARSE

    AUDIT[("Storage :: Async Audit Log")]
    
    QRESULT --> AUDIT
    DEXEC --> AUDIT
    DROLLBACK --> AUDIT

    classDef default fill:#18181B,stroke:#27272A,stroke-width:1px,color:#E4E4E7;
    classDef client fill:#FAFAFA,stroke:#FAFAFA,stroke-width:1px,color:#09090B;
    classDef server fill:#27272A,stroke:#3F3F46,stroke-width:1px,color:#F4F4F5;
    classDef auth fill:#09090B,stroke:#27272A,stroke-width:1px,color:#A1A1AA;
    classDef cond fill:#18181B,stroke:#FAFAFA,stroke-width:1.5px,color:#FAFAFA;
    
    classDef danger fill:#451A03,stroke:#7F1D1D,stroke-width:1px,color:#FCA5A5;
    classDef success fill:#022C22,stroke:#064E3B,stroke-width:1px,color:#86EFAC;

    class LLM client;
    class MCP,AUDIT server;
    class AUTH auth;
    class ROUTE,DECIDE cond;
    class QRESULT,DEXEC success;
    class DROLLBACK danger;
Loading

DML Approval Prompt

This is what the human-in-the-loop approval step looks like during execute_dml_sql:

🀝 Contributing

See CONTRIBUTING.md and the Development wiki page.

πŸ“œ License

Apache License 2.0

About

C# SQL Agent MCP server featuring raw SQL input, strict AST validation, and an embedded Admin UI. Eliminates LLM hallucinations and security risks across 6 major databases.

Topics

Resources

License

Contributing

Security policy

Stars

Watchers

Forks

Packages

 
 
 

Contributors