diff --git a/MssqlMcp/dotnet/MssqlMcp.Tests/ReadDataToolTests.cs b/MssqlMcp/dotnet/MssqlMcp.Tests/ReadDataToolTests.cs
new file mode 100644
index 0000000..b7ba6de
--- /dev/null
+++ b/MssqlMcp/dotnet/MssqlMcp.Tests/ReadDataToolTests.cs
@@ -0,0 +1,423 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license.
+
+using Microsoft.Extensions.Logging;
+using Moq;
+using Mssql.McpServer;
+
+namespace MssqlMcp.Tests
+{
+    [Collection("Database Tests")]
+    public sealed class MssqlMcpReadDataToolTests : IDisposable
+    {
+        private readonly string _tableName;
+        private readonly Tools _tools;
+
+        public MssqlMcpReadDataToolTests()
+        {
+            _tableName = $"ReadDataTest_{Guid.NewGuid():N}";
+            var connectionFactory = new SqlConnectionFactory();
+            var loggerMock = new Mock<ILogger<Tools>>();
+            _tools = new Tools(connectionFactory, loggerMock.Object);
+        }
+
+        public void Dispose()
+        {
+            // Clean up test table if it exists
+            var _ = _tools.DropTable($"DROP TABLE IF EXISTS {_tableName}").GetAwaiter().GetResult();
+        }
+
+
+        [Fact]
+        public async Task ReadData_ReturnsData_WhenSqlIsValid()
+        {
+            // Set up test table with data
+            var createResult = await _tools.CreateTable($"CREATE TABLE {_tableName} (Id INT PRIMARY KEY)") as DbOperationResult;
+            Assert.NotNull(createResult);
+            Assert.True(createResult.Success);
+            var insertResult = await _tools.InsertData($"INSERT INTO {_tableName} (Id) VALUES (1)") as DbOperationResult;
+            Assert.NotNull(insertResult);
+            Assert.True(insertResult.Success);
+
+            var sql = $"SELECT * FROM {_tableName}";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.True(result.Success);
+            Assert.NotNull(result.Data);
+        }
+
+        [Fact]
+        public async Task ReadData_ReturnsError_WhenSqlIsInvalid()
+        {
+            var sql = "SELECT FROM";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Database query execution failed", result.Error ?? string.Empty, StringComparison.OrdinalIgnoreCase);
+        }
+
+
+        [Fact]
+        public async Task ReadData_Security_RejectsDeleteStatement()
+        {
+            var sql = "DELETE FROM users WHERE id = 1";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Query must start with SELECT", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsDropStatement()
+        {
+            var sql = "DROP TABLE users";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Query must start with SELECT", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsUpdateStatement()
+        {
+            var sql = "UPDATE users SET admin = 1";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Query must start with SELECT", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsInsertStatement()
+        {
+            var sql = "INSERT INTO users VALUES ('hacker', 'password')";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            // INSERT gets caught either by "must start with SELECT" or keyword detection
+            Assert.True(
+                result.Error?.Contains("Query must start with SELECT") == true ||
+                result.Error?.Contains("Dangerous keyword 'INSERT'") == true
+            );
+        }
+
+        [Theory]
+        [InlineData("DELETE", "DELETE FROM users")]
+        [InlineData("DROP", "SELECT * FROM users WHERE 1=1 OR DROP TABLE accounts")]
+        [InlineData("TRUNCATE", "SELECT * FROM users; TRUNCATE TABLE logs")]
+        [InlineData("EXEC", "SELECT * FROM users EXEC sp_help")]
+        [InlineData("EXECUTE", "SELECT * FROM users EXECUTE xp_cmdshell")]
+        [InlineData("ALTER", "SELECT * FROM users; ALTER TABLE users ADD admin BIT")]
+        [InlineData("CREATE", "SELECT * FROM users; CREATE TABLE hacked (id INT)")]
+        [InlineData("GRANT", "SELECT * FROM users; GRANT ALL TO hacker")]
+        [InlineData("REVOKE", "SELECT * FROM users; REVOKE SELECT ON users FROM public")]
+        [InlineData("BACKUP", "SELECT * FROM users; BACKUP DATABASE test TO DISK='hack.bak'")]
+        [InlineData("RESTORE", "SELECT * FROM users; RESTORE DATABASE test FROM DISK='hack.bak'")]
+        [InlineData("SHUTDOWN", "SELECT * FROM users; SHUTDOWN")]
+        public async Task ReadData_Security_RejectsAllDangerousKeywords(string keyword, string sql)
+        {
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            // Different keywords might trigger different validation rules - some caught by "must start with SELECT", others by keyword detection
+            Assert.True(
+                result.Error?.Contains($"Dangerous keyword '{keyword}'", StringComparison.OrdinalIgnoreCase) == true ||
+                result.Error?.Contains("Query must start with SELECT") == true ||
+                result.Error?.Contains("malicious SQL pattern") == true ||
+                result.Error?.Contains("Multiple SQL statements") == true
+            );
+        }
+
+
+        [Fact]
+        public async Task ReadData_Security_RejectsSemicolonInjection()
+        {
+            var sql = "SELECT * FROM users; DROP TABLE accounts--";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            // Should catch either multiple statements or the DROP keyword
+            Assert.True(
+                result.Error?.Contains("Multiple SQL statements") == true ||
+                result.Error?.Contains("Dangerous keyword 'DROP'") == true
+            );
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsUnionWithDangerousKeyword()
+        {
+            var sql = "SELECT id FROM users UNION SELECT * FROM passwords; DELETE FROM logs";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Dangerous keyword 'DELETE' detected", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsStoredProcedureExecution()
+        {
+            var sql = "SELECT * FROM users WHERE id = 1 EXEC xp_cmdshell 'dir'";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Dangerous keyword 'EXEC' detected", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsCommentInjection()
+        {
+            // The validation strips comments first, so DELETE in comments should be caught
+            var sql = "SELECT * FROM users /* injected DELETE FROM accounts */";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Dangerous keyword 'DELETE' detected", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsLineCommentInjection()
+        {
+            var sql = "SELECT * FROM users -- DELETE FROM accounts";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            // After stripping comments, should be valid unless DELETE is in the actual query
+            // This one should actually pass since DELETE is only in the comment
+            // Let's test one where it matters
+            var sql2 = "SELECT * FROM users WHERE id = 1 OR 1=1 -- UNION DELETE";
+            var result2 = await _tools.ReadData(sql2) as DbOperationResult;
+            // This should pass as DELETE is in comment
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsWaitforDelay()
+        {
+            var sql = "SELECT * FROM users WHERE id = 1 WAITFOR DELAY '00:00:05'";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Dangerous keyword 'WAITFOR' detected", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsCharObfuscation()
+        {
+            var sql = "SELECT * FROM users WHERE name = 'test' + CHAR(59) + 'DROP TABLE users'";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Dangerous keyword 'DROP' detected", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsNCharObfuscation()
+        {
+            var sql = "SELECT * FROM users WHERE name = NCHAR(0x44) + NCHAR(0x52) + NCHAR(0x4F) + NCHAR(0x50)";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Potentially malicious SQL pattern detected.", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsBulkOperations()
+        {
+            var sql = "SELECT * FROM OPENROWSET('SQLNCLI', 'Server=hack;Trusted_Connection=yes;', 'SELECT * FROM users')";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            // Should be caught by OPENROWSET keyword or pattern
+            Assert.True(
+                result.Error?.Contains("Dangerous keyword 'OPENROWSET'") == true ||
+                result.Error?.Contains("malicious SQL pattern") == true
+            );
+        }
+
+
+        [Fact]
+        public async Task ReadData_Security_RejectsNonSelectStatement()
+        {
+            var sql = "INSERT INTO users VALUES ('hacker', 'password')";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Query must start with SELECT", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsEmptyQuery()
+        {
+            var sql = "   ";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Query must be a non-empty string", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsNullQuery()
+        {
+            string sql = null!;
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Query must be a non-empty string", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsVeryLongQuery()
+        {
+            // Build a query that exceeds the 10,000 character limit
+            var sql = "SELECT " + new string('a', 10001) + " FROM users";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Query is too long", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsMultipleStatements()
+        {
+            var sql = "SELECT * FROM users; SELECT * FROM passwords";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.False(result.Success);
+            Assert.Contains("Security validation failed: Potentially malicious SQL pattern detected. Only simple SELECT queries are allowed.", result.Error ?? string.Empty);
+        }
+
+        [Fact]
+        public async Task ReadData_Security_RejectsCaseVariationsOfDangerousKeywords()
+        {
+            var queries = new[]
+            {
+                "DeLeTe FROM users",
+                "dRoP TABLE users",
+                "UpDaTe users SET admin = 1",
+                "iNsErT INTO users VALUES (1)",
+                "tRuNcAtE TABLE logs"
+            };
+
+            foreach (var sql in queries)
+            {
+                var result = await _tools.ReadData(sql) as DbOperationResult;
+                Assert.NotNull(result);
+                Assert.False(result.Success);
+                // Should be rejected either for not starting with SELECT or dangerous keyword
+                Assert.True(
+                    result.Error?.Contains("Query must start with SELECT") == true ||
+                    result.Error?.Contains("Dangerous keyword") == true
+                );
+            }
+        }
+
+
+        [Theory]
+        [InlineData("SELECT * FROM users")]
+        [InlineData("SELECT id, name FROM customers WHERE active = 1")]
+        [InlineData("SELECT COUNT(*) FROM orders")]
+        [InlineData("SELECT updated_at, created_at FROM logs")] // Tests that 'UPDATE' in column name is OK
+        [InlineData("SELECT * FROM user_updates")] // Tests that 'UPDATE' in table name is OK
+        [InlineData("select * from users")] // Lowercase should work
