Model Context Protocol moderate risk

MySQL

This MCP server provides Claude Code and other LLMs secure access to MySQL databases, including schema inspection and SQL query execution via SSH tunnels.

Connections & Capabilities

Connects To

GitHubMySQL

Capabilities

readwriteexec

Quickstart

Install

npm install -g

Config

{
  "mcpServers": {
    "mcp_server_mysql": {
      "command": "/path/to/npx/binary/npx",
      "args": [
        "-y",
        "@benborla29/mcp-server-mysql"
      ],
      "env": {
        // Basic connection settings
        "MYSQL_HOST": "127.0.0.1",
        "MYSQL_PORT": "3306",
        "MYSQL_USER": "root",
        "MYSQL_PASS": "",
        "MYSQL_DB": "db_name",
        "PATH": "/path/to/node/bin:/usr/bin:/bin",

        // Performance settings
        "MYSQL_POOL_SIZE": "10",
        "MYSQL_QUERY_TIMEOUT": "30000",
        "MYSQL_CACHE_TTL": "60000",

        // Security settings
        "MYSQL_RATE_LIMIT": "100",
        "MYSQL_MAX_QUERY_COMPLEXITY": "1000",
        "MYSQL_SSL": "true",

        // Monitoring settings
        "ENABLE_LOGGING": "true",
        "MYSQL_LOG_LEVEL": "info",
        "MYSQL_METRICS_ENABLED": "true",

        // Write operation flags
        "ALLOW_INSERT_OPERATION": "false",
        "ALLOW_UPDATE_OPERATION": "false",
        "ALLOW_DELETE_OPERATION": "false"
      }
    }
  }
}

Exposed MCP Tools (1)

moderate

mysql_query

Executes SQL queries against the connected MySQL database.

Potentially destructive if write operations are enabled; otherwise, safe for read-only queries.

Safety Assessment

This MCP server is relatively safe when configured for read-only access and used with proper security measures like prepared statements. Enabling write operations increases the risk, especially if access controls and input validation are not carefully implemented. Remote mode introduces additional risks if the authorization is not properly configured.

Supports read-only operations by default
Allows disabling INSERT, UPDATE, and DELETE operations
Uses transactions for data modification with commit/rollback
Supports prepared statements for secure parameter handling
Schema-specific permissions can be configured

Can be configured to allow INSERT, UPDATE, and DELETE operations
Relies on environment variables for sensitive credentials
Potential for SQL injection if prepared statements are not used correctly
Improperly configured SSH tunnels can expose the database
Remote mode exposes an endpoint that requires careful authorization

Client Compatibility

Claude Desktopfull

Cursorfull

Windsurfuntested

VS Code (Copilot)untested

Security Notes

Exposure of database credentials if environment variables are not properly secured.
Potential for SQL injection if input is not properly sanitized when write operations are enabled.
Unauthorized access if SSH tunnels are not correctly configured.
Data breaches if write operations are enabled without proper access controls.
Denial-of-service if rate limiting is not configured properly.

Best For

Developers using Claude Code or other LLMs to interact with MySQL databases
Data analysts who need to query and explore data in MySQL databases
Database administrators who need to inspect database schemas and metadata
Teams that need a secure and controlled way to access MySQL databases from LLMs
Projects requiring SSH tunnel support for accessing remote databases