Labsco
ThinAirTelematics logo

ThinAir Data

from ThinAirTelematics

Read-only MCP server for PostgreSQL, MySQL, and SQL Server with schema introspection, SQL query execution, EXPLAIN/optimization, anomaly detection, PII scanning, and N+1 query detection.

πŸ”₯πŸ”₯πŸ”₯πŸ”₯βœ“ VerifiedFreeAdvanced setup

ThinAir Data MCP Server

The only MCP database server for PostgreSQL, MySQL, and SQL Server in one session β€” 23 dialect-aware tools across 4 tiers, from schema introspection to cross-database compare, query firewall, PII scanning, and N+1 detection. Read-only by design.

23 read-only tools Β· PostgreSQL Β· MySQL Β· SQL Server Β· Schema discovery, profiling, SQL safety, anomaly detection

smithery badge

> describe_schema("fleet")
βœ“ 42 tables discovered Β· 6 high-value entities
βœ“ no write permissions enabled
> ask("Which vehicles had the most idle time last week?")
βœ“ generated safe read-only SQL Β· returned 10 rows Β· flagged 3 exceptions

Part of ThinAir

ThinAir Data is part of the ThinAir platform for fleet visibility, analytics, operational search, reporting, and AI-assisted decision support.

Hosted product vs this repository

  • data.thinair.co is the hosted ThinAir product.
  • This repository is the thin public MCP package/pointer for developers and AI-agent clients.
  • Production use may require a ThinAir account, API key, OAuth connection, or hosted workspace.

What It Does

ThinAir Data is a Model Context Protocol (MCP) server that gives AI agents secure, read-only access to your databases β€” no custom backend required. Designed for read-only production access when configured correctly. ThinAir Data enforces read-only behavior through SQL guards, database-session read-only mode where supported, and optional per-connection firewall rules. You should still use least-privilege database credentials and avoid exposing sensitive tables unless required.

  • Multi-database β€” PostgreSQL, MySQL, SQL Server in a single session. Cross-database compare with one tool call.
  • Read-only by design β€” SQL guards, database-session read-only mode where supported, and optional per-connection firewall rules.
  • Dialect-aware β€” every tool understands SELECT TOP 10 (mssql) vs LIMIT (others) and routes syntax correctly per connection.
  • Tiered capability β€” 23 tools across 4 tiers: schema introspection, query execution + history, EXPLAIN/optimization, anomaly detection, PII scanning, N+1 detection, query firewall, cross-DB compare.
  • Connections are managed at runtime β€” added per-tenant via the add_connection tool after sign-in. Never an env var or install-time config.

Tools (selected β€” full list of 23 in docs)

ToolTierDescription
list_connectionsdiscoverList connected databases with names + dialects
describe_schemadiscoverGet schema, columns, indexes, FKs across any connection
query_sqldiscoverExecute a parameterized read-only SQL query
query_historybuildRecent queries with timing, row counts, status
data_profilebuildDistributions, null rates, cardinality on a table
cross_db_queryarchitectRun the same query across 2–4 connections (regional/dialect compare)
detect_anomaliesarchitectStatistical outliers in row growth, latency, value distributions
pii_scanarchitectScan a table for PII patterns (SSN, email, phone, credit card)
find_n_plus_onearchitectIdentify N+1 query patterns in query_history
query_firewallarchitectPer-connection custom-block rules (deny specific tables/queries)

add_connection, query_optimize, explain_query, suggest_queries, generate_migration, watch_table, saved_queries, impact_analysis, and others round out the 23-tool surface.

Supported Databases

Database connections are added at runtime via the add_connection MCP tool β€” pass the DSN once, the connection becomes a named resource the agent can reuse across sessions. Three dialects supported:

DatabaseConnection string format
PostgreSQLpostgresql://user:pass@host:5432/db
MySQLmysql://user:pass@host:3306/db
SQL Serversqlserver://user:pass@host:1433/db

You do not put a DSN in your client's config. The add_connection tool is how connections enter the session.

Not for secrets

Do not commit DSNs, passwords, tokens, private keys, or production credentials. Use OAuth, the hosted connection flow, or your MCP client's secret storage.

npm Package

npmjs.com/package/@thinairtelematics/data

Previously published as thinair-data (now deprecated in favor of the scoped package).