+        [InlineData("SeLeCt * FrOm users")] // Mixed case should work
+        [InlineData("SELECT TOP 10 * FROM users ORDER BY created_at DESC")] // TOP and ORDER BY
+        [InlineData("SELECT u.*, o.order_date FROM users u JOIN orders o ON u.id = o.user_id")] // JOIN syntax
+        public async Task ReadData_Security_AllowsValidSelectQueries(string sql)
+        {
+            // Create test table to actually run these queries
+            var testTableName = $"ReadDataTest_{Guid.NewGuid():N}";
+            await _tools.CreateTable($"CREATE TABLE {testTableName} (id INT, name VARCHAR(50), active BIT, updated_at DATETIME, created_at DATETIME, user_id INT, order_date DATETIME)");
+            
+            // Replace placeholder table names with our test table
+            sql = sql.Replace("users", testTableName)
+                     .Replace("customers", testTableName)
+                     .Replace("orders", testTableName)
+                     .Replace("logs", testTableName)
+                     .Replace("user_updates", testTableName);
+            
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.True(result.Success);
+            
+            // Clean up
+            await _tools.DropTable($"DROP TABLE IF EXISTS {testTableName}");
+        }
+
+        [Fact]
+        public async Task ReadData_Security_AllowsSelectWithUpdatedAtColumn()
+        {
+            // This specifically tests that we don't false-positive on column names containing keywords
+            var testTableName = $"ReadDataTest_{Guid.NewGuid():N}";
+            await _tools.CreateTable($"CREATE TABLE {testTableName} (id INT, updated_at DATETIME, deleted_flag BIT, created_by VARCHAR(50))");
+            
+            var sql = $"SELECT id, updated_at, deleted_flag, created_by FROM {testTableName}";
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.True(result.Success);
+            
+            // Clean up
+            await _tools.DropTable($"DROP TABLE IF EXISTS {testTableName}");
+        }
+
+        [Fact]
+        public async Task ReadData_Security_AllowsComplexValidQuery()
+        {
+            // Test a complex but valid SELECT query
+            var testTableName = $"ReadDataTest_{Guid.NewGuid():N}";
+            await _tools.CreateTable($"CREATE TABLE {testTableName} (id INT, category VARCHAR(50), amount DECIMAL(10,2), created_at DATETIME)");
+            
+            var sql = $@"SELECT 
+                            category,
+                            COUNT(*) as count,
+                            SUM(amount) as total,
+                            AVG(amount) as average,
+                            MIN(created_at) as first_created,
+                            MAX(created_at) as last_created
+                        FROM {testTableName}
+                        WHERE amount > 0
+                        GROUP BY category
+                        HAVING COUNT(*) > 1
+                        ORDER BY total DESC";
+            
+            var result = await _tools.ReadData(sql) as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.True(result.Success);
+            
+            // Clean up
+            await _tools.DropTable($"DROP TABLE IF EXISTS {testTableName}");
+        }
+
+
+        [Fact]
+        public async Task ReadData_SanitizeResult_RemovesSuspiciousCharactersFromColumnNames()
+        {
+            // Create a table with suspicious characters in column names
+            var testTableName = $"ReadDataTest_{Guid.NewGuid():N}";
+            await _tools.CreateTable($@"CREATE TABLE {testTableName} (
+                [normal_id] INT,
+                [bad<script>] VARCHAR(50),
+                [evil&injection] VARCHAR(50),
+                [ok_name] VARCHAR(50)
+            )");
+            
+            // Insert test data
+            await _tools.InsertData($"INSERT INTO {testTableName} VALUES (1, 'test', 'data', 'ok')");
+            
+            // Query the data - this will go through SanitizeResult
+            var result = await _tools.ReadData($"SELECT * FROM {testTableName}") as DbOperationResult;
+            
+            Assert.NotNull(result);
+            Assert.True(result.Success);
+            Assert.NotNull(result.Data);
+            
+            // Check that suspicious characters were removed from column names
+            var firstRow = ((List<Dictionary<string, object?>>)result.Data).First();
+            Assert.Contains("normal_id", firstRow.Keys);
+            Assert.Contains("badscript", firstRow.Keys); // <script> should be removed
+            Assert.Contains("evilinjection", firstRow.Keys); // &injection should be sanitized
+            Assert.Contains("ok_name", firstRow.Keys);
+            
+            // Cleanup
+            await _tools.DropTable($"DROP TABLE IF EXISTS {testTableName}");
+        }
+    }
+}
\ No newline at end of file
diff --git a/MssqlMcp/dotnet/MssqlMcp.Tests/UnitTests.cs b/MssqlMcp/dotnet/MssqlMcp.Tests/UnitTests.cs
index 8058a86..c0eb8d4 100644
--- a/MssqlMcp/dotnet/MssqlMcp.Tests/UnitTests.cs
+++ b/MssqlMcp/dotnet/MssqlMcp.Tests/UnitTests.cs
@@ -7,13 +7,14 @@
 
 namespace MssqlMcp.Tests
 {
+    [Collection("Database Tests")]
     public sealed class MssqlMcpTests : IDisposable
     {
         private readonly string _tableName;
         private readonly Tools _tools;
         public MssqlMcpTests()
         {
-            _tableName = $"TestTable_{Guid.NewGuid():N}";
+            _tableName = $"UnitTest_{Guid.NewGuid():N}";
             var connectionFactory = new SqlConnectionFactory();
             var loggerMock = new Mock<ILogger<Tools>>();
             _tools = new Tools(connectionFactory, loggerMock.Object);
@@ -93,23 +94,6 @@ public async Task ListTables_ReturnsTables()
             Assert.NotNull(result.Data);
         }
 
-        [Fact]
-        public async Task ReadData_ReturnsData_WhenSqlIsValid()
-        {
-            // Ensure table exists and has data
-            var createResult = await _tools.CreateTable($"CREATE TABLE {_tableName} (Id INT PRIMARY KEY)") as DbOperationResult;
-            Assert.NotNull(createResult);
-            Assert.True(createResult.Success);
-            var insertResult = await _tools.InsertData($"INSERT INTO {_tableName} (Id) VALUES (1)") as DbOperationResult;
-            Assert.NotNull(insertResult);
-            Assert.True(insertResult.Success);
-
-            var sql = $"SELECT * FROM {_tableName}";
-            var result = await _tools.ReadData(sql) as DbOperationResult;
-            Assert.NotNull(result);
-            Assert.True(result.Success);
-            Assert.NotNull(result.Data);
-        }
 
         [Fact]
         public async Task UpdateData_ReturnsSuccess_WhenSqlIsValid()
@@ -168,15 +152,6 @@ public async Task InsertData_ReturnsError_WhenSqlIsInvalid()
             Assert.Contains("syntax", result.Error ?? string.Empty, StringComparison.OrdinalIgnoreCase);
         }
 
-        [Fact]
-        public async Task ReadData_ReturnsError_WhenSqlIsInvalid()
-        {
-            var sql = "SELECT FROM";
-            var result = await _tools.ReadData(sql) as DbOperationResult;
-            Assert.NotNull(result);
-            Assert.False(result.Success);
-            Assert.Contains("syntax", result.Error ?? string.Empty, StringComparison.OrdinalIgnoreCase);
-        }
 
         [Fact]
         public async Task UpdateData_ReturnsError_WhenSqlIsInvalid()
@@ -210,5 +185,122 @@ public async Task SqlInjection_NotExecuted_When_QueryFails()
             Assert.NotNull(describeResult);
             Assert.True(describeResult.Success);
         }
+
+        [Fact]
+        public async Task ReadOnlyMode_ListTables_ReturnsSuccess_WhenReadOnlyIsTrue()
+        {
+            // Set READONLY environment variable
+            Environment.SetEnvironmentVariable("READONLY", "true");
+            try
+            {
+                var result = await _tools.ListTables() as DbOperationResult;
+                Assert.NotNull(result);
+                Assert.True(result.Success);
+                Assert.NotNull(result.Data);
+            }
+            finally
+            {
+                // Clean up environment variable
+                Environment.SetEnvironmentVariable("READONLY", null);
+            }
+        }
+
+        [Fact]
+        public async Task ReadOnlyMode_CreateTable_ReturnsError_WhenReadOnlyIsTrue()
+        {
+            // Set READONLY environment variable
+            Environment.SetEnvironmentVariable("READONLY", "true");
+            try
+            {
+                var sql = $"CREATE TABLE {_tableName} (Id INT PRIMARY KEY)";
+                var result = await _tools.CreateTable(sql) as DbOperationResult;
+                Assert.NotNull(result);
+                Assert.False(result.Success);
+                Assert.Contains("CREATE TABLE operation is not allowed in READONLY mode", result.Error ?? string.Empty);
+            }
+            finally
+            {
+                // Clean up environment variable
+                Environment.SetEnvironmentVariable("READONLY", null);
+            }
+        }
+
+        [Fact]
+        public async Task ReadOnlyMode_InsertData_ReturnsError_WhenReadOnlyIsTrue()
+        {
+            // Set READONLY environment variable
+            Environment.SetEnvironmentVariable("READONLY", "true");
+            try
+            {
+                var sql = $"INSERT INTO {_tableName} (Id) VALUES (1)";
+                var result = await _tools.InsertData(sql) as DbOperationResult;
+                Assert.NotNull(result);
+                Assert.False(result.Success);
+                Assert.Contains("INSERT operation is not allowed in READONLY mode", result.Error ?? string.Empty);
+            }
+            finally
+            {
+                // Clean up environment variable
+                Environment.SetEnvironmentVariable("READONLY", null);
+            }
+        }
+
+        [Fact]
+        public async Task ReadOnlyMode_UpdateData_ReturnsError_WhenReadOnlyIsTrue()
+        {
+            // Set READONLY environment variable
+            Environment.SetEnvironmentVariable("READONLY", "true");
+            try
+            {
+                var sql = $"UPDATE {_tableName} SET Id = 2 WHERE Id = 1";
+                var result = await _tools.UpdateData(sql) as DbOperationResult;
+                Assert.NotNull(result);
+                Assert.False(result.Success);
+                Assert.Contains("UPDATE operation is not allowed in READONLY mode", result.Error ?? string.Empty);
+            }
+            finally
+            {
+                // Clean up environment variable
+                Environment.SetEnvironmentVariable("READONLY", null);
+            }
+        }
+
+        [Fact]
+        public async Task ReadOnlyMode_DropTable_ReturnsError_WhenReadOnlyIsTrue()
+        {
+            // Set READONLY environment variable
+            Environment.SetEnvironmentVariable("READONLY", "true");
+            try
+            {
+                var sql = $"DROP TABLE IF EXISTS {_tableName}";
+                var result = await _tools.DropTable(sql) as DbOperationResult;
