MaintenanceActively maintained — last activity 1 days ago.GitHub · as of Jul 12, 2026
Pass
ProvenanceOrigin linked to a public source repository.Official MCP Registry · as of Jul 11, 2026
Pass
Supply chainNo known vulnerabilities in scanned package dependencies (OSV).OSV (Google Open Source Vulnerabilities) · as of Jul 12, 2026
Pass
Manifest integrityManifest capture requires running the package (sandbox phase).
Pending
Behavioral trustNo live endpoint to observe.
Not applicable
Connect
pypi package · v0.1.1 · stdio
uvx querypilot
QUERYPILOT_DATABASE_URLrequiredsecret
SQLAlchemy-style database connection URL, e.g. sqlite:///demo.db or postgresql://user:pass@host:5432/db. Equivalent to --database-url.
QUERYPILOT_DIALECT
SQL dialect for the connector. Equivalent to --dialect.
QUERYPILOT_MAX_ROWS
Maximum rows returned per query. Equivalent to --max-rows.
QUERYPILOT_TIMEOUT_SECONDS
Query execution timeout in seconds. Equivalent to --timeout-seconds.
QUERYPILOT_ACCESS_POLICY_JSON
JSON-encoded AccessPolicy (blocked_columns, allowed_columns, row_filters, masking_rules) enforced before execution. Equivalent to --access-policy-json.
QUERYPILOT_MCP_TRANSPORT
MCP transport used by `querypilot mcp`. Equivalent to --transport. Most MCP clients should leave this at stdio; streamable-http is for clients that speak Streamable HTTP directly.
Provenance
Official MCP Registry · as of Jul 11, 2026 · registry-tos
OSV (Google Open Source Vulnerabilities) · as of Jul 12, 2026 · CC-BY-4.0
GitHub · as of Jul 12, 2026 · github-tos
Every verdict is attributable to its sources and recomputed from our own landed copy, never read live on this page.