mav-mysql-mcp-server
Verified Safeby derricksiawor
Overview
Enables Large Language Models (LLMs) to securely interact with MySQL and MariaDB databases through a standardized Model Context Protocol (MCP) interface, supporting both read and optional write operations.
Installation
node build/index.jsEnvironment Variables
- MYSQL_HOST
- MYSQL_USER
- MYSQL_PASSWORD
- MYSQL_DATABASE
Security Notes
The server demonstrates robust security features. It defaults to read-only mode, with write operations requiring explicit environment variable enablement. It implements SQL injection protection through parameterized queries and strict validation/escaping of all table and column identifiers. Access to sensitive system tables (e.g., `mysql.user`, `information_schema`) is explicitly blocked, and dangerous operations like file I/O or permission changes (GRANT/REVOKE) are prohibited even in write mode. The `validateQuery` function performs checks for sensitive patterns in SQL, and critical DDL/DML operations are safeguarded with identifier validation. Rate limiting and query timeouts prevent abuse and resource exhaustion, while comprehensive audit logging ensures traceability. There are no apparent `eval` statements or obfuscation. The dependency tree primarily consists of standard, well-maintained libraries.
Similar Servers
mcp
Provides a Model Context Protocol (MCP) interface for managing and querying MariaDB databases, supporting standard SQL operations and advanced vector/embedding-based search for AI assistants.
DBchat
Transforms a database into an intelligent conversational partner, enabling natural language queries, instant answers, and data visualizations via MCP clients.
mcp-mysql-server
Provides an MCP-compliant interface for AI models to securely interact with a MySQL database for CRUD operations, schema inspection, and performance analysis.
mysql-mcp
Provides an MCP (Model Context Protocol) server for MySQL, enabling AI agents to programmatically interact with and manage MySQL databases.