Features
Database support, MCP tools, transport modes, and security in Database MCP
Database MCP gives AI assistants structured access to your databases through the Model Context Protocol. This page summarizes what it can do.
Database Support
Database MCP connects to four database backends with a single binary:
| Backend | Versions | Notes |
|---|---|---|
| MySQL | 5.7+ / 8.x | Full support including character set configuration |
| MariaDB | 10.x+ | Treated as a distinct backend with its own defaults |
| PostgreSQL | 12+ | Native protocol support via libpq-compatible driver |
| SQLite | 3.x | File-based — requires only a path, no server needed |
Each backend has sensible defaults for host, port, and user. See Configuration for the full default table.
MCP Tools
Database MCP exposes tools through the MCP protocol. The available tool set depends on the database backend and read-only setting. AI assistants call these tools to explore and query your database.
Tool Availability
| Tool | MySQL / MariaDB | PostgreSQL | SQLite | Blocked when read-only |
|---|---|---|---|---|
listDatabases | Yes | Yes | No | No |
listTables | Yes | Yes | Yes | No |
getTableSchema | Yes | Yes | Yes | No |
readQuery | Yes | Yes | Yes | No |
writeQuery | Yes | Yes | Yes | Yes |
createDatabase | Yes | Yes | No | Yes |
dropDatabase | Yes | Yes | No | Yes |
dropTable | Yes | Yes | Yes | Yes |
explainQuery | Yes | Yes | Yes | No |
SQLite is file-based with a single database, so listDatabases, createDatabase, and dropDatabase are not applicable.
Cursor Pagination
Three tools — listDatabases, listTables, and readQuery (for SELECT results) — return one page at a time. Each paginated response carries up to the configured page size (default 100; see --db-page-size for how to change it) plus, when more items remain, a nextCursor string alongside the result data.
To walk the full result, call the tool again with the previous response's nextCursor as the new cursor argument. Iteration ends when a response omits nextCursor. An empty first page with no nextCursor is also a valid terminal response.
Cursors are opaque tokens. Treat them as black-box strings — do not parse, modify, or persist them across server restarts. Passing a malformed cursor returns a JSON-RPC error (code -32602); the server does not silently restart from the beginning.
Only SELECT statements in readQuery paginate. SHOW, DESCRIBE / DESC, USE, and EXPLAIN always return a single page and ignore any cursor argument.
listDatabases
Discover accessible databases on the connected server. This is typically the first tool an assistant calls to understand what data is available. Results are paginated — see Cursor Pagination for the protocol. Not available for SQLite.
listTables
List tables in a specific database, one page at a time. Requires a database name (use listDatabases first on MySQL/MariaDB/PostgreSQL). Results are paginated — see Cursor Pagination for the protocol.
getTableSchema
Inspect column definitions for a table — column names, types, nullability, keys, default values, and foreign key relationships (constraint name, referenced table/column, cascade rules). Helps assistants understand both table structure and how tables connect to each other.
readQuery
Execute a read-only SQL query (SELECT, SHOW, DESCRIBE, USE, EXPLAIN) against a specific database. This tool is always available and enforces SQL validation — write statements are rejected even when read-only mode is disabled. See Security for details on query validation. SELECT results are paginated — see Cursor Pagination for the protocol. SHOW, DESCRIBE, USE, and EXPLAIN always return a single page and ignore any cursor argument.
writeQuery
Execute a write SQL query (INSERT, UPDATE, DELETE, CREATE, ALTER, DROP) against a specific database. This tool is only available when read-only mode is disabled. No SQL type validation is performed — the tool boundary is the access control.
createDatabase
Create a new database. Only available when read-only mode is disabled. Not supported for SQLite.
dropDatabase
Drop an existing database. Refuses to drop the currently connected database. Only available when read-only mode is disabled. Not supported for SQLite.
dropTable
Drop a table from a database. If the table has foreign key dependents, the database error is surfaced directly — no silent failures. On PostgreSQL, a cascade parameter is available to force the drop using CASCADE, which also removes dependent foreign key constraints. Only available when read-only mode is disabled.
explainQuery
Return the execution plan for a SQL query. Supports an optional analyze parameter for actual execution statistics on PostgreSQL and MySQL/MariaDB. In read-only mode, EXPLAIN ANALYZE is only allowed for read-only statements (SELECT, SHOW) since it actually executes the query. SQLite always uses EXPLAIN QUERY PLAN and does not support ANALYZE. Always available regardless of read-only mode.
Transport Modes
Database MCP supports two transport modes for communicating with MCP clients.
Stdio
The server communicates over standard input/output. This mode works with local MCP clients like Claude Desktop, Claude Code, and Cursor. No network configuration is needed — the client launches the server as a subprocess and passes the stdio subcommand.
Best for: Local development, single-user setups, desktop MCP clients.
HTTP
The server runs as an HTTP service with Streamable HTTP transport and CORS support. This mode is useful for remote access or shared environments where multiple clients connect to the same server.
Best for: Remote servers, shared team databases, environments where the MCP client cannot launch local processes.
See Configuration for HTTP-specific options like bind host, port, and allowed origins.
Single Binary
Database MCP ships as a single compiled binary with no runtime dependencies. There is no language runtime to install, no package manager to configure, and no dependency tree to manage. Download the binary for your platform and it is ready to use.