Database Query MCP Server

query_mysql

Read-only

Execute read-only MySQL database queries to retrieve data securely. Connect using host, port, credentials, and database name to run SELECT statements.

Instructions

执行MySQL数据库查询（只读模式）

Input Schema

TableJSON Schema

Name	Required	Description
`host`	Yes	数据库主机地址
`port`	Yes	数据库端口
`user`	Yes	数据库用户名
`pwd`	Yes	数据库密码
`db`	Yes	数据库名称
`querySql`	Yes	要执行的SQL查询语句（仅支持SELECT等只读操作）

Implementation Reference

db-query-tool.js:204-243 (handler)

Implements the core execution logic for the 'query_mysql' tool: read-only validation, MySQL connection setup, query execution, error handling, and result formatting.

async executeMySQL(config) {
  const { querySql } = config;
  
  // 检查是否为只读查询
  if (!this.isReadOnlyQuery(querySql)) {
    return {
      success: false,
      error: "不允许执行非只读操作。仅支持SELECT、SHOW、DESCRIBE等查询语句。",
      code: "READONLY_VIOLATION"
    };
  }
  
  let connection;
  
  try {
    // 建立数据库连接
    connection = await this.getMySQLConnection(config);
    
    // 执行查询
    const result = await this.executeMySQLQuery(connection, querySql);
    
    // 返回结果
    return {
      success: true,
      data: result.data,
      columns: result.columns,
      rowCount: result.rowCount
    };
  } catch (error) {
    // 错误处理
    return {
      success: false,
      error: error.message,
      code: error.code || 'DATABASE_ERROR'
    };
  } finally {
    // 关闭数据库连接
    await this.closeMySQLConnection(connection);
  }
}

mcp.full.config.js:33-73 (schema)

Defines the tool metadata including name 'query_mysql', description, input schema (host, port, user, pwd, db, querySql), and annotations.

query_mysql: {
  name: "query_mysql",
  description: "执行MySQL数据库查询（只读模式）",
  inputSchema: {
    type: "object",
    properties: {
      host: { 
        type: "string", 
        description: "数据库主机地址" 
      },
      port: { 
        type: "integer", 
        description: "数据库端口" 
      },
      user: { 
        type: "string", 
        description: "数据库用户名" 
      },
      pwd: { 
        type: "string", 
        description: "数据库密码" 
      },
      db: { 
        type: "string", 
        description: "数据库名称" 
      },
      querySql: { 
        type: "string", 
        description: "要执行的SQL查询语句（仅支持SELECT等只读操作）" 
      }
    },
    required: ["host", "port", "user", "pwd", "db", "querySql"]
  },
  annotations: {
    title: "MySQL数据库查询工具（只读）",
    readOnlyHint: true,
    destructiveHint: false,
    idempotentHint: false,
    openWorldHint: false
  }
},

mcp-server.js:77-86 (registration)

Registers the 'query_mysql' tool in the MCP listTools response by including config.tools.query_mysql.

server.setRequestHandler(ListToolsRequestSchema, async () => {
  return {
    tools: [
      config.tools.query_mysql,
      config.tools.query_postgresql,
      config.tools.query_mssql,
      config.tools.query_oracle
    ]
  };
});

mcp-server.js:35-54 (handler)

Switch case in CallToolRequestHandler that routes 'query_mysql' calls to dbTool.executeMySQL(arguments).

switch (request.params.name) {
  case config.tools.query_mysql.name:
    result = await dbTool.executeMySQL(request.params.arguments);
    break;
    
  case config.tools.query_postgresql.name:
    result = await dbTool.executePostgreSQL(request.params.arguments);
    break;
    
  case config.tools.query_mssql.name:
    result = await dbTool.executeMSSQL(request.params.arguments);
    break;
    
  case config.tools.query_oracle.name:
    result = await dbTool.executeOracle(request.params.arguments);
    break;
    
  default:
    throw new Error(`Unknown tool: ${request.params.name}`);
}

db-query-tool.js:23-71 (helper)

isReadOnlyQuery helper method used by executeMySQL to validate that the SQL is a safe read-only operation (SELECT, SHOW, etc.).

isReadOnlyQuery(sql) {
  // 转换为小写以便比较
  const lowerSql = sql.trim().toLowerCase();
  
  // 允许的只读操作关键词
  const allowedPatterns = [
    /^select/,
    /^show/,
    /^describe/,
    /^desc/,
    /^explain/,
    /^use/
  ];
  
  // 禁止的写操作关键词
  const forbiddenPatterns = [
    /insert/,
    /update/,
    /delete/,
    /drop/,
    /truncate/,
    /alter/,
    /create/,
    /replace/,
    /grant/,
    /revoke/,
    /commit/,
    /rollback/,
    /savepoint/,
    /set/
  ];
  
  // 检查是否包含禁止的关键词
  for (const pattern of forbiddenPatterns) {
    if (pattern.test(lowerSql)) {
      return false;
    }
  }
  
  // 检查是否以允许的关键词开头
  for (const pattern of allowedPatterns) {
    if (pattern.test(lowerSql)) {
      return true;
    }
  }
  
  // 如果既不明确允许也不明确禁止，默认为不安全
  return false;
}

Tool Definition Quality

A3.5/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

The description adds value beyond annotations by specifying '只读模式' (read-only mode), which aligns with the readOnlyHint=true annotation. However, it doesn't provide additional behavioral context such as connection handling, timeout behavior, result format, or error conditions. With annotations covering safety (readOnlyHint=true, destructiveHint=false), the description meets the lower bar but doesn't enrich understanding significantly.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise with a single sentence that efficiently communicates the core purpose and constraint. It's front-loaded with no wasted words, making it easy for an AI agent to parse quickly. Every part of the sentence earns its place by specifying the action, target, and operational mode.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (6 required parameters for database connection and query execution), the description is minimal. While annotations provide safety information (readOnlyHint=true, destructiveHint=false) and the schema fully documents parameters, there's no output schema and the description doesn't explain what the tool returns (e.g., result sets, error formats). For a database query tool, this leaves gaps in understanding the complete behavior.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The description doesn't add any parameter-specific information beyond what's already in the input schema, which has 100% description coverage. It mentions 'MySQL数据库查询' (MySQL database query) but doesn't explain individual parameters like host, port, or querySql. With high schema coverage, the baseline score of 3 is appropriate as the schema carries the full burden of parameter documentation.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the verb ('执行' - execute) and resource ('MySQL数据库查询' - MySQL database query), and specifies the operational mode ('只读模式' - read-only mode). It distinguishes from siblings by mentioning MySQL specifically, though it doesn't explicitly contrast with other database types like MSSQL, Oracle, or PostgreSQL.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage context by specifying '只读模式' (read-only mode) and the input schema further clarifies that SQL queries should be '仅支持SELECT等只读操作' (only support SELECT and other read-only operations). However, it doesn't explicitly state when to use this tool versus the sibling database tools (query_mssql, query_oracle, query_postgresql), nor does it provide any exclusion criteria beyond the read-only constraint.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/xuejike/coding-db-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server