MySQL MCP Server
A MySQL MCP server for secure database interaction, enabling schema inspection, query execution, and RBAC via AI coding assistants.
README
MySQL MCP Server
A secure and professional MySQL Model Context Protocol (MCP) server with clean architecture, designed for seamless integration with GitHub Copilot, Cline, and other AI coding assistants in VS Code.
Features
- Clean Architecture: Follows Single Responsibility Principle for maintainability and scalability
- Security First: Built-in permission system, audit logging, and query validation
- Connection Pooling: Efficient MySQL connection management with connection pooling
- Schema Inspection: Tools for exploring database structure
- Query Execution: Secure SQL query execution with timeout controls
- Audit Logging: Comprehensive logging of all database operations
Quick Start
Installation
npm install
Configuration
Copy the example configuration and update credentials:
cp .env.example .env
Then edit .env in the project root:
# MySQL Connection
MYSQL_HOST=localhost
MYSQL_PORT=3306
MYSQL_USER=your_username
MYSQL_PASSWORD=your_password
MYSQL_DATABASE=your_database
# Security Settings
SECURITY_ENABLED=true
ALLOWED_OPERATIONS=SELECT,SHOW,DESCRIBE,EXPLAIN
MAX_QUERY_EXECUTION_TIME=30000
# Audit Settings
AUDIT_ENABLED=true
AUDIT_LOG_LEVEL=info
Build
npm run build
Run
npm start
Integration with VS Code
GitHub Copilot
Recommended for this repository: use the workspace MCP file at .vscode/mcp.json.
It is already included in this project and should look like:
{
"servers": {
"mysql-local": {
"type": "stdio",
"command": "node",
"args": ["${workspaceFolder}/dist/index.js"],
"env": {
"MYSQL_HOST": "${env:MYSQL_HOST}",
"MYSQL_PORT": "${env:MYSQL_PORT}",
"MYSQL_USER": "${env:MYSQL_USER}",
"MYSQL_PASSWORD": "${env:MYSQL_PASSWORD}",
"MYSQL_DATABASE": "${env:MYSQL_DATABASE}"
}
}
}
}
Alternative: add to VS Code user settings (settings.json):
{
"mcpServers": {
"mysql": {
"command": "node",
"args": ["/path/to/mysql-mcp/dist/index.js"],
"env": {
"MYSQL_HOST": "localhost",
"MYSQL_PORT": "3306",
"MYSQL_USER": "your_username",
"MYSQL_PASSWORD": "your_password",
"MYSQL_DATABASE": "your_database"
}
}
}
}
Cline
Configure in Cline settings:
{
"mcpServers": {
"mysql": {
"command": "node",
"args": ["/path/to/mysql-mcp/dist/index.js"],
"env": {
"MYSQL_HOST": "localhost",
"MYSQL_USER": "your_username",
"MYSQL_PASSWORD": "your_password",
"MYSQL_DATABASE": "your_database"
}
}
}
}
Available Tools
Query Tools
execute_query
Execute SQL queries against the database.
Parameters:
sql(required): SQL query to executedatabase(optional): Database nameuserId(optional): User ID for permission checkingtimeout(optional): Query timeout in milliseconds
Schema Tools
list_databases
List all available databases.
Parameters:
userId(optional): User ID for permission checking
list_tables
List all tables in a database.
Parameters:
database(optional): Database nameuserId(optional): User ID for permission checking
describe_table
Get the structure of a table.
Parameters:
table(required): Table namedatabase(optional): Database nameuserId(optional): User ID for permission checking
Admin Tools
get_server_status
Get MySQL server status variables.
Parameters:
userId(optional): User ID for permission checking
get_process_list
Get list of running MySQL processes.
Parameters:
userId(optional): User ID for permission checking
kill_query
Kill a running MySQL process.
Parameters:
processId(required): Process ID to killuserId(optional): User ID for permission checking
get_table_indexes
Get index information for a table.
Parameters:
table(required): Table namedatabase(optional): Database nameuserId(optional): User ID for permission checking
get_table_constraints
Get constraint information for a table.
Parameters:
table(required): Table namedatabase(optional): Database nameuserId(optional): User ID for permission checking
analyze_table
Analyze table statistics.
Parameters:
table(required): Table namedatabase(optional): Database nameuserId(optional): User ID for permission checking
optimize_table
Optimize a table.
Parameters:
table(required): Table namedatabase(optional): Database nameuserId(optional): User ID for permission checking
RBAC Tools
All RBAC tools require authentication and API key permission rbac_admin.
Role and Permission Management
create_role(name, desc)delete_role(id)list_roles()create_permission(name, desc)list_permissions()assign_permission_to_role(roleId, permId)revoke_permission_from_role(roleId, permId)
User Role Assignment
assign_role_to_user(userId, roleId)revoke_role_from_user(userId, roleId)list_user_roles(userId)
Authorization Checks
check_user_permission(userId, permissionName)current_user_permissions()can_access(userId, resource, action, attributes?)
RBAC Audit
audit_log(event, actor, target, details)query_audit_logs(filter)
RBAC Database Operations
db_migrate_rbac()db_seed_rbac_defaults()db_check_integrity()
Available Resources
mysql://status
Current database connection status and pool information.
mysql://config
Server configuration (sanitized, no sensitive data).
mysql://audit/statistics
Statistics about database operations.
mysql://audit/logs
Recent database operation logs.
Architecture
src/
├── config/ # Configuration management
├── mysql/ # MySQL connection management
├── security/ # Permission and audit logging
├── tools/ # MCP tools implementation
├── resources/ # MCP resources
├── types/ # TypeScript type definitions
└── index.ts # Main entry point
Key Components
- ConfigManager: Handles configuration loading and validation
- MySQLConnectionManager: Manages connection pooling and query execution
- PermissionManager: Handles permission checking and access control
- AuditLogger: Logs all database operations for security
- QueryTool: Executes SQL queries with security validation
- SchemaTool: Inspects database schema
- DatabaseResource: Provides MCP resources
Security
- Permission-based access control
- Query timeout enforcement
- Operation whitelisting/blacklisting
- Audit logging of all operations
- Rate limiting support
See docs/security.md for detailed security documentation.
Documentation
Development
# Install dependencies
npm install
# Run in development mode
npm run dev
# Build
npm run build
# Lint
npm run lint
# Format
npm run format
Requirements
- Node.js >= 18.0.0
- MySQL 5.7+ or MariaDB 10.3+
License
MIT License - see LICENSE file for details.
Contributing
Contributions are welcome! Please read our contributing guidelines before submitting pull requests.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.