Database MCP

Read-only and shadow mode

Read-only and shadow modes let teams test MCP database workflows before enabling guarded writeback.

Overview

Read-only mode exposes inspect tools only. Proposal tools fail closed, and no writeback path exists.

Shadow mode allows proposal tools to create local proposals, evidence, query audit, and replay records, but approval and writeback-job creation remain disabled. The source database is never mutated.

Use shadow mode when you want to see exact diffs and evidence with realistic model/tool traffic, but you are not ready to let any approved workflow reach a write credential.

Developer notes

Start in read-only or shadow mode for a new source.
Do not treat a shadow proposal as permission to write.
Move to review mode only after table mappings, allowed columns, tenant scope, and conflict guards are reviewed.
Keep approval and commit outside model-callable tools.

Initialize modes

modes.sh

synapsor init --engine postgres --mode read_only --output synapsor.readonly.json
synapsor init --engine postgres --mode shadow --output synapsor.shadow.json
synapsor init --engine postgres --mode review --output synapsor.review.json

Examples

text

read_only -> inspect only
shadow    -> inspect + local proposals + replay, no approval/writeback
review    -> inspect + proposals + human approval + guarded writeback