mysql-mcp-server

Provides an MCP server that offers read-only exploration and querying of MySQL databases: listing databases, listing tables, describing table schemas, and executing read-only SQL (SELECT/SHOW/DESCRIBE/EXPLAIN) with safeguards like timeouts, row limits, and query validation.

Evaluated Mar 30, 2026 (21d ago)
Repo ↗ Infrastructure mcp mysql database read-only sql tooling agents
⚙ Agent Friendliness
62
/ 100
Can an agent use this?
🔒 Security
56
/ 100
Is it safe for agents?
⚡ Reliability
26
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
85
Documentation
80
Error Messages
0
Auth Simplicity
80
Rate Limits
20

🔒 Security

TLS Enforcement
70
Auth Strength
55
Scope Granularity
40
Dep. Hygiene
40
Secret Handling
70

Security claims are mostly at the application/query level (read-only allowlisting, query validation, timeouts, row limits). TLS enforcement, exact query validation robustness, and secret logging hygiene are not explicitly evidenced in the provided content. Best practice is to use a least-privilege MySQL user restricted to SELECT/metadata and to ensure the MySQL client uses TLS as configured.

⚡ Reliability

Uptime/SLA
0
Version Stability
40
Breaking Changes
30
Error Recovery
35
AF Security Reliability

Best When

You want agent-driven read-only database browsing and sampling using an MCP-capable client, with a dedicated MySQL user that has only least-privilege SELECT/metadata access.

Avoid When

You cannot guarantee least-privilege MySQL credentials or you need strict assurances beyond basic query allowlisting/timeouts/limits.

Use Cases

  • Allowing LLM/agent users to explore MySQL schemas (databases/tables/columns)
  • Running safe, read-only analytical queries with guardrails
  • Automating DBA/analyst workflows like schema inspection and sampling rows

Not For

  • Executing data-modifying statements (INSERT/UPDATE/DELETE/DDL)
  • Performing large, high-cardinality queries without considering row limits/timeouts
  • Handling highly sensitive environments without careful database user permissions

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: MySQL username/password via environment variables (MYSQL_USER, MYSQL_PASSWORD)
OAuth: No Scopes: No

Authentication is delegated to MySQL credentials configured via env vars. No OAuth/scoped auth layer is described at the MCP layer.

Pricing

Free tier: No
Requires CC: No

No pricing information provided in the supplied content.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • Agents may attempt disallowed SQL; responses/errors may depend on the internal query validation implementation.
  • Row limits/timeouts may truncate results; agents should be prepared to refine queries.
  • Schema/table names may require correct database selection (default database may be used if database argument omitted).

Alternatives

Use direct MySQL access with database views/RO accounts (no MCP) Use a generic SQL MCP server with stronger/explicit policy controls Use an ETL/analytics tool (e.g., read replicas + BI) for exploration instead of live queries

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mysql-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered