{"id":"cherry-sc-mcp-server-sql","name":"mcp-server-sql","homepage":null,"repo_url":"https://github.com/cherry-SC/mcp-server-sql","category":"databases","subcategories":[],"tags":["mcp","spring-boot","java","sql","mysql","csv-export","agent-tools","data-integration"],"what_it_does":"A Spring Boot-based SQL execution service intended to be used as part of a Spring AI MCP (Model/Chat/Prompt) setup. It runs SQL queries and writes query results to a CSV file, and supports SQL update operations (INSERT/UPDATE/DELETE) returning affected row counts and execution timing. Database connection is configured via application.yml (MySQL + HikariCP).","use_cases":["Allow an AI agent/tool to run read-only SQL queries and export results to CSV for downstream processing","Run controlled SQL update operations and return affected row counts for workflow automation","Provide a lightweight MCP tool boundary around an application’s SQL access (where agent-to-DB capability is intentionally limited)"],"not_for":["Running arbitrary untrusted SQL directly from a user/agent without sanitization and guardrails","High-assurance production database administration","Use cases requiring strong observability (audit trails), fine-grained authorization, or schema-level safety controls (not documented here)"],"best_when":"You need a simple agent-accessible SQL query/update tool that writes outputs to files, and you can deploy it with strict operational controls and a controlled database user/permissions.","avoid_when":"You cannot restrict/validate SQL, or you need robust API-level contracts (OpenAPI), explicit rate limiting, or comprehensive error/timeout semantics.","alternatives":["Dedicated data access layer/services with parameterized queries and strict allowlists","Database-to-CSV export tools with RBAC (e.g., scheduled exports or query dashboards)","A purpose-built MCP server that exposes specific pre-defined query templates instead of raw SQL"],"af_score":24.5,"security_score":23.0,"reliability_score":15.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:50:40.950656+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Database credentials via application.yml (username/password)"],"oauth":false,"scopes":false,"notes":"No user-facing/API authentication is described for the service itself. Authentication appears to be implicit via the DB credentials used by the running service. Authorization/guardrails for agent calls are not described."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided (appears to be self-hosted open-source style project)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":24.5,"security_score":23.0,"reliability_score":15.0,"mcp_server_quality":35.0,"documentation_accuracy":35.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":20.0,"rate_limit_clarity":0.0,"tls_enforcement":0.0,"auth_strength":30.0,"scope_granularity":0.0,"dependency_hygiene":50.0,"secret_handling":40.0,"security_notes":"TLS requirements for DB connections and any server endpoints are not documented. The service likely uses raw DB credentials configured in application.yml; no API-level auth/authorization or scope granularity is described. Because it appears to execute SQL supplied by the caller (example shows raw SQL), it is vulnerable to SQL injection/abuse unless the MCP tool layer enforces strict allowlists and parameterization. Dependency hygiene cannot be assessed from provided content.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":0.0,"error_recovery":20.0,"idempotency_support":"false","idempotency_notes":"No explicit guidance on idempotency. SQL updates are potentially non-idempotent depending on the statements used.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Service accepts arbitrary SQL (based on examples/description), which can be dangerous if the agent is not constrained to safe statements/allowlists.","Writing results to local filesystem paths requires the hosting environment to have correct permissions and stable storage semantics.","No documented limits, timeouts, or backpressure; long-running queries may cause tool timeouts or resource exhaustion.","No documented schema/column typing or escaping rules for CSV output."]}}