Package Metadata

Author: Amazon Web Services
Email: AWSLabs MCP <[email protected]>, Ken Zhang <[email protected]>
PyPI: awslabs.mysql-mcp-server
Python: >=3.10
Versions: 21 releases
First release: 22 May 2025, 20:05 UTC
Analysed: 08 Jun 2026, 14:50 UTC
Source files: 28 .py files scanned

Project Links

changelog docs documentation homepage repository

Classifiers

License :: OSI Approved :: Apache Software LicenseOperating System :: OS IndependentProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a high credential risk score due to suspicious file access attempts, which is concerning. Despite no clear signs of network or shell exploitation, the elevated credential risk warrants further investigation.

High credential risk
Potential attempt to access sensitive files

Per-check LLM notes

Network: The observed network patterns are somewhat unusual but could be legitimate if the package is intended to download necessary resources like CA bundles.
Shell: No shell execution patterns were detected, which is normal and expected.
Obfuscation: The obfuscation pattern observed is not inherently malicious but can be used to extend the package's path, which might obscure code intent.
Credentials: The credential harvesting pattern suggests an attempt to access sensitive files like /etc/passwd, indicating potential malicious activity.
Metadata: The maintainer has only one package, which might indicate a new or less active account, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Medium (6.6/10)

✦ High Test Suite 9.0

Test suite present — 16 test file(s) found

Test runner config found: conftest.py
Test runner config found: pyproject.toml
16 test file(s) detected (e.g. __init__.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "docs" -> https://awslabs.github.io/mcp/servers/mysql-mcp-server/
Detailed PyPI description (6992 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

38 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

42 unique contributor(s) across 100 commits in awslabs/mcp
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

⚠ Outbound Network Calls score 4.5

Found 3 network call pattern(s)

ntext-manager-shaped fake for urllib.request.urlopen(). The real `urlopen()` returns an object whose
scheme check before urlopen. urllib.request.urlopen accepts # any URL scheme, including file:// and
blic truststore. with urllib.request.urlopen( # nosec B310 _RDS_CA_BUNDLE_URL, timeo

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

amespace packages. __path__ = __import__('pkgutil').extend_path(__path__, __name__) # Copyright Amazon.com, In

✓ Shell / Subprocess Execution

No shell execution patterns detected

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

DLE_URL', 'file:///etc/passwd', ) with patch.object(hatch_build.urllib.r

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: amazon.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository awslabs/mcp appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Amazon Web Services" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with awslabs.mysql-mcp-server

Create a mini-application that leverages the 'awslabs.mysql-mcp-server' package to provide a simple yet powerful data management tool for MySQL databases. This application will serve as a bridge between users and their MySQL databases, allowing them to perform CRUD operations, manage database schemas, and monitor database health status. Here’s a detailed breakdown of the project requirements and steps:

1. **Setup**: Begin by installing the necessary dependencies, including 'awslabs.mysql-mcp-server'. Ensure your development environment is set up with Python and the required AWS credentials.
2. **Connection Management**: Implement functionality to connect to a MySQL database using the MCP server provided by 'awslabs.mysql-mcp-server'. This should include handling authentication and connection pooling.
3. **CRUD Operations**: Develop functions for performing basic CRUD operations (Create, Read, Update, Delete) on tables within the connected MySQL database. These operations should be accessible via command-line inputs or a simple UI.
4. **Schema Management**: Add features for managing database schema. Users should be able to create new tables, add columns, modify existing ones, and delete tables.
5. **Health Monitoring**: Integrate monitoring capabilities to check the health of the MySQL database. This could include checking the number of active connections, disk usage, and other relevant metrics.
6. **Security Features**: Implement security measures such as logging all actions performed on the database and restricting access based on user roles.
7. **Documentation**: Provide comprehensive documentation explaining how to install and use the application, along with examples of common tasks.

This project aims to demonstrate the versatility and power of the 'awslabs.mysql-mcp-server' package while providing a useful tool for developers and database administrators.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (6.6/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue