feat: Enhance database schema handling and security features

- Updated TableSchema to include detailed column information, foreign keys, and primary keys.
- Introduced ColumnInfo and ForeignKey types for better schema representation.
- Added security components: QueryValidator for SQL query validation and PIIMasker for data masking.
- Implemented query modification to enforce row limits on executed queries.
- Added tools for listing tables and describing table schemas with detailed output.
- Enhanced MCPServer to manage custom tools and integrate security features.
- Created tests for query validation, PII masking, schema loading, and tool handling.

Author: y11t0

CHANGELOG.md

@@ -5,7 +5,53 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
+## [0.2.0] - 2026-02-15
+
+### Added
+- **Enterprise-Grade Security Features:**
+  - **AST-Based Query Sanitization**: Uses sqlparser library for deep SQL analysis
+    - Blocks dangerous operations: INSERT, UPDATE, DELETE, DROP, ALTER, TRUNCATE, EXEC, MERGE, etc.
+    - Allows only SELECT and WITH (CTE) queries
+    - Validates queries at AST level, not just regex
+  - **PII Data Masking**: Automatically masks personally identifiable information
+    - Built-in patterns: Credit cards, emails, SSNs, Turkish IDs, IBANs, phone numbers
+    - Configurable custom patterns via regex
+    - Enable/disable per pattern
+    - Enterprise-ready for GDPR/KVKK compliance
+  - **Automatic Row Limiting**: Prevents database overload
+    - Configurable max row limit (default: 1000)
+    - Automatically adds LIMIT clause to queries
+    - Preserves existing LIMIT if present
+- **Dynamic Tool Generation:**
+  - New `list_tables` tool: Lists all tables in a database with summary information
+  - New `describe_table` tool: Shows detailed schema for a specific table
+  - Custom tool support: Define reusable SQL queries as MCP tools in config
+  - Parameter substitution in custom queries using `{{parameter}}` syntax
+- **Automatic Schema Discovery:** CoreMCP now automatically scans database tables, columns, primary keys, and foreign keys on startup
+- **Column Comments/Descriptions Support:** Extracts and presents database column comments (e.g., MS_Description in MSSQL) to AI for better context
+- **Schema Context Prompt:** New `database_schema` MCP prompt that provides complete database structure to Claude automatically
+- **Enhanced Schema Types:** 
+  - New `ColumnInfo` type with name, data type, nullable flag, and description
+  - New `ForeignKey` type with full relationship information
+  - Enhanced `TableSchema` with primary keys array
+- **MSSQL Extended Support:**
+  - Automatic extraction of column descriptions from MS_Description extended properties
+  - Full primary key discovery
+  - Complete foreign key relationship mapping
+
+### Changed
+- **Query Execution**: Now uses security validator and row limiter for all queries
+- **Config Structure**: Added `security` section with PII masking and row limit configuration
+- **MCP Server**: Added `list_tables` and `describe_table` handlers
+- **Config Structure**: Added `custom_tools` section for defining custom query tools
+- **MSSQL Adapter:** Enhanced `GetSchema()` to retrieve complete table metadata including types, constraints, and relationships
+- **MCP Server:** Added automatic schema loading during startup via `LoadSchemas()` method
+- **Core Types:** Updated `TableSchema` structure to support rich metadata
+
+### Security
+- **BREAKING**: All queries now validated with AST parser (blocks write operations)
+- **BREAKING**: Automatic LIMIT clause added to all SELECT queries (configurable)
+- PII masking can be enabled via `security.enable_pii_masking` in config
 
