apisql-mcp
An MCP server (Node.js) that lets MCP clients execute SQL against multiple database types via an apiSQL API gateway, with support for runtime switching between configured data sources (DS/SUDB), and both DDL/DML plus stored procedures/UDFs. It can run over MCP stdio by default and also offers a streamable HTTP transport mode.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security relies primarily on apiSQL gateway API key authorization and network routing (with a documented recommendation for least-privilege/read-only users). The README includes a real-looking example API key in plaintext, which is a risk as sample handling/rotation guidance is not discussed. No explicit documentation here about TLS requirements, key rotation, secret logging, rate limiting, or audit log retention—only that logs/audit exist via apiSQL.
⚡ Reliability
Best When
You have an apiSQL account + gateway configured, want an MCP-friendly single entry point to many SQL engines, and you can enforce least-privilege at the gateway/data-source level.
Avoid When
You cannot enforce least-privilege (e.g., credentials allow writes/DDL broadly) or you need strong, explicitly documented operational guarantees (error semantics, retries, rate limits, SLAs) from this package itself.
Use Cases
- • Letting LLM/MCP agents query and analyze databases across multiple engines from one integration
- • Operational analytics/reporting using SQL with dynamic data-source switching
- • DB access in environments that prefer routing through a gateway rather than direct network exposure
- • Admin/automation workflows that require executing DDL/DML and stored procedures through an agent
Not For
- • Untrusted users/agents that should not have broad database modification capabilities
- • Read-only reporting scenarios where writes/DDL must be strictly prohibited
- • Environments requiring a local-only database connector without reliance on an external gateway/service
- • Strict compliance contexts where data residency, audit retention, and security controls must be formally documented
Interface
Authentication
README indicates access control via apiSQL platform API key authorization and SUDB permissions, but does not document exact scope model/claims or how granular scopes map to DB actions.
Pricing
No pricing information in provided content; apiSQL service is required so costs likely apply externally.
Agent Metadata
Known Gotchas
- ⚠ Credentials/permissions: the server can execute modifying SQL; least-privilege is critical
- ⚠ Dynamic DS/SUDB routing depends on the gateway URL containing /$sudb and on exact data source naming
- ⚠ Agents may issue heavy/long-running queries; there is no documented query timeout/limits here
- ⚠ Transport choice matters: stdio vs streamable-http requires correct client configuration
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for apisql-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.