sqlrite-mcp 0.2.0

Model Context Protocol (MCP) server for SQLRite. Exposes a SQLRite database to LLM agents over stdio.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

//! `execute` — run DDL / DML / transaction control.
//!
//! Disabled in `--read-only` mode. The protocol layer hides this tool
//! from `tools/list` AND rejects calls server-side, so a misbehaving
//! client can't bypass the flag.
//!
//! Returns the engine's status string ("3 rows inserted",
//! "table created", etc.) — same shape the REPL prints.

use serde::Deserialize;
use serde_json::{Value, json};

use crate::error::ToolError;
use crate::protocol::ServerState;

pub fn metadata() -> Value {
    json!({
        "name": "execute",
        "description": "Execute a DDL, DML, or transaction-control statement against the \
                        database. Returns a status string describing what changed \
                        (e.g. \"3 rows inserted\", \"table users created\"). \
                        SELECT statements should go through the `query` tool instead — \
                        this tool returns a status string only, not row data. \
                        Disabled when the server runs with `--read-only`.",
        "inputSchema": {
            "type": "object",
            "properties": {
                "sql": {
                    "type": "string",
                    "description": "A single non-SELECT statement (CREATE / INSERT / \
                                    UPDATE / DELETE / BEGIN / COMMIT / ROLLBACK / \
                                    DROP / ALTER, etc.).",
                },
            },
            "required": ["sql"],
            "additionalProperties": false,
        }
    })
}

#[derive(Deserialize)]
struct Args {
    sql: String,
}

pub fn handle(args: Value, state: &mut ServerState) -> Result<String, ToolError> {
    let args: Args = serde_json::from_value(args)
        .map_err(|e| ToolError::new(format!("invalid arguments: {e}")))?;

    let trimmed = args.sql.trim_start().to_ascii_lowercase();
    if trimmed.starts_with("select") {
        return Err(ToolError::new(
            "the `execute` tool returns a status string, not rows. \
             Use the `query` tool for SELECT statements."
                .to_string(),
        ));
    }

    let status = state.conn.execute(&args.sql)?;
    Ok(status)
}