memgraph-mcp-server

Provides an MCP server that lets an agent execute Cypher queries against a Memgraph database and fetch schema information, with a default block on destructive/unsafe queries unless explicitly enabled.

Evaluated Apr 04, 2026 (17d ago)

Repo ↗ Infrastructure mcp memgraph graph-database cypher agent-tools go

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Mentions blocking destructive queries (DELETE/REMOVE/DROP/CREATE/MERGE/SET) by default unless unsafe: true is provided to run_query—this is a positive safety control. However, TLS enforcement and transport security are not documented in the provided content; auth is limited to Memgraph user/password (or none by default). There is no mention of fine-grained authorization scopes for tools or request-level auditing. Rate limits and robust operational protections are not described.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You want an MCP-compatible interface for graph querying and can control/limit agent permissions and query safety (unsafe=false by default).

Avoid When

You cannot safely control the agent’s queries or you require documented operational protections like rate limiting, audit logs, and robust error taxonomy.

Use Cases

• Agent-driven read-only exploration of a Memgraph graph (e.g., inspect entities/relations)
• Generating Cypher to answer questions about a graph
• Schema discovery for prompt/tool planning via get_schema

Not For

• Executing destructive writes/DDL in a multi-tenant or high-risk setting
• Environments requiring strong centralized authZ/auditing beyond Memgraph credentials
• Use without careful query constraints/approval when unsafe operations are possible

Interface

REST API

GraphQL

gRPC

MCP Server

Yes

SDK

Webhooks

Authentication

Methods: Memgraph username/password via environment variables or CLI flags No-auth mode via default bolt://localhost:7687 without credentials

OAuth: No Scopes: No

Authentication is delegated to Memgraph connectivity. There is no mention of per-tool auth scopes; safety is handled via blocking of unsafe Cypher unless 'unsafe: true' is used in run_query.

Pricing

Free tier: No

Requires CC: No

Self-hosted open-source tool implied; no usage pricing described in provided content.

Agent Metadata

Pagination

none

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ run_query is capable of executing arbitrary Cypher; destructive queries require explicitly setting unsafe: true
⚠ Default connection may be unauthenticated (bolt://localhost:7687) if you do not provide MEMGRAPH_USER/MEMGRAPH_PASSWORD, which can be unsafe in non-local environments
⚠ No documentation is provided here for rate limiting, timeouts, or retry/idempotency guidance—agents may need to implement their own safeguards

Alternatives

Direct Memgraph client libraries (bolt/Cypher) integrated into your app/agent framework Generic database MCP servers (if available) that support Memgraph or Bolt/Cypher Custom MCP server wrapper around Memgraph using your own safety and auth policies

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for memgraph-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.