MCPQL

Instructions

Implementation Reference

• src/tools/securityOperations.ts:7-41 (handler)

  The main handler function that implements the tool logic for mcp_get_security_status, calling getSecurityStatus and formatting the response.
  export const mcp_get_security_status = async (): Promise<ToolResult<any>> => { console.log('Executing mcp_get_security_status'); try { const status = getSecurityStatus(); const result = { security_configuration: { modifications_enabled: status.modifications_enabled, stored_procedures_enabled: status.stored_procedures_enabled, security_level: status.security_level }, environment_variables: { DB_ALLOW_MODIFICATIONS: process.env.DB_ALLOW_MODIFICATIONS || 'not set (defaults to false)', DB_ALLOW_STORED_PROCEDURES: process.env.DB_ALLOW_STORED_PROCEDURES || 'not set (defaults to false)' }, recommendations: status.recommendations, configuration_guide: { enable_modifications: 'Set DB_ALLOW_MODIFICATIONS=true in your environment', enable_stored_procedures: 'Set DB_ALLOW_STORED_PROCEDURES=true in your environment', security_best_practices: [ 'Keep modifications disabled in production environments', 'Only enable stored procedures when necessary', 'Review all queries before execution in production', 'Use read-only database users when possible' ] } }; return { success: true, data: result }; } catch (error: any) { console.error('Error in mcp_get_security_status:', error.message); return { success: false, error: error.message }; } };
• src/tools.ts:214-222 (schema)

  The input schema definition and tool registration entry in the MCP_MSQL_TOOLS array.
  { name: "mcp_get_security_status", description: "Get current security configuration and status for database operations", inputSchema: { type: "object", properties: {}, required: [] } }
• src/tools/index.ts:47-49 (registration)

  Re-export of the mcp_get_security_status handler for use in other modules.
  export { mcp_get_security_status // Get current security configuration } from './securityOperations.js';
• src/security.ts:125-159 (helper)

  Core helper function that computes the security status based on environment variables, used by the tool handler.
  export function getSecurityStatus(): { modifications_enabled: boolean; stored_procedures_enabled: boolean; security_level: string; recommendations: string[]; } { const modifications = SECURITY_CONFIG.ALLOW_MODIFICATIONS; const storedProcs = SECURITY_CONFIG.ALLOW_STORED_PROCEDURES; let securityLevel = 'MAXIMUM'; let recommendations: string[] = []; if (modifications && storedProcs) { securityLevel = 'LOW'; recommendations.push('[!] Consider disabling modifications in production'); recommendations.push('[!] Consider disabling stored procedures in production'); } else if (modifications || storedProcs) { securityLevel = 'MEDIUM'; if (modifications) { recommendations.push('[!] Modifications are enabled - use with caution'); } if (storedProcs) { recommendations.push('[!] Stored procedures are enabled - use with caution'); } } else { recommendations.push('[OK] Optimal security configuration for production'); } return { modifications_enabled: modifications, stored_procedures_enabled: storedProcs, security_level: securityLevel, recommendations }; }