Using the Oracle SQLcl MCP Server

3 Using the Oracle SQLcl MCP Server

The Oracle SQLcl Model Context Protocol (MCP) Server transforms how you interact with the Oracle Database by enabling seamless communication with Artificial Intelligence (AI) applications.

It enables you to perform operations, create reports, and run queries on Oracle Database using natural language through AI-powered interactions. Discover the capabilities of the Oracle SQLcl MCP Server, and learn how to use it with popular MCP clients.

Caution:

When you grant a large language model (LLM) access to your database, it introduces significant security risks. Because LLMs use the data you input to generate responses, you might inadvertently expose unintended tables or sensitive details.

To mitigate these risks, implement the following safeguards:

Assign minimum permissions: Configure the database user account used by the LLM with the absolute minimum permissions required for its tasks. This approach limits what the LLM can access.
Avoid production database access: Do not grant LLMs direct access to production databases. Instead, you should use a sanitized, read-only replica or a dedicated data subset.
Audit LLM activity: Regularly audit the queries executed by the LLM. This helps you detect anomalies or the attempts to access restricted data. To support your auditing efforts, the SQLcl MCP Server provides the following built-in monitoring capabilities:
- Session tracking: It populates V$SESSION.MODULE with the MCP client in use, and V$SESSION.ACTION with the LLM’s name.
- Activity logging: It creates a table named DBTOOLS$MCP_LOG that records every interaction and SQL execution.
- Query identification: All LLM-generated queries through the SQLcl MCP Server’s tools include the following comment for easy identification in the logs: /* LLM in use ... */.
To learn more about monitoring, see Monitoring the SQLcl MCP Server.

Topics: