readonly-db-mcp
Safe MySQL exploration MCP with three-layer write protection, read-only queries and schema inspection for AI agents.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for readonly-db-mcp, derived from its capabilities.
AIVSS 4.0 ยท Medium
View MAESTRO 7-layer threat model โOverview
readonly-db-mcp lets AI agents explore MySQL databases through read-only queries and schema inspection, backed by three layers of write protection. Security surface: it stores DB host/user/password credentials and includes optional gated modes and audit logging, since the value of the server is precisely that it fronts a live database an agent could otherwise misuse.
Key features
- Three-layer write protection
- Read-only SQL query execution
- Schema and table inspection
- Optional gated mode and audit logging
Use cases
- Give an agent safe read access to production MySQL
- Ad-hoc schema exploration in chat