Documentation: Recommend against CRATEDB_MCP_PERMIT_ALL_STATEMENTS

amotl · amotl · commit 01ddc747ee3e · 2025-05-16T13:17:18.000+02:00
diff --git a/README.md b/README.md
@@ -45,7 +45,7 @@ We do not recommend letting LLM-based agents insert or modify data by itself.
 As such, only `SELECT` statements are permitted and forwarded to the database.
 All other operations will raise a `ValueError` exception, unless the
 `CRATEDB_MCP_PERMIT_ALL_STATEMENTS` environment variable is set to a
-truthy value.
+truthy value. This is **not** recommended.
 
 # Install
 ```shell
diff --git a/cratedb_mcp/util/sql.py b/cratedb_mcp/util/sql.py
@@ -15,7 +15,7 @@ def sql_is_permitted(expression: str) -> bool:
     Validate the SQL expression, only permit read queries by default.
 
     When the `CRATEDB_MCP_PERMIT_ALL_STATEMENTS` environment variable is set,
-    allow all types of statements.
+    allow all types of statements. This is **not** recommended.
 
     FIXME: Revisit implementation, it might be too naive or weak.
            Issue:    https://github.com/crate/cratedb-mcp/issues/10
