Merge pull request #2 from griffithsbs/allow-read-only-queries-that-do-not-start-with-select-keyword

dynamike · web-flow · commit 386df866b18e · 2025-03-28T15:47:40.000-07:00
Allow read-only queries that do not start with SELECT keyword
diff --git a/mcp_server_snowflake/main.py b/mcp_server_snowflake/main.py
@@ -22,6 +22,8 @@
 from mcp.server.models import InitializationOptions
 from mcp.server.lowlevel import NotificationOptions
 from dotenv import load_dotenv
+import sqlglot
+from sqlglot.errors import ParseError
 
 from mcp_server_snowflake.utils.snowflake_conn import (
     SnowflakeConfig,
@@ -346,9 +348,16 @@ async def handle_execute_query(
                 )
             ]
 
-        # Validate that the query is read-only (SELECT statement)
-        query = query.strip()
-        if not query.upper().startswith("SELECT "):
+        # Validate that the query is read-only
+        try:
+            parsed_statements = sqlglot.parse(query, dialect="snowflake")
+            read_only_types = {'select', 'show', 'describe', 'explain', 'with'}
+
+            for stmt in parsed_statements:
+                if stmt.key.lower() not in read_only_types:
+                    raise ParseError(f"Error: Only read-only queries are allowed. Found statement type: {stmt.key}")
+
+        except ParseError:
             return [
                 mcp_types.TextContent(
                     type="text",
diff --git a/pyproject.toml b/pyproject.toml
@@ -16,6 +16,7 @@ dependencies = [
     "cryptography>=41.0.0",
     "mcp",
     "anyio>=3.7.1",
+    "sqlglot>=11.5.5"
 ]
 
 [project.scripts]
diff --git a/uv.lock b/uv.lock