 ## [0.1.0] - 2026-02-14
 

README.md

@@ -12,6 +12,10 @@ CoreMCP by CoreBaseHQ provides a secure, extensible bridge between AI assistants
 ## 🚀 Features
 **⚠️ Safety First: CoreMCP is designed to be Read-Only by default. We strongly recommend creating a specific database user with SELECT permissions only.**
 - 🔌 **Multiple Database Support**: MSSQL, Firebird (coming soon), and extensible adapter system
+- 🧠 **Automatic Schema Discovery**: CoreMCP automatically scans your database tables, columns, foreign keys, and descriptions to provide AI context
+- 📝 **Column Comments Support**: Extracts and presents database column comments/descriptions to the AI for better query understanding
+- 🛠️ **Dynamic Tool Generation**: Built-in tools for common operations (list tables, describe schema) plus custom tool support
+- 🎯 **Custom Query Tools**: Define reusable SQL queries as MCP tools in your config file
 - 🛡️ **Secure**: Read-only mode support, connection string isolation
 - 🎯 **MCP Native**: Built specifically for Model Context Protocol
 - 🔧 **Easy Configuration**: Simple YAML-based setup
@@ -72,6 +76,40 @@ sqlserver://username:password@host:port?database=dbname&encrypt=disable
 dummy://test
 ```
 
+### Security Configuration
+
+CoreMCP includes enterprise-grade security features:
+
+```yaml
+security:
+  # Maximum rows to return (prevents DB overload)
+  max_row_limit: 1000
+  
+  # Enable PII masking
+  enable_pii_masking: true
+  
+  # PII patterns to mask
+  pii_patterns:
+    - name: "credit_card"
+      pattern: '\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b'
+      replacement: "****-****-****-****"
+      enabled: true
+    - name: "email"
+      pattern: '\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b'
+      replacement: "***@***.***"
+      enabled: true
+    - name: "turkish_id"
+      pattern: '\b[1-9]\d{10}\b'
+      replacement: "***********"
+      enabled: true
+```
+
+**Security Features:**
+- **AST-Based Query Validation**: Uses sqlparser to analyze SQL queries and block dangerous operations (DROP, ALTER, UPDATE, DELETE, TRUNCATE, EXEC, etc.)
+- **Automatic Row Limiting**: Adds LIMIT clause to prevent accidentally returning millions of rows
+- **PII Data Masking**: Automatically masks sensitive data like credit cards, emails, SSNs, Turkish IDs, IBANs
+- **Configurable Patterns**: Define custom regex patterns for your specific PII requirements
+
 ## 🎯 Usage
 
 ### Start the MCP Server
@@ -121,11 +159,13 @@ coremcp/
 └── coremcp.yaml       # Configuration file
 ```
 
-## 🔌 Available Tools
+## 🔌 Available Tools & Prompts
 
-### `query_database`
+### Built-in Tools
 
-Executes SQL queries on configured database sources.
+#### `query_database`
+
+Executes arbitrary SQL queries on configured database sources.
 
