Skip to content
scopweb MCP-Go-MSSQL

query_database

Executes a SQL query against the MSSQL database using prepared statements.

Parameters

Section titled “Parameters”
NameTypeRequiredDescription
querystringYesSQL query to execute

Usage example

Section titled “Usage example”
{
  "name": "query_database",
  "arguments": {
    "query": "SELECT TOP 10 * FROM users WHERE active = 1"
  }
}

Allowed queries

Section titled “Allowed queries”

In read mode (MSSQL_READ_ONLY=true)

Section titled “In read mode (MSSQL_READ_ONLY=true)”
  • SELECT — Always allowed
  • INSERT, UPDATE, DELETE — Only on whitelisted tables
  • EXEC, xp_cmdshell — Always blocked

In full mode (MSSQL_READ_ONLY=false)

Section titled “In full mode (MSSQL_READ_ONLY=false)”
  • All standard SQL operations
  • EXEC, xp_cmdshell — Always blocked for security

Query examples

Section titled “Query examples”
-- Simple query
SELECT * FROM products WHERE price > 100


-- Complex JOIN
SELECT u.name, COUNT(o.id) as total_orders
FROM users u
JOIN orders o ON u.id = o.user_id
GROUP BY u.name


-- CTE
WITH recent_orders AS (
    SELECT * FROM orders WHERE order_date > DATEADD(day, -30, GETDATE())
)
SELECT * FROM recent_orders


-- Window functions
SELECT name, salary,
    ROW_NUMBER() OVER (PARTITION BY department ORDER BY salary DESC) as rank
FROM employees

Security

Section titled “Security”
  • Queries are executed with PrepareContext() — no SQL string concatenation
  • Maximum query size is configurable via MSSQL_MAX_QUERY_SIZE
  • A 30-second timeout is applied by default
  • In read-only mode, all referenced tables are validated (including JOINs and subqueries)