SQL & Data Service Guide
Query on-prem databases with parameterized reads and gated writes so sensitive data never leaves your environment.
Safe reads
`sql.query` enforces parameterization and schema allowlists to eliminate risky raw queries.
- Supports PostgreSQL, MySQL, and SQLite DSNs with more coming soon.
- Result sets stream to the orchestrator for incremental processing.
- Policies control maximum row counts and execution time.
Controlled writes
Insert or update operations require approval and emit detailed diffs before changes are applied.
- `sql.execute` proposals show affected rows and rollback statements.
- Allowlist specific tables or schemas for automation.
- All writes log before/after snapshots for auditing.
Observability
Dashboards track query latency, error rates, and throttle events so data teams can monitor adoption.
- Metrics integrate with Prometheus/Grafana via the observability exporter.
- `sql.audit` (roadmap) will surface compliance-ready change logs.
- Use CLI `mcp sql monitor` for lightweight health checks.