mysql-mcp-server
v0.1.3An MCP server that provides read-only access to MySQL databases.
11
Total
10
Critical
1
High
0
Medium
Findings
unknownEnvironment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
92: */
93: export function getConfigFromEnv() {
>>> 94: const host = process.env.MYSQL_HOST;
95: const portStr = process.env.MYSQL_PORT;
96: const user = process.env.MYSQL_USER;Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
93: export function getConfigFromEnv() {
94: const host = process.env.MYSQL_HOST;
>>> 95: const portStr = process.env.MYSQL_PORT;
96: const user = process.env.MYSQL_USER;
97: const password = process.env.MYSQL_PASSWORD;Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
94: const host = process.env.MYSQL_HOST;
95: const portStr = process.env.MYSQL_PORT;
>>> 96: const user = process.env.MYSQL_USER;
97: const password = process.env.MYSQL_PASSWORD;
98: const database = process.env.MYSQL_DATABASE;Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
95: const portStr = process.env.MYSQL_PORT;
96: const user = process.env.MYSQL_USER;
>>> 97: const password = process.env.MYSQL_PASSWORD;
98: const database = process.env.MYSQL_DATABASE;
99: // Connection pool optionsEnvironment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
96: const user = process.env.MYSQL_USER;
97: const password = process.env.MYSQL_PASSWORD;
>>> 98: const database = process.env.MYSQL_DATABASE;
99: // Connection pool options
100: const connectionLimitStr = process.env.MYSQL_CONNECTION_LIMIT;Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
98: const database = process.env.MYSQL_DATABASE;
99: // Connection pool options
>>> 100: const connectionLimitStr = process.env.MYSQL_CONNECTION_LIMIT;
101: const queueLimitStr = process.env.MYSQL_QUEUE_LIMIT;
102: const connectTimeoutStr = process.env.MYSQL_CONNECT_TIMEOUT;Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
99: // Connection pool options
100: const connectionLimitStr = process.env.MYSQL_CONNECTION_LIMIT;
>>> 101: const queueLimitStr = process.env.MYSQL_QUEUE_LIMIT;
102: const connectTimeoutStr = process.env.MYSQL_CONNECT_TIMEOUT;
103: const idleTimeoutStr = process.env.MYSQL_IDLE_TIMEOUT;Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
100: const connectionLimitStr = process.env.MYSQL_CONNECTION_LIMIT;
101: const queueLimitStr = process.env.MYSQL_QUEUE_LIMIT;
>>> 102: const connectTimeoutStr = process.env.MYSQL_CONNECT_TIMEOUT;
103: const idleTimeoutStr = process.env.MYSQL_IDLE_TIMEOUT;
104: const maxIdleStr = process.env.MYSQL_MAX_IDLE;Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
101: const queueLimitStr = process.env.MYSQL_QUEUE_LIMIT;
102: const connectTimeoutStr = process.env.MYSQL_CONNECT_TIMEOUT;
>>> 103: const idleTimeoutStr = process.env.MYSQL_IDLE_TIMEOUT;
104: const maxIdleStr = process.env.MYSQL_MAX_IDLE;
105: if (!host)Environment file access
Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.
102: const connectTimeoutStr = process.env.MYSQL_CONNECT_TIMEOUT;
103: const idleTimeoutStr = process.env.MYSQL_IDLE_TIMEOUT;
>>> 104: const maxIdleStr = process.env.MYSQL_MAX_IDLE;
105: if (!host)
106: throw new Error('MYSQL_HOST environment variable is required');Decoded base64 content: r���ਞw��*'>�%
Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.
Report false positive