mysql-mcp-server
Provides an MCP server (stdio-based) that connects to MySQL databases using a Spring Boot Java application. The README indicates multiple data sources support and shows running the server via a packaged JAR with Spring datasource configuration passed as JVM system properties.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Transport is stdio (not inherently TLS-based); README does not mention securing the MCP channel. Database credentials are supplied via -Dspring.datasource.password, which can be exposed via process listings/logging if not carefully managed. No evidence provided for least-privilege scopes, query restrictions, auditing, or structured error redaction.
⚡ Reliability
Best When
You want a local stdio MCP integration for agent-driven database workflows and you can control database access tightly (networking + least-privilege + secret handling).
Avoid When
You cannot safely supply DB credentials to a long-running process, or you need strong, documented error/rate-limit semantics and stable, versioned API contracts.
Use Cases
- • Enable an MCP-capable agent to execute MySQL-related operations (queries, schema exploration, etc.) via stdio transport
- • Connect to one or more MySQL data sources from an agent workflow
- • Run locally/within a controlled environment where database credentials can be supplied to the process
Not For
- • Production deployments without proper hardening, credential management, and least-privilege controls
- • Publicly exposed services where database credentials or overly-privileged access could be abused
- • Teams needing a well-specified REST/HTTP API contract or SDKs
Interface
Authentication
The README shows supplying database credentials via -Dspring.datasource.username/password. There is no documented auth layer for the MCP server itself (e.g., API key, OAuth, IP allowlist).
Pricing
No pricing information provided (repository metadata only).
Agent Metadata
Known Gotchas
- ⚠ Credentials are passed as JVM system properties; agents or orchestration layers may accidentally log command lines or crash dumps containing secrets.
- ⚠ Because the README provides no MCP tool/schema details, an agent may not know available tools/arguments without additional documentation or inspecting the code.
- ⚠ Lack of documented safety/policy (query allowlists, max rows, timeouts) could lead to expensive or destructive queries unless the implementation enforces constraints.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mysql-mcp-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-04-04.