+                Assert.NotNull(result);
+                Assert.False(result.Success);
+                Assert.Contains("DROP TABLE operation is not allowed in READONLY mode", result.Error ?? string.Empty);
+            }
+            finally
+            {
+                // Clean up environment variable
+                Environment.SetEnvironmentVariable("READONLY", null);
+            }
+        }
+
+        [Fact]
+        public async Task TestConnection_ReturnsSuccess_WhenConnectionIsValid()
+        {
+            var result = await _tools.TestConnection() as DbOperationResult;
+            Assert.NotNull(result);
+            Assert.True(result.Success);
+            Assert.NotNull(result.Data);
+            
+            var dict = result.Data as System.Collections.IDictionary;
+            Assert.NotNull(dict);
+            Assert.True(dict.Contains("ConnectionState"));
+            Assert.True(dict.Contains("Database"));
+            Assert.True(dict.Contains("ServerVersion"));
+            Assert.True(dict.Contains("DataSource"));
+            Assert.True(dict.Contains("ConnectionTimeout"));
+            Assert.Equal("Open", dict["ConnectionState"]?.ToString());
+        }
     }
 }
\ No newline at end of file
diff --git a/MssqlMcp/dotnet/MssqlMcp/Program.cs b/MssqlMcp/dotnet/MssqlMcp/Program.cs
index c8b7614..0b318c1 100644
--- a/MssqlMcp/dotnet/MssqlMcp/Program.cs
+++ b/MssqlMcp/dotnet/MssqlMcp/Program.cs
@@ -4,6 +4,7 @@
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Logging;
+using ModelContextProtocol.Server;
 
 namespace Mssql.McpServer;
 
@@ -30,11 +31,31 @@ private static async Task Main(string[] args)
         _ = builder.Services.AddSingleton<ISqlConnectionFactory, SqlConnectionFactory>();
         _ = builder.Services.AddSingleton<Tools>();
 
-        // Register MCP server and tools (instance-based)
-        _ = builder.Services
+        // Check if READONLY mode is enabled
+        bool isReadOnlyMode = Environment.GetEnvironmentVariable("READONLY")?.Equals("true", StringComparison.OrdinalIgnoreCase) ?? false;
+
+        // Register MCP server and tools
+        var mcpServerBuilder = builder.Services
             .AddMcpServer()
-            .WithStdioServerTransport()
-            .WithToolsFromAssembly();
+            .WithStdioServerTransport();
+
+        if (isReadOnlyMode)
+        {
+            // Load only ReadOnly tools when in ReadOnly mode
+            var readOnlyTools = new List<McpServerTool>
+            {
+                McpServerTool.Create(typeof(Tools).GetMethod("TestConnection")!, typeof(Tools), new() { Services = null }),
+                McpServerTool.Create(typeof(Tools).GetMethod("DescribeTable")!, typeof(Tools), new() { Services = null }),
+                McpServerTool.Create(typeof(Tools).GetMethod("ListTables")!, typeof(Tools), new() { Services = null }),
+                McpServerTool.Create(typeof(Tools).GetMethod("ReadData")!, typeof(Tools), new() { Services = null })
+            };
+            mcpServerBuilder.WithTools(readOnlyTools);
+        }
+        else
+        {
+            // Load all tools from assembly when not in ReadOnly mode
+            mcpServerBuilder.WithToolsFromAssembly(typeof(Tools).Assembly);
+        }
 
         // Build the host
         var host = builder.Build();
diff --git a/MssqlMcp/dotnet/MssqlMcp/Tools/CreateTable.cs b/MssqlMcp/dotnet/MssqlMcp/Tools/CreateTable.cs
index 9cab7d5..07ceda2 100644
--- a/MssqlMcp/dotnet/MssqlMcp/Tools/CreateTable.cs
+++ b/MssqlMcp/dotnet/MssqlMcp/Tools/CreateTable.cs
@@ -17,6 +17,11 @@ public partial class Tools
     public async Task<DbOperationResult> CreateTable(
         [Description("CREATE TABLE SQL statement")] string sql)
     {
+        if (IsReadOnlyMode)
+        {
+            return new DbOperationResult(success: false, error: "CREATE TABLE operation is not allowed in READONLY mode");
+        }
+
         var conn = await _connectionFactory.GetOpenConnectionAsync();
         try
         {
diff --git a/MssqlMcp/dotnet/MssqlMcp/Tools/DropTable.cs b/MssqlMcp/dotnet/MssqlMcp/Tools/DropTable.cs
index 9d247b4..419eb98 100644
--- a/MssqlMcp/dotnet/MssqlMcp/Tools/DropTable.cs
+++ b/MssqlMcp/dotnet/MssqlMcp/Tools/DropTable.cs
@@ -17,6 +17,11 @@ public partial class Tools
     public async Task<DbOperationResult> DropTable(
         [Description("DROP TABLE SQL statement")] string sql)
     {
+        if (IsReadOnlyMode)
+        {
+            return new DbOperationResult(success: false, error: "DROP TABLE operation is not allowed in READONLY mode");
+        }
+
         var conn = await _connectionFactory.GetOpenConnectionAsync();
         try
         {
diff --git a/MssqlMcp/dotnet/MssqlMcp/Tools/InsertData.cs b/MssqlMcp/dotnet/MssqlMcp/Tools/InsertData.cs
index d72e0bf..33d97ba 100644
--- a/MssqlMcp/dotnet/MssqlMcp/Tools/InsertData.cs
+++ b/MssqlMcp/dotnet/MssqlMcp/Tools/InsertData.cs
@@ -17,6 +17,11 @@ public partial class Tools
     public async Task<DbOperationResult> InsertData(
         [Description("INSERT SQL statement")] string sql)
     {
+        if (IsReadOnlyMode)
+        {
+            return new DbOperationResult(success: false, error: "INSERT operation is not allowed in READONLY mode");
+        }
+
         var conn = await _connectionFactory.GetOpenConnectionAsync();
         try
         {
diff --git a/MssqlMcp/dotnet/MssqlMcp/Tools/ReadData.cs b/MssqlMcp/dotnet/MssqlMcp/Tools/ReadData.cs
index de25fe8..cde0cba 100644
--- a/MssqlMcp/dotnet/MssqlMcp/Tools/ReadData.cs
+++ b/MssqlMcp/dotnet/MssqlMcp/Tools/ReadData.cs
@@ -2,6 +2,7 @@
 // Licensed under the MIT license.