 **Parameters:**
 - `source_name` (required): Name of the database source from config
@@ -136,6 +176,82 @@ Executes SQL queries on configured database sources.
 SELECT * FROM users WHERE id = 1
 ```
 
+#### `list_tables`
+
+Lists all tables in a database with summary information.
+
+**Parameters:**
+- `source_name` (required): Name of the database source
+
+**Returns:** List of tables with column counts, primary keys, and foreign key counts.
+
+#### `describe_table`
+
+Shows detailed schema information for a specific table.
+
+**Parameters:**
+- `source_name` (required): Name of the database source
+- `table_name` (required): Name of the table to describe
+
+**Returns:** Complete table schema including:
+- Column names and data types
+- Nullable information
+- Primary keys
+- Foreign key relationships
+- Column descriptions/comments
+
+### Custom Tools
+
+You can define reusable SQL queries as custom MCP tools in your `coremcp.yaml`:
+
+```yaml
+custom_tools:
+  - name: "get_daily_sales"
+    description: "Retrieves daily sales summary for a specific date"
+    source: "production_db"
+    query: "SELECT * FROM orders WHERE DATE(created_at) = '{{date}}'"
+    parameters:
+      - name: "date"
+        description: "Date in YYYY-MM-DD format"
+        required: true
+
+  - name: "get_top_customers"
+    description: "Lists top N customers by order count"
+    source: "production_db"
+    query: "SELECT user_id, COUNT(*) as order_count FROM orders GROUP BY user_id ORDER BY order_count DESC LIMIT {{limit}}"
+    parameters:
+      - name: "limit"
+        description: "Number of customers to return"
+        required: true
+        default: "10"
+```
+
+**Benefits:**
+- Encapsulate complex queries
+- Provide simple interfaces for common operations
+- Parameters are automatically validated
+- AI can discover and use these tools automatically
+
+### `database_schema` Prompt
+
+Automatically provides complete database schema context to the AI, including:
+- Table names
+- Column names with data types
+- Primary keys
+- Foreign key relationships
+- Column descriptions/comments from the database
+
+When CoreMCP starts, it automatically:
+1. Connects to all configured databases
+2. Scans the schema (tables, columns, keys, relationships)
+3. Extracts column comments/descriptions (e.g., `MS_Description` in MSSQL)
+4. Creates a comprehensive context prompt for the AI
+
+This allows Claude to understand your database structure and write accurate queries without you having to explain the schema manually.
+
+**Example:**
+When you ask Claude "Show me all sales", Claude can see that you have a `TBLSATIS` table with specific columns and automatically write the correct query.
+
 ## 🛠️ Adding Custom Adapters
 
 1. Create a new package in `pkg/adapter/yourdb/`
@@ -158,19 +274,26 @@ Apache License 2.0 - see [LICENSE](LICENSE) for details.
 
 ## 🌟 Roadmap
 
+- [x] **Automatic Schema Discovery** - Load database structure on startup
+- [x] **Column Comments/Descriptions** - Extract and display database metadata
+- [x] **Dynamic Tool Generation** - list_tables, describe_table tools
+- [x] **Custom Query Tools** - Define reusable queries in config
+- [x] **AST-Based Query Sanitization** - Block dangerous SQL operations
+- [x] **PII Data Masking** - Mask sensitive information in results
+- [x] **Automatic Row Limiting** - Prevent database overload
 - [ ] PostgreSQL adapter
 - [ ] MySQL adapter
 - [ ] Firebird adapter (in progress)
-- [ ] Schema introspection tools
 - [ ] Query result caching
 - [ ] HTTP transport support
 - [ ] Write operation support (with strict safety guards)
+- [ ] Audit logging
 
 ## 💬 Support
 
 - 🐛 [Report a bug](https://github.com/corebasehq/coremcp/issues/new?template=bug_report.md)
 - 💡 [Request a feature](https://github.com/corebasehq/coremcp/issues/new?template=feature_request.md)
-- 📧 Email: support@corebase.com
+- 📧 Email: support@corebasehq.com
 
 ---
 

cmd/coremcp/serve.go

@@ -6,6 +6,8 @@ import (
 	"os"
 
 	"github.com/corebasehq/coremcp/pkg/adapter"
+	"github.com/corebasehq/coremcp/pkg/config"
+	"github.com/corebasehq/coremcp/pkg/security"
 	"github.com/corebasehq/coremcp/pkg/server"
 	"github.com/spf13/cobra"
 )
@@ -24,6 +26,21 @@ var serveCmd = &cobra.Command{
 
 		mcpSrv := server.NewMCPServer(cfg.Server.Name, cfg.Server.Version)
 
+		// Configure security features
+		log.Println("Configuring security features...")
+		piiPatterns := convertPIIPatterns(cfg.Security.PIIPatterns)
+		if err := mcpSrv.ConfigureSecurity(
+			cfg.Security.MaxRowLimit,
+			cfg.Security.EnablePIIMasking,
+			piiPatterns,
+			cfg.Security.AllowedKeywords,
+			cfg.Security.BlockedKeywords,
+		); err != nil {
+			log.Fatalf("CRITICAL: Failed to configure security: %v", err)
+		}
+		log.Printf("Security configured: MaxRowLimit=%d, PIIMasking=%v",
+			cfg.Security.MaxRowLimit, cfg.Security.EnablePIIMasking)
+
 		for _, sourceCfg := range cfg.Sources {
 			src, err := adapter.NewSource(sourceCfg.Type, sourceCfg.DSN)
 			if err != nil {
@@ -39,6 +56,37 @@ var serveCmd = &cobra.Command{
 			log.Printf("Source ready: %s (%s) [ReadOnly: %v]", sourceCfg.Name, sourceCfg.Type, sourceCfg.ReadOnly)
 		}
 
+		// Load database schemas for AI context
+		log.Println("Loading database schemas for AI context...")
+		if err := mcpSrv.LoadSchemas(cmd.Context()); err != nil {
+			log.Printf("WARNING: Failed to load schemas: %v", err)
+		} else {
+			log.Println("Database schemas loaded successfully!")
+		}
+
+		// Register custom tools from config
+		if len(cfg.CustomTools) > 0 {
+			log.Printf("Registering %d custom tool(s)...", len(cfg.CustomTools))
+			for _, toolCfg := range cfg.CustomTools {
+				params := make([]string, len(toolCfg.Parameters))
+				for i, p := range toolCfg.Parameters {
+					params[i] = p.Name
+				}
+
+				if err := mcpSrv.AddCustomTool(
+					toolCfg.Name,
+					toolCfg.Description,
+					toolCfg.Source,
+					toolCfg.Query,
+					params,
+				); err != nil {
+					log.Printf("WARNING: Failed to register custom tool %s: %v", toolCfg.Name, err)
+				} else {
+					log.Printf("Custom tool registered: %s", toolCfg.Name)
+				}
+			}
+		}
+
 		transport, _ := cmd.Flags().GetString("transport")
 		if transport == "stdio" {
 			log.Println("CoreMCP started on Stdio. Waiting for MCP client...")
@@ -56,3 +104,17 @@ func init() {
 
 	serveCmd.Flags().StringP("transport", "t", "stdio", "Transport type: stdio or http")
 }
+
+// convertPIIPatterns converts config PII patterns to security PII patterns.
+func convertPIIPatterns(configPatterns []config.PIIMaskPattern) []security.MaskPattern {
+	patterns := make([]security.MaskPattern, len(configPatterns))
+	for i, p := range configPatterns {
+		patterns[i] = security.MaskPattern{
+			Name:        p.Name,
+			Pattern:     p.Pattern,
+			Replacement: p.Replacement,
+			Enabled:     p.Enabled,
+		}
+	}
+	return patterns
+}

coremcp.example.yaml

@@ -34,3 +34,75 @@ sources:
 # DSN Format Examples:
 # MSSQL: sqlserver://username:password@host:port?database=dbname&encrypt=disable
 # Dummy: dummy://anything
+
+# Security configuration
+security:
+  # Maximum number of rows to return from any query (prevents DB overload)
+  max_row_limit: 1000
+
+  # Enable PII (Personally Identifiable Information) masking
+  enable_pii_masking: true
+
+  # PII patterns to mask in query results
+  pii_patterns:
+    - name: "credit_card"
+      pattern: '\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b'
+      replacement: "****-****-****-****"
+      enabled: true
+
+    - name: "email"
+      pattern: '\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b'
+      replacement: "***@***.***"
+      enabled: true
+
+    - name: "turkish_id"
+      pattern: '\b[1-9]\d{10}\b'
+      replacement: "***********"
+      enabled: true
+
+    - name: "phone"
+      pattern: '\b\d{3}[-.\s]?\d{3}[-.\s]?\d{4}\b'
+      replacement: "***-***-****"
+      enabled: true
+
+    - name: "iban"
+      pattern: '\b[A-Z]{2}\d{2}[A-Z0-9]{1,30}\b'
+      replacement: "********************"
+      enabled: false  # Disabled by default
+
+  # Additional SQL keywords to allow (beyond SELECT/WITH)
+  allowed_keywords: []
+
+  # Additional SQL keywords to block (beyond default dangerous ones)
+  blocked_keywords: []
+
+# Custom tools configuration (optional)
+# Define reusable queries as MCP tools
+custom_tools:
+  # Example: Get daily sales summary
+  - name: "get_daily_sales"
+    description: "Retrieves daily sales summary for a specific date"
+    source: "test_db"
+    query: "SELECT * FROM orders WHERE DATE(created_at) = '{{date}}'"
+    parameters:
+      - name: "date"
+        description: "Date in YYYY-MM-DD format"
+        required: true
+
+  # Example: Get top customers
+  - name: "get_top_customers"
+    description: "Lists top N customers by order count"
+    source: "test_db"
+    query: "SELECT user_id, COUNT(*) as order_count FROM orders GROUP BY user_id ORDER BY order_count DESC LIMIT {{limit}}"
+    parameters:
+      - name: "limit"
+        description: "Number of top customers to return"
+        required: true
+        default: "10"
+
+  # Example: No-parameter custom query
+  - name: "get_pending_orders"
+    description: "Gets all orders with pending status"
+    source: "test_db"
+    query: "SELECT * FROM orders WHERE status = 'pending' ORDER BY created_at DESC"
+    parameters: []