mysql-mcp-server

Provides an MCP (Model Context Protocol) server that exposes MySQL metadata and query capabilities to AI assistants. Built with Quarkus and supports MCP connectivity via SSE (/mcp/sse) and a streamable HTTP endpoint (/mcp) over an HTTP listener.

Evaluated Apr 04, 2026 (16d ago)

Repo ↗ Ai Ml mcp mysql quarkus ai-agents database-tools sse http

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Security posture is unclear for the MCP endpoints: no auth/authorization is documented, so access control likely depends on network placement (e.g., private network, firewall, ingress rules). Server credentials are accepted via env vars/system properties (better than hardcoding, but still requires safe handling to avoid leaking via logs/process args). TLS enforcement for the HTTP listener is not documented.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You control the network environment (e.g., internal Kubernetes cluster/VPC) and want a lightweight MCP-to-MySQL bridge with SSE/HTTP connectivity.

Avoid When

You cannot restrict access to the MCP endpoints and database credentials; or you need clearly documented protections against unsafe SQL execution.

Use Cases

• Allowing AI agents to inspect MySQL databases (databases/tables/schema)
• Executing read-only or ad-hoc SQL queries via MCP tools for analysis/debugging
• Integrating MySQL-backed data exploration into MCP-capable clients (e.g., MCP tools in IDEs/assistants)

Not For

• Production deployments that require strong authentication/authorization guarantees without additional front-end controls
• Workloads requiring strict SQL safety controls (e.g., prevention of destructive queries) unless explicitly documented and enforced
• Use cases needing formal enterprise SLAs, audit logging, or compliance certifications (not evidenced in provided docs)

Interface

REST API

Yes

GraphQL

gRPC

MCP Server

Yes ↗

SDK

Webhooks

Authentication

Methods: None documented MySQL credentials supplied to server via environment variables or JVM system properties

OAuth: No Scopes: No

No MCP/API authentication mechanism (API keys, OAuth, basic auth, IP allowlisting) is documented. The docs only describe MySQL connection credentials for the server to reach the database.

Pricing

Free tier: No

Requires CC: No

Self-hosted open-source project; no pricing information in provided materials.

Agent Metadata

Pagination

none

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ No authentication for MCP endpoints is documented; agents may be able to reach the server from any network path unless access is externally restricted.
⚠ SQL execution tool behavior/safety (read-only enforcement, disallowed statements) is not documented.
⚠ Idempotency/retry guidance is not documented; retries could repeat SQL execution if not read-only.

Alternatives

Dedicated SQL tools behind an authenticated API gateway General MCP server frameworks with custom MySQL connectors Database-aware agent tools (vendor/OSS) that provide safer query execution policies

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mysql-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.