 
 using System.ComponentModel;
+using System.Text.RegularExpressions;
 using Microsoft.Data.SqlClient;
 using Microsoft.Extensions.Logging;
 using ModelContextProtocol.Server;
@@ -9,15 +10,188 @@
 namespace Mssql.McpServer;
 public partial class Tools
 {
+    // Pre-compiled regex for dangerous keywords - much faster than creating regex objects on each call
+    // Using word boundaries to avoid false positives (e.g., "UPDATED_AT" shouldn't match "UPDATE")
+    private static readonly Regex DangerousKeywordsRegex = new(
+        @"\b(DELETE|DROP|UPDATE|INSERT|ALTER|CREATE|TRUNCATE|EXEC|EXECUTE|MERGE|REPLACE|" +
+        @"GRANT|REVOKE|COMMIT|ROLLBACK|TRANSACTION|BEGIN|DECLARE|SET|USE|BACKUP|" +
+        @"RESTORE|KILL|SHUTDOWN|WAITFOR|OPENROWSET|OPENDATASOURCE|OPENQUERY|OPENXML|BULK)\b",
+        RegexOptions.IgnoreCase | RegexOptions.Compiled);
+
+    // Regex patterns to detect common SQL injection techniques
+    private static readonly Regex[] DangerousPatterns = 
+    [
+        // Semicolon followed by dangerous keywords
+        new(@";\s*(DELETE|DROP|UPDATE|INSERT|ALTER|CREATE|TRUNCATE|EXEC|EXECUTE|MERGE|REPLACE|GRANT|REVOKE)", RegexOptions.IgnoreCase),
+        
+        // UNION injection attempts with dangerous keywords
+        new(@"UNION\s+(?:ALL\s+)?SELECT.*?(DELETE|DROP|UPDATE|INSERT|ALTER|CREATE|TRUNCATE|EXEC|EXECUTE)", RegexOptions.IgnoreCase),
+        
+        // Comment-based injection attempts
+        new(@"--.*?(DELETE|DROP|UPDATE|INSERT|ALTER|CREATE|TRUNCATE|EXEC|EXECUTE)", RegexOptions.IgnoreCase),
+        new(@"/\*.*?(DELETE|DROP|UPDATE|INSERT|ALTER|CREATE|TRUNCATE|EXEC|EXECUTE).*?\*/", RegexOptions.IgnoreCase),
+        
+        // Stored procedure execution patterns
+        new(@"EXEC\s*\(", RegexOptions.IgnoreCase),
+        new(@"EXECUTE\s*\(", RegexOptions.IgnoreCase),
+        new(@"sp_", RegexOptions.IgnoreCase),
+        new(@"xp_", RegexOptions.IgnoreCase),
+        
+        // Bulk operations
+        new(@"BULK\s+INSERT", RegexOptions.IgnoreCase),
+        new(@"OPENROWSET", RegexOptions.IgnoreCase),
+        new(@"OPENDATASOURCE", RegexOptions.IgnoreCase),
+        
+        // System functions that could be dangerous
+        new(@"@@", RegexOptions.None),
+        new(@"SYSTEM_USER", RegexOptions.IgnoreCase),
+        new(@"USER_NAME", RegexOptions.IgnoreCase),
+        new(@"DB_NAME", RegexOptions.IgnoreCase),
+        new(@"HOST_NAME", RegexOptions.IgnoreCase),
+        
+        // Time delay attacks
+        new(@"WAITFOR\s+DELAY", RegexOptions.IgnoreCase),
+        new(@"WAITFOR\s+TIME", RegexOptions.IgnoreCase),
+        
+        // Multiple statements (semicolon not at end)
+        new(@";\s*\w", RegexOptions.None),
+        
+        // String concatenation that might hide malicious code
+        new(@"\+\s*CHAR\s*\(", RegexOptions.IgnoreCase),
+        new(@"\+\s*NCHAR\s*\(", RegexOptions.IgnoreCase),
+        new(@"\+\s*ASCII\s*\(", RegexOptions.IgnoreCase)
+    ];
+
+    /// <summary>
+    /// Validates the SQL query for security issues
+    /// </summary>
+    /// <param name="query">The SQL query to validate</param>
+    /// <returns>Validation result with success flag and error message if invalid</returns>
+    private (bool IsValid, string? Error) ValidateQuery(string query)
+    {
+        if (string.IsNullOrWhiteSpace(query))
+        {
+            return (false, "Query must be a non-empty string");
+        }
+
+        // Remove comments and normalize whitespace for analysis
+        var cleanQuery = Regex.Replace(query, @"--.*$", "", RegexOptions.Multiline) // Remove line comments
+            .Replace("/*", "").Replace("*/", "") // Remove block comments (simple approach)
+            .Trim();
+
+        cleanQuery = Regex.Replace(cleanQuery, @"\s+", " "); // Normalize whitespace
+
+        if (string.IsNullOrWhiteSpace(cleanQuery))
+        {
+            return (false, "Query cannot be empty after removing comments");
+        }
+
+        var upperQuery = cleanQuery.ToUpperInvariant();
+
+        // Must start with SELECT
+        if (!upperQuery.StartsWith("SELECT"))
+        {
+            return (false, "Query must start with SELECT for security reasons");
+        }
+
+        // Check for dangerous keywords using our pre-compiled regex
+        var match = DangerousKeywordsRegex.Match(cleanQuery);
+        if (match.Success)
+        {
+            return (false, $"Dangerous keyword '{match.Value.ToUpper()}' detected in query. Only SELECT operations are allowed.");
+        }
+
+        // Check for dangerous patterns using regex
+        foreach (var pattern in DangerousPatterns)
+        {
+            if (pattern.IsMatch(query))
+            {
+                return (false, "Potentially malicious SQL pattern detected. Only simple SELECT queries are allowed.");
+            }
+        }
+
+        // Additional validation: Check for multiple statements
+        var statements = cleanQuery.Split(';', StringSplitOptions.RemoveEmptyEntries);
+        if (statements.Length > 1)
+        {
+            return (false, "Multiple SQL statements are not allowed. Use only a single SELECT statement.");
