playbooks

home / mcp / mysql mcp server

MySQL MCP Server

Provides read-only access to MySQL databases via MCP, executing only SELECT queries.

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "joewithglide-mysql-mcp": {
      "command": "bun",
      "args": [
        "run",
        "/absolute/path/to/mysql-mcp/src/index.ts"
      ],
      "env": {
        "DB_HOST": "localhost",
        "DB_NAME": "your_database",
        "DB_USER": "ai_readonly",
        "DB_PASSWORD": "STRONG_PASSWORD_HERE"
      }
    }
  }
}

This MCP server lets you query a MySQL database with read-only access, enforcing SELECT-only queries to keep your data safe. It validates all inputs, supports SSL/TLS, and keeps database credentials on the server, making it suitable for cloud databases and AI-assisted data exploration.

How to use

You interact with the MySQL MCP Server through an MCP client. Connect to the server, authenticate if required, and send SELECT statements you want to run against your MySQL data. The server will execute only safe, read-only queries and return the results. Use this setup to empower AI assistants with access to your data without risking data modification or exposure of sensitive credentials.

How to install

Prerequisites: Bun runtime and a MySQL database with a read-only user.

# 1. Clone the project repository
git clone <your-repo-url>

# 2. Move into the project directory
cd mysql-mcp

# 3. Install dependencies using Bun
bun install

Additional setup and configuration

Create a configuration file to provide the database connection details. This example shows the environment variables you would place in a .env file at the project root.

DB_HOST=localhost
DB_USER=ai_readonly
DB_PASSWORD=your_password
DB_NAME=your_database

For security, create a dedicated read-only MySQL user and grant SELECT privileges on your database, then use those credentials in your configuration.

CREATE USER 'ai_readonly'@'%' IDENTIFIED BY 'STRONG_PASSWORD_HERE';
GRANT SELECT ON your_database.* TO 'ai_readonly'@'%';
FLUSH PRIVILEGES;

Security

The server enforces multiple layers of protection to ensure safe access to data.

Query validation ensures only SELECT statements are processed. It blocks dangerous operations and disallows semicolons and SQL comments to prevent injection.

Access is restricted to a MySQL user with only SELECT privileges, reducing risk in case of credential exposure.

Testing and usage notes

Ready-to-test flow includes starting the server locally and performing a sample query against your database.

bun run start

Safety and limitations

Only SELECT queries are permitted. Other SQL features such as INSERT, UPDATE, DELETE, or DDL statements are blocked to prevent data modification or schema changes.

Available tools

execute_sql

Executes a SELECT-only SQL query against the MySQL database and returns the resulting rows.