mysql-mcp-server
by ahmad5599
Overview
Enables AI assistants to interact with SQL databases (MySQL, MariaDB, PostgreSQL, SQLite) through natural language queries, integrating with the Model Context Protocol (MCP) and providing a VS Code extension for setup.
Installation
npx @ahmad3244/sql-mcp-serverEnvironment Variables
- MYSQL_MCP_CONNECTION_STRING
- MYSQL_MCP_READ_ONLY
- MYSQL_MCP_TRANSPORT
- MYSQL_MCP_HTTP_HOST
- MYSQL_MCP_HTTP_PORT
- MYSQL_MCP_LOGGERS
- MYSQL_MCP_LOG_PATH
- MYSQL_MCP_MAX_ROWS_PER_QUERY
- MYSQL_MCP_TELEMETRY
- DO_NOT_TRACK
Security Notes
The `query` tool, intended for AI-driven SQL SELECT statements, directly executes the user-provided query string via `knex().raw()` without proper parameterization for values within the query. This makes the server vulnerable to SQL injection attacks, contradicting the 'Prepared statements' security claim in the documentation. While `read-only` mode is a good default, it does not prevent malicious read operations through injection. Other operations like `insert` and `describeTable` use parameterized queries or identifier sanitization correctly.
Similar Servers
mcp
Provides a Model Context Protocol (MCP) interface for managing and querying MariaDB databases, supporting standard SQL operations and advanced vector/embedding-based search for AI assistants.
DBchat
Transforms a database into an intelligent conversational partner, enabling natural language queries, instant answers, and data visualizations via MCP clients.
mcp-server-db2i
Enables AI assistants to query and inspect IBM DB2 for i databases using the Model Context Protocol (MCP) via stdio or HTTP.
DatabaseMcpServer
Provides a robust and secure database access layer for AI assistants, supporting 19 types of databases with single-instance multi-database dynamic switching and over 50 tools for data and schema management.