@berthojoris/mcp-mysql-server 1.40.5 → 1.40.7

package/CHANGELOG.md

@@ -5,6 +5,29 @@ All notable changes to the MySQL MCP Server will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.40.7] - 2026-05-06
+
+### Added
+- Implemented `export_query_to_csv` end-to-end for SELECT query CSV exports.
+- Enhanced `list_all_tools` with a live runtime tool catalog, enabled/disabled status, access profile, and AI-agent workflow guidance.
+
+### Fixed
+- Fixed `export_query_to_csv` being advertised but failing with `Unknown tool`.
+- Fixed `list_all_tools` returning stale manifest data instead of the active MCP tool catalog.
+- Fixed `execute_in_transaction` permission checks to match its advertised transaction permission.
+- Hardened DDL tools by validating raw DDL statements and checking structured table, column, and index inputs before building SQL.
+- Added argument validation for Cursor bridge dispatches.
+
+## [1.40.6] - 2026-05-04
+
+### Added
+- Added `cursor_execute_request`, a no-argument compatibility bridge for Cursor MCP wrappers that cannot send tool `arguments`.
+- The bridge reads `.cursor/mysql-mcp-request.json` or `MYSQL_MCP_CURSOR_REQUEST_FILE` and dispatches to existing MCP tools or auto-routes SQL to SELECT, write, or DDL execution.
+
+### Changed
+- Updated tool totals in documentation to include the Cursor bridge.
+- Synchronized version metadata to `1.40.6`.
+
 ## [1.40.5] - 2026-04-08
 
 ### Fixed

package/DOCUMENTATIONS.md

@@ -1,8 +1,8 @@
 # MySQL MCP Server - Documentation
 
-**Last Updated:** 2026-04-08 14:30:00
-**Version:** 1.40.5
-**Total Tools:** 62
+**Last Updated:** 2026-05-06 22:38:42
+**Version:** 1.40.7
+**Total Tools:** 79
 
 Comprehensive documentation for the MySQL MCP Server. For quick start, see [README.md](README.md).
 
@@ -65,6 +65,42 @@ Configure MySQL MCP with two access-control layers:
 
 ---
 
+### Cursor Compatibility Bridge
+
+Some Cursor MCP wrappers can call a tool by name but cannot pass `arguments`. For that flow, write a request file at `.cursor/mysql-mcp-request.json` and call the no-argument `cursor_execute_request` tool.
+
+Execute any existing MCP tool:
+
+```json
+{
+  "tool": "execute_ddl",
+  "arguments": {
+    "query": "DROP TABLE IF EXISTS spark_processes;"
+  }
+}
+```
+
+Or execute SQL directly with automatic routing:
+
+```json
+{
+  "query": "DROP TABLE IF EXISTS spark_processes;",
+  "mode": "auto"
+}
+```
+
+Supported `mode` values are `auto`, `select`, `write`, and `ddl`. Set `MYSQL_MCP_CURSOR_REQUEST_FILE` to override the request file path.
+
+---
+
+### AI Agent Tool Discovery
+
+Use `list_all_tools` first when connecting from Codex, Claude Code CLI, Cursor, Droid CLI, or other MCP agents. It returns the live runtime catalog from the server, enabled/disabled status for each tool, the active permission/category profile, and recommended workflows for common agent tasks.
+
+For CSV exports, use `export_table_to_csv` for table-based exports and `export_query_to_csv` for SELECT query exports.
+
+---
+
 ## Permission System
 
 ### Available Permissions
@@ -92,12 +128,11 @@ Tool enabled = (Has Permission) AND (Has Category OR No categories specified)
 
 ## Tool Categories
 
-### 1. Database Discovery (5 tools)
+### 1. Database Discovery (4 tools)
 - `list_databases` - List all databases
 - `list_tables` - List tables in database
 - `read_table_schema` - Get table structure
 - `get_all_tables_relationships` - Get all FK relationships
-- `list_all_tools` - List available MCP tools
 
 ### 2. Analysis (4 tools)
 - `get_database_summary` - Database overview with statistics
@@ -125,7 +160,11 @@ Tool enabled = (Has Permission) AND (Has Category OR No categories specified)
 - `drop_table` - Delete tables
 - `execute_ddl` - Execute raw DDL
 
-### 6. Index Management (10 tools)
+### 6. Data Export (2 tools)
+- `export_table_to_csv` - Export table data to CSV
+- `export_query_to_csv` - Export SELECT query results to CSV
+
+### 7. Index Management (10 tools)
 - `list_indexes` - List table indexes
 - `get_index_info` - Get index details
 - `create_index` - Create indexes
@@ -137,7 +176,7 @@ Tool enabled = (Has Permission) AND (Has Category OR No categories specified)
 - `get_fulltext_stats` - Get FULLTEXT index statistics
 - `optimize_fulltext` - Optimize FULLTEXT indexes
 
-### 7. Constraint Management (7 tools)
+### 8. Constraint Management (7 tools)
 - `list_foreign_keys` - List foreign keys
 - `list_constraints` - List all constraints
 - `add_foreign_key` - Add foreign key
@@ -146,7 +185,7 @@ Tool enabled = (Has Permission) AND (Has Category OR No categories specified)
 - `drop_constraint` - Remove constraint
 - `add_check_constraint` - Add check constraint
 
-### 8. Stored Procedures (6 tools)
+### 9. Stored Procedures (6 tools)
 - `list_stored_procedures` - List procedures
 - `get_stored_procedure_info` - Get procedure details
 - `execute_stored_procedure` - Execute procedures
@@ -154,7 +193,7 @@ Tool enabled = (Has Permission) AND (Has Category OR No categories specified)
 - `drop_stored_procedure` - Remove procedures
 - `show_create_procedure` - Show CREATE statement
 
-### 9. Views Management (6 tools)
+### 10. Views Management (6 tools)
 - `list_views` - List views
 - `get_view_info` - Get view details
 - `create_view` - Create views
@@ -162,14 +201,14 @@ Tool enabled = (Has Permission) AND (Has Category OR No categories specified)
 - `drop_view` - Remove views
 - `show_create_view` - Show CREATE statement
 
-### 10. Triggers Management (5 tools)
+### 11. Triggers Management (5 tools)
 - `list_triggers` - List triggers
 - `get_trigger_info` - Get trigger details
 - `create_trigger` - Create triggers
 - `drop_trigger` - Remove triggers
 - `show_create_trigger` - Show CREATE statement
 
-### 11. Table Maintenance (8 tools)
+### 12. Table Maintenance (8 tools)
 - `analyze_table` - Update statistics
 - `optimize_table` - Reclaim space
 - `check_table` - Check for errors
@@ -179,23 +218,24 @@ Tool enabled = (Has Permission) AND (Has Category OR No categories specified)
 - `flush_table` - Close/reopen table
 - `get_table_size` - Get size information
 
-### 12. Transaction Management (5 tools)
+### 13. Transaction Management (5 tools)
 - `begin_transaction` - Start transaction
 - `commit_transaction` - Commit transaction
 - `rollback_transaction` - Rollback transaction
 - `get_transaction_status` - Check transaction state
 - `execute_in_transaction` - Execute within transaction
 
-### 13. Query Optimization (3 tools)
+### 14. Query Optimization (3 tools)
 - `analyze_query` - Analyze query performance
 - `get_optimization_hints` - Get optimizer hints
 - `repair_query` - Repair broken SQL queries
 
-### 14. Utilities (4 tools)
+### 15. Utilities (5 tools)
 - `test_connection` - Test connectivity
 - `describe_connection` - Connection info
 - `read_changelog` - Read changelog
-- `invalidate_table_cache` - Clear table cache
+- `cursor_execute_request` - Execute a file-backed request for clients that cannot send MCP arguments
+- `list_all_tools` - Runtime tool catalog with agent guidance
 
 ---
 

package/README.md

@@ -4,7 +4,7 @@
 
 **A production-ready Model Context Protocol (MCP) server for MySQL database integration with AI agents**
 
-**Last Updated:** 2026-04-08 14:30:00
+**Last Updated:** 2026-05-06 22:38:42
 
 [![npm version](https://img.shields.io/npm/v/@berthojoris/mcp-mysql-server)](https://www.npmjs.com/package/@berthojoris/mcp-mysql-server)
 [![npm downloads](https://img.shields.io/npm/dm/@berthojoris/mcp-mysql-server)](https://www.npmjs.com/package/@berthojoris/mcp-mysql-server)
@@ -211,6 +211,40 @@ For more client-specific config snippets, see **[DOCUMENTATIONS.md → Setup & C
 
 ---
 
+### Cursor Compatibility Bridge
+
+If a Cursor MCP wrapper can call tools but cannot send `arguments`, use the no-argument `cursor_execute_request` bridge. Create `.cursor/mysql-mcp-request.json` in the workspace, then call `cursor_execute_request`:
+
+```json
+{
+  "tool": "execute_ddl",
+  "arguments": {
+    "query": "DROP TABLE IF EXISTS spark_processes;"
+  }
+}
+```
+
+For direct SQL, the bridge can infer the right SQL tool:
+
+```json
+{
+  "query": "DROP TABLE IF EXISTS spark_processes;",
+  "mode": "auto"
+}
+```
+
+Set `MYSQL_MCP_CURSOR_REQUEST_FILE` to override the request file path.
+
+---
+
+### AI Agent Tool Discovery
+
+For Codex, Claude Code CLI, Cursor, Droid CLI, and other MCP agents, call `list_all_tools` first. It returns the live runtime catalog, enabled/disabled status, active permission/category profile, and recommended workflows for schema exploration, safe SELECT queries, CSV exports, transactions, and data changes.
+
+Use `export_table_to_csv` for table-based exports and `export_query_to_csv` for SELECT query exports.
+
+---
+
 ## Permission System
 
 Control database access with a **dual-layer filtering system** that provides both broad and fine-grained control:
@@ -250,7 +284,7 @@ Use documentation categories to fine-tune which tools are exposed (Layer 2):
 | `bulk_operations` | High-performance batch processing operations | `bulk_delete, bulk_insert, bulk_update` |
 | `custom_queries` | Execute custom SQL queries and advanced operations | `execute_write_query, run_select_query` |
 | `schema_management` | Manage database schema, tables, and structure | `alter_table, create_table, drop_table, execute_ddl` |
-| `utilities` | Database utilities, diagnostics, and helper functions | `describe_connection, export_query_to_csv, export_table_to_csv, list_all_tools, read_changelog, test_connection` |
+| `utilities` | Database utilities, diagnostics, and helper functions | `cursor_execute_request, describe_connection, export_query_to_csv, export_table_to_csv, list_all_tools, read_changelog, test_connection` |
 | `transaction_management` | Handle ACID transactions and rollback operations | `begin_transaction, commit_transaction, execute_in_transaction, get_transaction_status, rollback_transaction` |
 | `stored_procedures` | Create, execute, and manage stored procedures | `create_stored_procedure, drop_stored_procedure, execute_stored_procedure, get_stored_procedure_info, list_stored_procedures, show_create_procedure` |
 | `views_management` | Create and manage database views | `alter_view, create_view, drop_view, get_view_info, list_views, show_create_view` |
@@ -276,7 +310,7 @@ Full category → tool mapping (and examples) lives in **[DOCUMENTATIONS.md →
 
 ## Available Tools
 
-The server exposes **62 tools** organized into categories (CRUD, schema, and utilities).
+The server exposes **79 tools** organized into categories (CRUD, schema, and utilities).
 
 - Complete list of tools: **[DOCUMENTATIONS.md → Complete Tools Reference](DOCUMENTATIONS.md#🔧-complete-tools-reference)**
 

package/dist/config/featureConfig.js

@@ -53,7 +53,8 @@ exports.toolCategoryMap = {
     listDatabases: ToolCategory.LIST,
     listTables: ToolCategory.LIST,
     readTableSchema: ToolCategory.LIST,
-    list_all_tools: ToolCategory.LIST,
+    listAllTools: ToolCategory.UTILITY,
+    list_all_tools: ToolCategory.UTILITY,
     // Analysis tools (added here to group with database tools)
     getDatabaseSummary: ToolCategory.LIST,
     getSchemaERD: ToolCategory.LIST,
@@ -81,6 +82,8 @@ exports.toolCategoryMap = {
     executeDdl: ToolCategory.DDL,
     // Utility tools
     describeConnection: ToolCategory.UTILITY,
+    cursorExecuteRequest: ToolCategory.UTILITY,
+    cursor_execute_request: ToolCategory.UTILITY,
     testConnection: ToolCategory.UTILITY,
     getAllTablesRelationships: ToolCategory.UTILITY,
     exportTableToCSV: ToolCategory.UTILITY,
@@ -183,6 +186,8 @@ exports.toolDocCategoryMap = {
     // Utilities
     testConnection: DocCategory.UTILITIES,
     describeConnection: DocCategory.UTILITIES,
+    cursorExecuteRequest: DocCategory.UTILITIES,
+    cursor_execute_request: DocCategory.UTILITIES,
     exportTableToCSV: DocCategory.UTILITIES,
     exportTableToCsv: DocCategory.UTILITIES,
     export_table_to_csv: DocCategory.UTILITIES,
@@ -190,6 +195,7 @@ exports.toolDocCategoryMap = {
     exportQueryToCsv: DocCategory.UTILITIES,
     export_query_to_csv: DocCategory.UTILITIES,
     read_changelog: DocCategory.UTILITIES,
+    listAllTools: DocCategory.UTILITIES,
     list_all_tools: DocCategory.UTILITIES,
     // Transaction Management
     beginTransaction: DocCategory.TRANSACTION_MANAGEMENT,

