{"id":"koh-yoshimoto-mysql-mcp-server","name":"mysql-mcp-server","homepage":null,"repo_url":"https://github.com/koh-yoshimoto/mysql-mcp-server","category":"infrastructure","subcategories":[],"tags":["mcp","mysql","database","sql","agent-tools","schema-inspection","query-execution","explain","go","safety-controls"],"what_it_does":"Provides an MCP (Model Context Protocol) server for connecting to a MySQL database and exposing tools for SELECT-only querying, schema inspection (tables and columns), and execution-plan analysis via EXPLAIN/EXPLAIN ANALYZE. Also provides an execute tool for data-modifying statements (INSERT/UPDATE/DELETE) with a dry-run + confirmation token flow.","use_cases":["Letting AI agents safely explore a MySQL schema (list tables, fetch table schema)","Answering questions over operational data using SELECT queries with result formatting","Performance troubleshooting by running EXPLAIN or EXPLAIN ANALYZE for a candidate query","Controlled, human/agent-mediated data changes (INSERT/UPDATE/DELETE) using a two-step dry-run + confirmation token workflow"],"not_for":["Untrusted/anonymous clients or direct internet exposure","Environments that require strong user authentication/authorization at the API layer","Workloads requiring complex pagination controls or cursor-based retrieval","Bulk/long-running queries without governance (especially EXPLAIN ANALYZE)"],"best_when":"You want an agent-friendly way to introspect and query a MySQL database locally/in your environment using MCP, and you can provide appropriately privileged (preferably read-only) credentials.","avoid_when":"You need robust access control beyond database-user permissions, or you cannot enforce the two-step confirmation process for write operations.","alternatives":["Use a database IDE/SQL client plus an agent that consumes results indirectly","Use a SQL API layer (e.g., PostgREST-style wrappers for MySQL) with fine-grained auth","Build your own MCP tools over a MySQL driver with stricter query allowlists and output redaction","Use existing MCP database connectors (if available) from other projects"],"af_score":59.2,"security_score":53.2,"reliability_score":26.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:51:43.889452+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Environment-variable based database credentials (MYSQL_HOST/PORT/USER/PASSWORD/DATABASE) used by the MCP server"],"oauth":false,"scopes":false,"notes":"No separate end-user auth is described for the MCP server itself; access control is primarily via the MySQL user permissions configured in the environment."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; likely self-hosted."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":59.2,"security_score":53.2,"reliability_score":26.2,"mcp_server_quality":78.0,"documentation_accuracy":76.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":0.0,"tls_enforcement":60.0,"auth_strength":55.0,"scope_granularity":30.0,"dependency_hygiene":50.0,"secret_handling":70.0,"security_notes":"Security controls described include: SELECT-only restriction on the query tool, a two-step dry-run + confirmation token process for data modifications, and confirmation token expiry after 5 minutes. Access control appears to rely on database user permissions (no additional auth/authorization for MCP clients described). TLS enforcement is not explicitly documented; assume HTTPS/TLS may not apply because it is a local MCP subprocess—MySQL connection encryption is unspecified. Credential handling is described via environment variables, but logging/redaction behavior is not specified.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":30.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":"No explicit idempotency guarantees are documented for write operations; the confirmation token flow is intended as a safety mechanism, not an idempotency mechanism.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["The execute tool supports only INSERT/UPDATE/DELETE and uses dry_run + confirm_token; agents must follow the two-step pattern to avoid failed writes.","EXPLAIN ANALYZE may execute the query to gather real statistics; can be risky for long-running or heavy queries.","Query tool is restricted to SELECT statements only; agents may need to route data-modifying intent to the execute tool."]}}