@berthojoris/mcp-mysql-server 1.16.3 → 1.16.4

package/CHANGELOG.md

@@ -5,6 +5,17 @@ All notable changes to the MySQL MCP Server will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.16.4] - 2025-12-12
+
+### Added
+- **Phase 2: AI Enhancement Tools** - 3 new tools to improve AI-assisted database engineering:
+  - `design_schema_from_requirements` - Natural-language schema design assistant that proposes tables, relationships, and DDL (non-executing)
+  - `audit_database_security` - Best-effort database security audit assistant with prioritized findings and recommendations
+  - `recommend_indexes` - Automated index recommendation system using performance_schema query digests and existing index introspection
+
+### Documentation
+- Updated README.md and DOCUMENTATIONS.md to include the new Phase 2 AI Enhancement tools.
+
 ## [1.16.3] - 2025-12-11
 
 ### Documentation

package/DOCUMENTATIONS.md

@@ -7,7 +7,7 @@ This file contains detailed documentation for all features of the MySQL MCP Serv
 ## Table of Contents
 
 1. [Category Filtering System](#🆕-category-filtering-system) - NEW!
-2. [🔧 Complete Tools Reference](#🔧-complete-tools-reference) - All 134 tools organized by category
+2. [🔧 Complete Tools Reference](#🔧-complete-tools-reference) - All 145 tools organized by category
 3. [DDL Operations](#🏗️-ddl-operations)
 4. [Data Export Tools](#📤-data-export-tools)
 5. [Data Import Tools](#📥-data-import-tools)
@@ -240,7 +240,7 @@ The system uses both arguments to determine access:
 - **3rd argument**: Categories (Layer 2, optional) - comma-separated documentation categories
 
 **Decision logic**:
-1. If no arguments: All 120 tools enabled
+1. If no arguments: All 145 tools enabled
 2. If only 2nd argument (permissions): Tools enabled if they match permission
 3. If both arguments: Tools enabled if they match BOTH permission AND category
 
@@ -285,7 +285,7 @@ Add 'bulk_operations' to the categories argument.
 
 ## 🔧 Complete Tools Reference
 
-This section provides a comprehensive reference of all 120 available tools organized by category.
+This section provides a comprehensive reference of all 145 available tools organized by category.
 
 ### Database Discovery
 
@@ -3005,7 +3005,7 @@ Reset Performance Schema statistics to start fresh monitoring.
 
 ## 🤖 AI Enhancement Tools
 
-The AI Enhancement tools provide intelligent, AI-powered features for database exploration, query generation, and documentation. These tools are part of **Phase 1: Core AI Enhancement**.
+The AI Enhancement tools provide intelligent, AI-powered features for database exploration, query generation, documentation, schema design, security auditing, and index recommendations. These tools include **Phase 1-2** enhancements.
 
 ### Tool Overview
 
@@ -3019,6 +3019,9 @@ The AI Enhancement tools provide intelligent, AI-powered features for database e
 | `generate_documentation` | Generates comprehensive database documentation | `ai_enhancement` |
 | `generate_data_dictionary` | Creates detailed data dictionaries for tables | `ai_enhancement` |
 | `generate_business_glossary` | Builds business glossaries from column names | `ai_enhancement` |
+| `design_schema_from_requirements` | Designs a proposed schema and outputs DDL from natural language requirements | `ai_enhancement` |
+| `audit_database_security` | Audits MySQL security configuration and (optionally) accounts/privileges | `ai_enhancement` |
+| `recommend_indexes` | Suggests concrete CREATE INDEX statements from observed query patterns | `ai_enhancement` |
 
 ### Intelligent Query Assistant
 
@@ -3081,6 +3084,85 @@ Analyzes a SQL query and provides suggestions for optimization.
 - `memory` - Focuses on memory usage optimization
 - `readability` - Suggests formatting and clarity improvements
 
+### Schema Design
+
+#### `design_schema_from_requirements`
+
+Design a proposed schema (tables, columns, relationships) from business requirements and output suggested DDL. This tool **does not execute** any DDL.
+
+```javascript
+{
+  "tool": "design_schema_from_requirements",
+  "arguments": {
+    "requirements_text": "We need to manage customers and orders. A customer has many orders. Orders have total_amount and order_date.",
+    "naming_convention": "snake_case",
+    "include_audit_columns": true,
+    "id_type": "BIGINT"
+  }
+}
+
+// With explicit entity hints to improve accuracy
+{
+  "tool": "design_schema_from_requirements",
+  "arguments": {
+    "requirements_text": "Basic e-commerce",
+    "entities": [
+      { "name": "customers", "fields": ["email", "name"] },
+      { "name": "orders", "fields": ["total_amount", "order_date"] }
+    ]
+  }
+}
+```
+
+**Response includes:**
+- Proposed tables + columns (with inferred types)
+- Inferred relationships (FK suggestions)
+- `ddl_statements` array with CREATE TABLE / CREATE INDEX suggestions
+
+### Security Audit
+
+#### `audit_database_security`
+
+Runs a best-effort security audit using read-only inspection queries (e.g., `SHOW VARIABLES`, and optionally `mysql.user` / `INFORMATION_SCHEMA` where permitted).
+
+```javascript
+{
+  "tool": "audit_database_security",
+  "arguments": {
+    "include_user_account_checks": true,
+    "include_privilege_checks": true
+  }
+}
+```
+
+**Response includes:**
+- Prioritized findings with severities and recommendations
+- Summary counts by severity
+- Notes when checks are skipped due to missing privileges
+
+### Index Recommendations
+
+#### `recommend_indexes`
+
+Analyzes `performance_schema` digests to propose concrete indexing strategies.
+
+```javascript
+{
+  "tool": "recommend_indexes",
+  "arguments": {
+    "max_query_patterns": 25,
+    "min_execution_count": 10,
+    "min_avg_time_ms": 5,
+    "max_recommendations": 20,
+    "include_unused_index_warnings": true
+  }
+}
+```
+
+**Notes:**
+- Requires `performance_schema` enabled and accessible by the MySQL user.
+- Always validate recommendations with `EXPLAIN` and production-like testing.
+
 ### Smart Data Discovery
 
 #### `smart_search`

package/README.md

@@ -49,7 +49,7 @@ Add to your AI agent config (`.mcp.json`, `.cursor/mcp.json`, etc.):
   - [Environment Variables](#environment-variables-configuration)
   - [Local Development](#local-path-configuration)
 - [Permission System](#permission-system)
-- [Available Tools (134 total)](#available-tools)
+- [Available Tools (145 total)](#available-tools)
 - [Documentation](DOCUMENTATIONS.md)
 - [Comparison: MCP vs Manual Access](#mysql-mcp-vs-manual-database-access)
 - [License](#license)
@@ -496,7 +496,7 @@ Use these categories for fine-grained control that matches the tool organization
 | `data_migration` | 5 | Copy, move, clone, sync table data |
 | `schema_migrations` | 9 | Version control for database schema |
 | `analysis` | 4 | AI context optimization and data analysis |
-| `ai_enhancement` | 8 | AI-powered query building, smart search, and documentation generation |
+| `ai_enhancement` | 11 | AI-powered query building, smart discovery, documentation, schema design, security audit, and index recommendations |
 
 ### Legacy Categories (Backward Compatible)
 
@@ -526,7 +526,7 @@ Use these categories for fine-grained control that matches the tool organization
 | **Application Backend** | `database_discovery,crud_operations,bulk_operations,custom_queries,transaction_management` | Full app support |
 | **Development & Testing** | `database_discovery,crud_operations,bulk_operations,custom_queries,schema_management,utilities,transaction_management` | Development access |
 | **DBA & DevOps** | `database_discovery,schema_management,table_maintenance,backup_restore,schema_migrations,performance_monitoring` | Admin tasks |
-| **Full Access** | *(leave empty)* | All 124 tools enabled |
+| **Full Access** | *(leave empty)* | All 145 tools enabled |
 
 #### Using Legacy Categories (Backward Compatible)
 
@@ -647,11 +647,11 @@ Use both 2nd argument (permissions) and 3rd argument (categories):
 
 ## Available Tools
 
-The MCP server provides **142 powerful tools** organized into 23 categories:
+The MCP server provides **145 powerful tools** organized into 23 categories:
 
 ### Quick Reference
 
-**142 Tools Available** - Organized into 23 categories
+**145 Tools Available** - Organized into 23 categories
 
 | Category | Count | Key Tools |
 |----------|-------|-----------|
@@ -678,9 +678,9 @@ The MCP server provides **142 powerful tools** organized into 23 categories:
 | Schema Migrations | 9 | `create_migration`, `apply_migrations` |
 | Utilities | 4 | `test_connection`, `export_table_to_csv` |
 | Analysis | 4 | `get_column_statistics`, `get_database_summary`, `get_schema_erd` |
-| **AI Enhancement** | 8 | `build_query_from_intent`, `suggest_query_improvements`, `smart_search`, `find_similar_columns`, `discover_data_patterns`, `generate_documentation`, `generate_data_dictionary`, `generate_business_glossary` |
+| **AI Enhancement** | 11 | `build_query_from_intent`, `suggest_query_improvements`, `smart_search`, `find_similar_columns`, `discover_data_patterns`, `generate_documentation`, `generate_data_dictionary`, `generate_business_glossary`, `design_schema_from_requirements`, `audit_database_security`, `recommend_indexes` |
 
-### 🤖 AI Enhancement Tools (Phase 1 - Implemented)
+### 🤖 AI Enhancement Tools (Phase 1-2 - Implemented)
 
 The MySQL MCP server includes advanced AI-powered productivity tools:
 
@@ -701,6 +701,11 @@ The MySQL MCP server includes advanced AI-powered productivity tools:
 - **`generate_business_glossary`** - Business terminology mapping to technical fields
 - *Use case: Generate complete documentation for a new database in seconds*
 
+#### **Schema + Security + Indexing (Phase 2)**
+- **`design_schema_from_requirements`** - Generate proposed tables, relationships, and DDL from business requirements
+- **`audit_database_security`** - Best-effort MySQL security audit with prioritized findings
+- **`recommend_indexes`** - Concrete index recommendations from observed query patterns (performance_schema)
+
 > **📖 For detailed tool descriptions, parameters, and examples, see [DOCUMENTATIONS.md](DOCUMENTATIONS.md#🔧-complete-tools-reference)**
 
 ---
@@ -717,7 +722,7 @@ For comprehensive documentation, see **[DOCUMENTATIONS.md](DOCUMENTATIONS.md)**:
 - **Schema Versioning** - Version control for database schema changes
 - **Transaction Management** - ACID transactions
 - **Stored Procedures** - Create and execute with IN/OUT/INOUT parameters
-- **🤖 AI Enhancement** - Natural language to SQL, smart data discovery, and auto-documentation (Phase 1 Complete)
+- **🤖 AI Enhancement** - Natural language to SQL, smart data discovery, schema design, security audit, and index recommendations (Phase 1-2)
 - **Query Logging** - See all SQL queries executed automatically
 - **Security Features** - Built-in security and best practices
 - **Bulk Operations** - High-performance batch processing

package/dist/config/featureConfig.js

@@ -321,6 +321,10 @@ exports.toolCategoryMap = {
     generateDocumentation: ToolCategory.UTILITY,
     generateDataDictionary: ToolCategory.UTILITY,
     generateBusinessGlossary: ToolCategory.UTILITY,
+    // Phase 2: AI Enhancement Tools
+    designSchemaFromRequirements: ToolCategory.UTILITY,
+    auditDatabaseSecurity: ToolCategory.UTILITY,
+    recommendIndexes: ToolCategory.UTILITY,
 };
 /**
  * Map of tool names to their documentation categories (New Enhanced System)
@@ -483,6 +487,10 @@ exports.toolDocCategoryMap = {
     generateDocumentation: DocCategory.AI_ENHANCEMENT,
     generateDataDictionary: DocCategory.AI_ENHANCEMENT,
     generateBusinessGlossary: DocCategory.AI_ENHANCEMENT,
+    // Phase 2: AI Enhancement
+    designSchemaFromRequirements: DocCategory.AI_ENHANCEMENT,
+    auditDatabaseSecurity: DocCategory.AI_ENHANCEMENT,
+    recommendIndexes: DocCategory.AI_ENHANCEMENT,
 };
 /**
  * Mapping between legacy categories and documentation categories

package/dist/index.d.ts

@@ -28,6 +28,9 @@ export declare class MySQLMCP {
     private intelligentQueryTools;
     private smartDiscoveryTools;
     private documentationGeneratorTools;
+    private schemaDesignTools;
+    private securityAuditTools;
+    private indexRecommendationTools;
     private security;
     private featureConfig;
     constructor(permissionsConfig?: string, categoriesConfig?: string, presetName?: string);
@@ -1400,5 +1403,114 @@ export declare class MySQLMCP {
         };
         error?: string;
     }>;
+    designSchemaFromRequirements(params: {
+        requirements_text: string;
+        entities?: Array<{
+            name: string;
+            fields?: string[];
+        }>;
+        naming_convention?: "snake_case" | "camelCase";
+        include_audit_columns?: boolean;
+        id_type?: "BIGINT" | "UUID";
+        engine?: string;
+        charset?: string;
+        collation?: string;
+    }): Promise<{
+        status: string;
+        data?: {
+            input: {
+                requirements_text: string;
+                inferred_entities_count: number;
+            };
+            tables: Array<{
+                table_name: string;
+                columns: Array<{
+                    name: string;
+                    type: string;
+                    nullable: boolean;
+                    primary_key?: boolean;
+                    unique?: boolean;
+                    references?: {
+                        table: string;
+                        column: string;
+                    };
+                }>;
+                indexes: Array<{
+                    name: string;
+                    columns: string[];
+                    unique?: boolean;
+                }>;
+            }>;
+            relationships: Array<{
+                from_table: string;
+                from_column: string;
+                to_table: string;
+                to_column: string;
+                type: "one_to_many" | "many_to_one";
+            }>;
+            ddl_statements: string[];
+            notes: string[];
+        };
+        error?: string;
+    }>;
+    auditDatabaseSecurity(params?: {
+        database?: string;
+        include_user_account_checks?: boolean;
+        include_privilege_checks?: boolean;
+    }): Promise<{
+        status: string;
+        data?: {
+            database: string;
+            findings: Array<{
+                severity: "critical" | "medium" | "info" | "low" | "high";
+                title: string;
+                evidence?: string;
+                recommendation: string;
+            }>;
+            summary: {
+                critical: number;
+                high: number;
+                medium: number;
+                low: number;
+                info: number;
+            };
+            notes: string[];
+        };
+        error?: string;
+    }>;
+    recommendIndexes(params?: {
+        database?: string;
+        max_query_patterns?: number;
+        max_recommendations?: number;
+        min_execution_count?: number;
+        min_avg_time_ms?: number;
+        include_unused_index_warnings?: boolean;
+    }): Promise<{
+        status: string;
+        data?: {
+            database: string;
+            analyzed_query_patterns: number;
+            recommendations: Array<{
+                table_name: string;
+                columns: string[];
+                proposed_index_name: string;
+                create_index_sql: string;
+                reason: string;
+                supporting_query_patterns: Array<{
+                    query_pattern: string;
+                    execution_count: number;
+                    avg_execution_time_ms: number;
+                }>;
+            }>;
+            unused_index_warnings?: Array<{
+                table_schema: string;
+                table_name: string;
+                index_name: string;
+                note: string;
+            }>;
+            notes: string[];
+        };
+        error?: string;
+    }>;
 }
 export default MySQLMCP;

package/dist/index.js

@@ -29,6 +29,9 @@ const macroTools_1 = require("./tools/macroTools");
 const intelligentQueryTools_1 = require("./tools/intelligentQueryTools");
 const smartDiscoveryTools_1 = require("./tools/smartDiscoveryTools");
 const documentationGeneratorTools_1 = require("./tools/documentationGeneratorTools");
+const schemaDesignTools_1 = require("./tools/schemaDesignTools");
+const securityAuditTools_1 = require("./tools/securityAuditTools");
+const indexRecommendationTools_1 = require("./tools/indexRecommendationTools");
 const securityLayer_1 = __importDefault(require("./security/securityLayer"));
 const connection_1 = __importDefault(require("./db/connection"));
 const featureConfig_1 = require("./config/featureConfig");
@@ -66,6 +69,9 @@ class MySQLMCP {
         this.intelligentQueryTools = new intelligentQueryTools_1.IntelligentQueryTools(this.security);
         this.smartDiscoveryTools = new smartDiscoveryTools_1.SmartDiscoveryTools(this.security);
         this.documentationGeneratorTools = new documentationGeneratorTools_1.DocumentationGeneratorTools(this.security);
+        this.schemaDesignTools = new schemaDesignTools_1.SchemaDesignTools(this.security);
+        this.securityAuditTools = new securityAuditTools_1.SecurityAuditTools();
+        this.indexRecommendationTools = new indexRecommendationTools_1.IndexRecommendationTools(this.security);
     }
     // Helper method to check if tool is enabled
     checkToolEnabled(toolName) {
@@ -1128,6 +1134,27 @@ class MySQLMCP {
             return { status: "error", error: check.error };
         return await this.documentationGeneratorTools.generateBusinessGlossaryReport(params);
     }
+    // ==========================================
+    // PHASE 2: AI Enhancement Tools (Schema + Security + Indexing)
+    // ==========================================
+    async designSchemaFromRequirements(params) {
+        const check = this.checkToolEnabled("designSchemaFromRequirements");
+        if (!check.enabled)
+            return { status: "error", error: check.error };
+        return await this.schemaDesignTools.designSchemaFromRequirements(params);
+    }
+    async auditDatabaseSecurity(params) {
+        const check = this.checkToolEnabled("auditDatabaseSecurity");
+        if (!check.enabled)
+            return { status: "error", error: check.error };
+        return await this.securityAuditTools.auditDatabaseSecurity(params);
+    }
+    async recommendIndexes(params) {
+        const check = this.checkToolEnabled("recommendIndexes");
+        if (!check.enabled)
+            return { status: "error", error: check.error };
+        return await this.indexRecommendationTools.recommendIndexes(params);
+    }
 }
 exports.MySQLMCP = MySQLMCP;
 exports.default = MySQLMCP;

package/dist/mcp-server.js

@@ -2883,6 +2883,115 @@ const TOOLS = [
             required: ["query"],
         },
     },
+    // ==========================================
+    // PHASE 2: AI Enhancement Tools (Schema + Security + Indexing)
+    // ==========================================
+    {
+        name: "design_schema_from_requirements",
+        description: "Designs a database schema from natural language requirements. Returns a proposed schema spec and CREATE TABLE / CREATE INDEX statements (does not execute DDL).",
+        inputSchema: {
+            type: "object",
+            properties: {
+                requirements_text: {
+                    type: "string",
+                    description: "Business requirements in natural language, optionally including entity/field hints.",
+                },
+                entities: {
+                    type: "array",
+                    description: "Optional explicit entity hints to improve accuracy (each entity may include fields).",
+                    items: {
+                        type: "object",
+                        properties: {
+                            name: { type: "string" },
+                            fields: { type: "array", items: { type: "string" } },
+                        },
+                        required: ["name"],
+                    },
+                },
+                naming_convention: {
+                    type: "string",
+                    enum: ["snake_case", "camelCase"],
+                    description: "Naming convention for generated identifiers (default: snake_case).",
+                },
+                include_audit_columns: {
+                    type: "boolean",
+                    description: "Whether to include created_at/updated_at columns (default: true).",
+                },
+                id_type: {
+                    type: "string",
+                    enum: ["BIGINT", "UUID"],
+                    description: "Primary key type for id columns (default: BIGINT).",
+                },
+                engine: {
+                    type: "string",
+                    description: "Storage engine for CREATE TABLE (default: InnoDB).",
+                },
+                charset: {
+                    type: "string",
+                    description: "Default charset (default: utf8mb4).",
+                },
+                collation: {
+                    type: "string",
+                    description: "Default collation (default: utf8mb4_unicode_ci).",
+                },
+            },
+            required: ["requirements_text"],
+        },
+    },
+    {
+        name: "audit_database_security",
+        description: "Audits MySQL security configuration and (optionally) accounts/privileges using read-only inspection queries. Returns prioritized findings and recommendations.",
+        inputSchema: {
+            type: "object",
+            properties: {
+                database: {
+                    type: "string",
+                    description: "Optional: specific database name",
+                },
+                include_user_account_checks: {
+                    type: "boolean",
+                    description: "Include account checks (requires mysql.user privileges, default: true).",
+                },
+                include_privilege_checks: {
+                    type: "boolean",
+                    description: "Include privilege summary checks via INFORMATION_SCHEMA (default: true).",
+                },
+            },
+        },
+    },
+    {
+        name: "recommend_indexes",
+        description: "Analyzes real query patterns from performance_schema digests and suggests concrete CREATE INDEX statements. Uses heuristics to avoid duplicate/redundant indexes.",
+        inputSchema: {
+            type: "object",
+            properties: {
+                database: {
+                    type: "string",
+                    description: "Optional: specific database name",
+                },
+                max_query_patterns: {
+                    type: "number",
+                    description: "Max query patterns to analyze from digests (default: 25, max: 200).",
+                },
+                max_recommendations: {
+                    type: "number",
+                    description: "Max index recommendations to return (default: 25, max: 200).",
+                },
+                min_execution_count: {
+                    type: "number",
+                    description: "Minimum executions for a digest to be considered (default: 5).",
+                },
+                min_avg_time_ms: {
+                    type: "number",
+                    description: "Minimum average execution time (ms) for a digest to be considered (default: 5).",
+                },
+                include_unused_index_warnings: {
+                    type: "boolean",
+                    description: "Include unused index warnings (default: false).",
+                },
+            },
+        },
+    },
     // Smart Data Discovery
     {
         name: "smart_search",
@@ -3531,6 +3640,18 @@ server.setRequestHandler(types_js_1.CallToolRequestSchema, async (request) => {
             case "generate_business_glossary":
                 result = await mysqlMCP.generateBusinessGlossary((args || {}));
                 break;
+            // ==========================================
+            // PHASE 2: AI Enhancement Tools (Schema + Security + Indexing)
+            // ==========================================
+            case "design_schema_from_requirements":
+                result = await mysqlMCP.designSchemaFromRequirements((args || {}));
+                break;
+            case "audit_database_security":
+                result = await mysqlMCP.auditDatabaseSecurity((args || {}));
+                break;
+            case "recommend_indexes":
+                result = await mysqlMCP.recommendIndexes((args || {}));
+                break;
             default:
                 throw new Error(`Unknown tool: ${name}`);
         }

package/dist/tools/indexRecommendationTools.d.ts

@@ -0,0 +1,50 @@
+import { SecurityLayer } from "../security/securityLayer";
+export declare class IndexRecommendationTools {
+    private db;
+    private security;
+    constructor(security: SecurityLayer);
+    private validateDatabaseAccess;
+    recommendIndexes(params?: {
+        database?: string;
+        max_query_patterns?: number;
+        max_recommendations?: number;
+        min_execution_count?: number;
+        min_avg_time_ms?: number;
+        include_unused_index_warnings?: boolean;
+    }): Promise<{
+        status: string;
+        data?: {
+            database: string;
+            analyzed_query_patterns: number;
+            recommendations: Array<{
+                table_name: string;
+                columns: string[];
+                proposed_index_name: string;
+                create_index_sql: string;
+                reason: string;
+                supporting_query_patterns: Array<{
+                    query_pattern: string;
+                    execution_count: number;
+                    avg_execution_time_ms: number;
+                }>;
+            }>;
+            unused_index_warnings?: Array<{
+                table_schema: string;
+                table_name: string;
+                index_name: string;
+                note: string;
+            }>;
+            notes: string[];
+        };
+        error?: string;
+    }>;
+    private bumpCounts;
+    private pickIndexColumns;
+    private buildReasonString;
+    private makeIndexName;
+    private isCoveredByExistingIndex;
+    private getExistingIndexMap;
+    private getTopSelectDigests;
+    private getUnusedIndexes;
+    private parseQueryPattern;
+}