+        }
+
+        // Check for suspicious string patterns that might indicate obfuscation
+        if (query.Contains("CHAR(") || query.Contains("NCHAR(") || query.Contains("ASCII("))
+        {
+            return (false, "Character conversion functions are not allowed as they may be used for obfuscation.");
+        }
+
+        // Limit query length to prevent potential DoS
+        if (query.Length > 10000)
+        {
+            return (false, "Query is too long. Maximum allowed length is 10,000 characters.");
+        }
+
+        return (true, null);
+    }
+
+    /// <summary>
+    /// Sanitizes the query result to prevent any potential security issues
+    /// </summary>
+    /// <param name="data">The query result data</param>
+    /// <returns>Sanitized data</returns>
+    private List<Dictionary<string, object?>> SanitizeResult(List<Dictionary<string, object?>> data)
+    {
+        // Limit the number of returned records to prevent memory issues
+        const int maxRecords = 10000;
+        if (data.Count > maxRecords)
+        {
+            _logger.LogWarning("Query returned {Count} records, limiting to {MaxRecords}", data.Count, maxRecords);
+            data = data.Take(maxRecords).ToList();
+        }
+
+        // Early check: if no data or no suspicious characters in any column names, return as-is
+        if (data.Count == 0 || !data[0].Keys.Any(key => Regex.IsMatch(key, @"[^\w\s\-_.]")))
+        {
+            return data;
+        }
+
+        return data.Select(record =>
+        {
+            var sanitized = new Dictionary<string, object?>();
+            foreach (var (key, value) in record)
+            {
+                // Sanitize column names (remove any suspicious characters)
+                var sanitizedKey = Regex.Replace(key, @"[^\w\s\-_.]", "");
+                if (sanitizedKey != key)
+                {
+                    _logger.LogWarning("Column name sanitized: {Original} -> {Sanitized}", key, sanitizedKey);
+                }
+                sanitized[sanitizedKey] = value;
+            }
+            return sanitized;
+        }).ToList();
+    }
+
     [McpServerTool(
         Title = "Read Data",
         ReadOnly = true,
         Idempotent = true,
         Destructive = false),
-        Description("Executes SQL queries against SQL Database to read data")]
+        Description("Executes a SELECT query on an MSSQL Database table. The query must start with SELECT and cannot contain any destructive SQL operations for security reasons.")]
     public async Task<DbOperationResult> ReadData(
-        [Description("SQL query to execute")] string sql)
+        [Description("SQL SELECT query to execute (must start with SELECT and cannot contain destructive operations). Example: SELECT * FROM movies WHERE genre = 'comedy'")] string sql)
     {
+        // Validate the query for security issues
+        var (isValid, error) = ValidateQuery(sql);
+        if (!isValid)
+        {
+            _logger.LogWarning("Security validation failed for query: {QueryStart}...", sql?.Length > 100 ? sql[..100] : sql ?? "NULL");
+            return new DbOperationResult(success: false, error: $"Security validation failed: {error}");
+        }
+
+        // Log the query for audit purposes (in production, consider more secure logging)
+        _logger.LogInformation("Executing validated SELECT query: {QueryStart}{Truncated}", 
+            sql.Length > 200 ? sql[..200] : sql, 
+            sql.Length > 200 ? "..." : "");
+
         var conn = await _connectionFactory.GetOpenConnectionAsync();
         try
         {
@@ -35,13 +209,25 @@ public async Task<DbOperationResult> ReadData(
                     }
                     results.Add(row);
                 }
-                return new DbOperationResult(success: true, data: results);
+
+                // Sanitize the result
+                var sanitizedResults = SanitizeResult(results);
+                
+                return new DbOperationResult(
+                    success: true, 
+                    data: sanitizedResults);
             }
         }
         catch (Exception ex)
         {
             _logger.LogError(ex, "ReadData failed: {Message}", ex.Message);
-            return new DbOperationResult(success: false, error: ex.Message);
+            
+            // Don't expose internal error details to prevent information leakage
+            var safeErrorMessage = ex.Message.Contains("Invalid object name")
+                ? ex.Message
+                : "Database query execution failed";
+            
+            return new DbOperationResult(success: false, error: $"Failed to execute query: {safeErrorMessage}");
         }
     }
-}
+}
\ No newline at end of file
diff --git a/MssqlMcp/dotnet/MssqlMcp/Tools/TestConnection.cs b/MssqlMcp/dotnet/MssqlMcp/Tools/TestConnection.cs
new file mode 100644
index 0000000..52cfbb5
--- /dev/null
+++ b/MssqlMcp/dotnet/MssqlMcp/Tools/TestConnection.cs
@@ -0,0 +1,45 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license.
+
+using System.ComponentModel;
+using Microsoft.Data.SqlClient;
+using Microsoft.Extensions.Logging;
+using ModelContextProtocol.Server;
+
+namespace Mssql.McpServer;
+
+public partial class Tools
+{
+    [McpServerTool(
+        Title = "Test Connection",
+        ReadOnly = true,
+        Idempotent = true,
+        Destructive = false),
+        Description("Tests the database connection and returns connection status and basic server information.")]
+    public async Task<DbOperationResult> TestConnection()
+    {
+        try
+        {
+            var conn = await _connectionFactory.GetOpenConnectionAsync();
+            using (conn)
+            {
+                var connectionInfo = new Dictionary<string, object>
+                {
+                    ["ConnectionState"] = conn.State.ToString(),
+                    ["Database"] = conn.Database,
+                    ["ServerVersion"] = conn.ServerVersion,
+                    ["DataSource"] = conn.DataSource,
+                    ["ConnectionTimeout"] = conn.ConnectionTimeout
+                };
+
+                _logger.LogInformation("Database connection test successful");
+                return new DbOperationResult(success: true, data: connectionInfo);
+            }
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(ex, "TestConnection failed: {Message}", ex.Message);
+            return new DbOperationResult(success: false, error: ex.Message);
+        }
+    }
+}
\ No newline at end of file
diff --git a/MssqlMcp/dotnet/MssqlMcp/Tools/Tools.cs b/MssqlMcp/dotnet/MssqlMcp/Tools/Tools.cs
index 9d9aa82..31249bf 100644
--- a/MssqlMcp/dotnet/MssqlMcp/Tools/Tools.cs
+++ b/MssqlMcp/dotnet/MssqlMcp/Tools/Tools.cs
@@ -14,6 +14,9 @@ public partial class Tools(ISqlConnectionFactory connectionFactory, ILogger<Tool
     private readonly ISqlConnectionFactory _connectionFactory = connectionFactory;
     private readonly ILogger<Tools> _logger = logger;
 
+    // Check if READONLY mode is enabled
+    private static bool IsReadOnlyMode => Environment.GetEnvironmentVariable("READONLY")?.Equals("true", StringComparison.OrdinalIgnoreCase) ?? false;
+
     // Helper to convert DataTable to a serializable list
     private static List<Dictionary<string, object>> DataTableToList(DataTable table)
     {
diff --git a/MssqlMcp/dotnet/MssqlMcp/Tools/UpdateData.cs b/MssqlMcp/dotnet/MssqlMcp/Tools/UpdateData.cs
index b5311f0..e26506f 100644
--- a/MssqlMcp/dotnet/MssqlMcp/Tools/UpdateData.cs
+++ b/MssqlMcp/dotnet/MssqlMcp/Tools/UpdateData.cs
@@ -17,6 +17,11 @@ public partial class Tools
     public async Task<DbOperationResult> UpdateData(
         [Description("UPDATE SQL statement")] string sql)
     {
+        if (IsReadOnlyMode)
+        {
+            return new DbOperationResult(success: false, error: "UPDATE operation is not allowed in READONLY mode");
+        }
+
         var conn = await _connectionFactory.GetOpenConnectionAsync();
         try
         {
diff --git a/MssqlMcp/dotnet/README.md b/MssqlMcp/dotnet/README.md
index 63e0e99..2f74a36 100644
--- a/MssqlMcp/dotnet/README.md
+++ b/MssqlMcp/dotnet/README.md
@@ -122,6 +122,45 @@ Add a new MCP Server with the following settings:
 
 Save the file, start a new Chat, you'll see the "Tools" icon, it should list 7 MSSQL MCP tools.
 
+# Running Tests
+
+## Prerequisites for Tests
+
+- Access to a SQL Server instance with a database for testing
+- Connection credentials (SQL Server or Windows authentication)
+
+## Test Configuration
+
+The unit tests require a `CONNECTION_STRING` environment variable. For VS Code testing, create a test configuration:
+
+**1. Add to `.vscode/settings.json`:**
+
+```json
+{
+    "dotnet.unitTests.runSettingsPath": "${workspaceFolder}/.vscode/test.runsettings"
+}
+```
+
+**2. Create `.vscode/test.runsettings`:**
+
+```xml
+<?xml version="1.0" encoding="utf-8"?>
+<RunSettings>
+  <RunConfiguration>
+    <EnvironmentVariables>
+      <CONNECTION_STRING>Server=your-server;Database=your-test-db;User Id=your-user;Password=your-password;TrustServerCertificate=True</CONNECTION_STRING>
+    </EnvironmentVariables>
+  </RunConfiguration>
+</RunSettings>
+```
+
+## Running Tests
+
+**In VS Code:**
+1. Open the Testing panel (test beaker icon)  
+2. Run individual tests or test suites
+
+
 # Troubleshooting
 
 1. If you get a "Task canceled" error using "Active Directory Default", try "Active Directory Interactive".