by bytebase
Zero-dependency, token-efficient database MCP server for Postgres, MySQL, SQL Server, MariaDB, SQLite.
# Add to your Claude Code skills
git clone https://github.com/bytebase/dbhubGuides for using ai agents skills like dbhub.
Last scanned: 4/23/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@aws-sdk/client-cognito-identity: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/core: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-cognito-identity: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-env: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-http: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-ini: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-login: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-node: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-process: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-sso: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-provider-web-identity: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/credential-providers: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/middleware-sdk-s3: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/middleware-user-agent: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/nested-clients: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/rds-signer: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/signature-v4-multi-region: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/token-providers: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/util-user-agent-node: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/xml-builder: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@azure/identity: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@azure/msal-node: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@testcontainers/mariadb: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@testcontainers/mssqlserver: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@testcontainers/mysql: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@testcontainers/postgresql: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "dockerode: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "fast-xml-parser: fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "mssql: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "tedious: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "testcontainers: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "uuid: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided",
"severity": "medium"
}
],
"status": "PASSED",
"scannedAt": "2026-04-23T06:07:08.507Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}[!NOTE]
Brought to you by Bytebase, open-source database DevSecOps platform.
+------------------+ +--------------+ +------------------+
| | | | | |
| | | | | |
| Claude Desktop +--->+ +--->+ PostgreSQL |
| | | | | |
| Claude Code +--->+ +--->+ SQL Server |
| | | | | |
| Cursor +--->+ DBHub +--->+ SQLite |
| | | | | |
| VS Code +--->+ +--->+ MySQL |
| | | | | |
| Copilot CLI +--->+ +--->+ MariaDB |
| | | | | |
| | | | | |
+------------------+ +--------------+ +------------------+
MCP Clients MCP Server Databases
DBHub is a zero-dependency, token efficient MCP server implementing the Model Context Protocol (MCP) server interface. This lightweight gateway allows MCP-compatible clients to connect to and explore different databases:
PostgreSQL, MySQL, SQL Server, MariaDB, and SQLite.
DBHub implements MCP tools for database operations:
dbhub.toml configuration fileDBHub includes a built-in web interface for interacting with your database tools. It provides a visual way to execute queries, run custom tools, and view request traces without requiring an MCP client.

See the full Installation Guide for detailed instructions.
Docker:
docker run --rm --init \
--name dbhub \
--publish 8080:8080 \
bytebase/dbhub \
--transport http \
--port 8080 \
--dsn "postgres://user:password@localhost:5432/dbname?sslmode=disable"
NPM: (requires Node.js >= 22.5.0)
npx @bytebase/dbhub@latest --transport http --port 8080 --dsn "postgres://user:password@localhost:5432/dbname?sslmode=disable"
MCP Bundle (one-click install):
Download dbhub-<version>.mcpb from the latest release and install it in any MCPB-compatible client — Claude Desktop (double-click, or drag into Settings → Extensions), Claude Code, or MCP for Windows — then enter your database connection string. The bundle runs locally over stdio, is read-only by design (writes are rejected and the database session is set to read-only at the engine level), and needs no remote endpoint or OAuth setup — ideal for giving non-technical teammates curated, read-only database access. Pair it with a least-privilege, read-only database account. See the MCP Bundle guide for details and for packaging your own bundle.
Demo Mode:
npx @bytebase/dbhub@latest --transport http --port 8080 --demo
Restrict to loopback (recommended for production):
npx @bytebase/dbhub@latest --transport http --host 127.0.0.1 --port 8080 --demo
The HTTP transport defaults to
--host 0.0.0.0, exposing DBHub on every network interface. For production, bind to127.0.0.1and front DBHub with a reverse proxy (nginx/Caddy) or firewall — DBHub does not authenticate HTTP clients.The HTTP transport also has built-in DNS-rebinding protection: it only accepts requests whose
Hostis loopback, this machine's own hostname/IPs, or a name you allow via--allowed-hosts. If a client behind a reverse proxy or custom DNS name gets a403, add that hostname with--allowed-hosts.
See Command-Line Options for all available parameters.
Connect to multiple databases simultaneously using TOML configuration files. Perfect for managing production, staging, and development databases from a single DBHub instance.
See Multi-Database Configuration for complete setup instructions.
Requires Node.js >= 22.5.0 (DBHub uses the built-in node:sqlite module).
# Install dependencies
pnpm install
# Run in development mode
pnpm dev
# Build and run for production
pnpm build && pnpm start --transport stdio --dsn "postgres://user:password@localhost:5432/dbname"
dbhub is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by bytebase. Zero-dependency, token-efficient database MCP server for Postgres, MySQL, SQL Server, MariaDB, SQLite. It has 3,140 GitHub stars.
Yes. dbhub passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/bytebase/dbhub" and add it to your Claude Code skills directory (see the Installation section above).
dbhub is primarily written in TypeScript. It is open-source under bytebase on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh dbhub against similar tools.
No comments yet. Be the first to share your thoughts!