mcp-mysql-server
mcp-mysql-server is a Model Context Protocol (MCP) server that connects to a MySQL database and exposes tools for querying data and managing schema (e.g., list/describe tables, create/alter/drop columns/tables, and browse schema/resources).
Score Breakdown
⚙ Agent Friendliness
🔒 Security
README claims prepared statement support and secure password handling via environment variables, plus connection cleanup and query validation. However, it does not document transport security requirements (TLS), server-side authentication/authorization, fine-grained scopes, or explicit audit logging. Presence of schema-destructive tools (drop/truncate) increases risk if an agent is not constrained.
⚡ Reliability
Best When
Used in a developer-controlled environment (local/dev or trusted internal systems) where database credentials and scope of operations can be managed carefully.
Avoid When
Avoid when you cannot control which schemas/operations the agent can perform, or when you require strict safety rails for DDL/DML.
Use Cases
- • Allowing an AI assistant to run read-only SELECT queries against a MySQL database
- • Assisting with schema exploration and documentation (tables/columns/indexes/FKs)
- • Generating or executing SQL for CRUD and light schema management workflows
- • Helping developers prototype SQL queries with parameterized inputs
Not For
- • Untrusted or fully automated execution without human review (it can run write/destructive queries)
- • Public-facing or multi-tenant deployments where strong tenant isolation is required
- • Highly regulated environments needing detailed compliance attestations beyond what is documented
Interface
Authentication
No user-level auth is documented for the MCP server itself; authentication appears to be delegated to MySQL credentials supplied to the server. Tool-level authorization/scoping is not described in the README.
Pricing
README does not describe any hosted pricing; appears to be self-hosted open-source (MIT) distributed via npm.
Agent Metadata
Known Gotchas
- ⚠ Potentially destructive tools exist (drop_table, truncate_table) that require 'confirm' according to README, but a model/agent could still trigger them if not constrained.
- ⚠ The server appears to execute arbitrary SQL for query/execute; agents must be restricted (read-only vs write) and use strict query generation rules.
- ⚠ Connection lifecycle/reset behavior is not specified in README; agents may need to ensure a valid connection via connect_db before operations.
- ⚠ No tool-availability/permissioning allowlists are documented; enforce safety externally if needed.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-mysql-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.