package/dist/index.d.ts

@@ -203,7 +203,19 @@ export declare class MySQLMCP {
         data?: any;
         error?: string;
     }>;
-    listAllTools(): Promise<{
+    listAllTools(params?: {
+        tools?: Array<{
+            name: string;
+            description?: string;
+            inputSchema?: any;
+            input_schema?: any;
+            output_schema?: any;
+        }>;
+        enabledToolNames?: string[];
+        accessProfile?: any;
+        serverName?: string;
+        serverVersion?: string;
+    }): Promise<{
         status: string;
         data?: any;
         error?: string;
@@ -315,6 +327,15 @@ export declare class MySQLMCP {
         data?: any;
         error?: string;
     }>;
+    exportQueryToCSV(params: {
+        query: string;
+        params?: any[];
+        include_headers?: boolean;
+    }): Promise<{
+        status: string;
+        data?: any;
+        error?: string;
+    }>;
     repairQuery(params: {
         query: string;
         error_message?: string;

package/dist/index.js

@@ -134,7 +134,7 @@ class MySQLMCP {
             return { status: "error", error: check.error };
         }
         // Additional security check
-        if (!this.security.isReadOnlyQuery(params.query)) {
+        if (!this.security.isReadOnlyQuery(params.query, this.security.hasExecutePermission())) {
             return {
                 status: "error",
                 error: "Only SELECT queries are allowed with run_select_query. Use execute_write_query for other operations.",
@@ -239,12 +239,12 @@ class MySQLMCP {
         }
         return await this.utilityTools.readChangelog(params);
     }
-    async listAllTools() {
+    async listAllTools(params) {
         const check = this.checkToolEnabled("list_all_tools");
         if (!check.enabled) {
             return { status: "error", error: check.error };
         }
-        return await this.utilityTools.listAllTools();
+        return await this.utilityTools.listAllTools(params);
     }
     // Transaction Tools
     async beginTransaction(params) {
@@ -276,7 +276,7 @@ class MySQLMCP {
         return await this.transactionTools.getTransactionStatus();
     }
     async executeInTransaction(params) {
-        const check = this.checkToolEnabled("executeWriteQuery"); // Use executeWriteQuery permission for transaction queries
+        const check = this.checkToolEnabled("executeInTransaction");
         if (!check.enabled) {
             return { status: "error", error: check.error };
         }
@@ -333,6 +333,13 @@ class MySQLMCP {
         }
         return await this.dataExportTools.exportTableToCSV(params);
     }
+    async exportQueryToCSV(params) {
+        const check = this.checkToolEnabled("exportQueryToCSV");
+        if (!check.enabled) {
+            return { status: "error", error: check.error };
+        }
+        return await this.dataExportTools.exportQueryToCSV(params);
+    }
     // AI Productivity Tools
     async repairQuery(params) {
         const check = this.checkToolEnabled("repairQuery");

package/dist/mcp-server.js

@@ -1,6 +1,11 @@
 #!/usr/bin/env node
 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
 const index_js_1 = require("@modelcontextprotocol/sdk/server/index.js");
 const stdio_js_1 = require("@modelcontextprotocol/sdk/server/stdio.js");
 const types_js_1 = require("@modelcontextprotocol/sdk/types.js");
@@ -12,6 +17,8 @@ const toolArgumentValidation_js_1 = require("./tools/toolArgumentValidation.js")
 // Layer 2 (Categories): MCP_CATEGORIES (optional, for fine-grained control)
 const permissions = process.env.MCP_PERMISSIONS || process.env.MCP_CONFIG || "";
 const categories = process.env.MCP_CATEGORIES || "";
+const SERVER_NAME = "mysql-mcp-server";
+const SERVER_VERSION = "1.40.7";
 // Declare the MySQL MCP instance (will be initialized in main())
 let mysqlMCP;
 // Define all available tools with their schemas
@@ -641,6 +648,14 @@ const TOOLS = [
             properties: {},
         },
     },
+    {
+        name: "cursor_execute_request",
+        description: "Cursor compatibility bridge for clients that can call MCP tools but cannot send arguments. Reads .cursor/mysql-mcp-request.json (or MYSQL_MCP_CURSOR_REQUEST_FILE) and dispatches to the requested MySQL MCP tool. The request file supports {\"tool\":\"execute_ddl\",\"arguments\":{\"query\":\"DROP TABLE IF EXISTS t;\"}} or direct SQL with {\"query\":\"...\",\"mode\":\"auto\"}.",
+        inputSchema: {
+            type: "object",
+            properties: {},
+        },
+    },
     {
         name: "read_changelog",
         description: "Reads the MySQL MCP Server changelog to see version history, new features, bug fixes, and breaking changes. Useful for understanding tool capabilities and recent updates.",
@@ -1849,8 +1864,8 @@ const TOOLS = [
 ];
 // Create the MCP server
 const server = new index_js_1.Server({
-    name: "mysql-mcp-server",
-    version: "1.40.5",
+    name: SERVER_NAME,
+    version: SERVER_VERSION,
 }, {
     capabilities: {
         tools: {},
@@ -1865,6 +1880,111 @@ server.setRequestHandler(types_js_1.ListToolsRequestSchema, async () => {
         tools: enabledTools,
     };
 });
+const TOOL_METHOD_OVERRIDES = {
+    get_schema_erd: "getSchemaERD",
+    export_table_to_csv: "exportTableToCSV",
+    export_query_to_csv: "exportQueryToCSV",
+};
+const toCamelCase = (value) => value.replace(/_([a-z])/g, (_, letter) => letter.toUpperCase());
+const getRuntimeToolCatalog = () => {
+    const enabledTools = (0, toolRegistry_js_1.getEnabledTools)(mysqlMCP, TOOLS);
+    return {
+        tools: TOOLS.map((tool) => ({
+            name: tool.name,
+            description: tool.description,
+            inputSchema: tool.inputSchema,
+        })),
+        enabledToolNames: enabledTools.map((tool) => tool.name),
+        accessProfile: mysqlMCP.getAccessProfile(),
+        serverName: SERVER_NAME,
+        serverVersion: SERVER_VERSION,
+    };
+};
+const getCursorRequestFilePath = () => {
+    const configuredPath = process.env.MYSQL_MCP_CURSOR_REQUEST_FILE ||
+        process.env.MCP_MYSQL_REQUEST_FILE ||
+        ".cursor/mysql-mcp-request.json";
+    return path_1.default.isAbsolute(configuredPath)
+        ? configuredPath
+        : path_1.default.resolve(process.cwd(), configuredPath);
+};
+const inferSqlToolName = (query, mode = "auto") => {
+    const upperQuery = query.trim().toUpperCase();
+    if (mode === "select")
+        return "run_select_query";
+    if (mode === "write")
+        return "execute_write_query";
+    if (mode === "ddl")
+        return "execute_ddl";
+    if (/^(CREATE|ALTER|DROP|TRUNCATE|RENAME)\b/.test(upperQuery)) {
+        return "execute_ddl";
+    }
+    if (/^(INSERT|UPDATE|DELETE|REPLACE)\b/.test(upperQuery)) {
+        return "execute_write_query";
+    }
+    if (/^(SELECT|WITH)\b/.test(upperQuery)) {
+        return "run_select_query";
+    }
+    throw new Error("Unable to infer SQL tool. Set mode to one of: select, write, ddl.");
+};
+const executeToolByName = async (toolName, args = {}) => {
+    const knownToolNames = new Set(TOOLS.map((tool) => tool.name));
+    if (!knownToolNames.has(toolName)) {
+        throw new Error(`Unknown tool for Cursor bridge: ${toolName}`);
+    }
+    if (toolName === "cursor_execute_request") {
+        throw new Error("cursor_execute_request cannot dispatch to itself");
+    }
+    const validation = (0, toolArgumentValidation_js_1.validateToolArguments)(toolName, args);
+    if (!validation.valid) {
+        throw new Error(`Validation Error: ${validation.errors?.join(", ") || "Invalid arguments"}`);
+    }
+    if (toolName === "list_all_tools") {
+        return await mysqlMCP.listAllTools(getRuntimeToolCatalog());
+    }
+    const methodName = TOOL_METHOD_OVERRIDES[toolName] || toCamelCase(toolName);
+    const method = mysqlMCP[methodName];
+    if (typeof method !== "function") {
+        throw new Error(`No handler method found for Cursor bridge tool: ${toolName}`);
+    }
+    return await method.call(mysqlMCP, args);
+};
+const executeCursorRequest = async () => {
+    const requestFilePath = getCursorRequestFilePath();
+    if (!fs_1.default.existsSync(requestFilePath)) {
+        return {
+            status: "error",
+            error: `Cursor request file not found: ${requestFilePath}. ` +
+                'Create it with JSON like {"tool":"execute_ddl","arguments":{"query":"DROP TABLE IF EXISTS spark_processes;"}}',
+        };
+    }
+    let request;
+    try {
+        request = JSON.parse(fs_1.default.readFileSync(requestFilePath, "utf8"));
+    }
+    catch (error) {
+        return {
+            status: "error",
+            error: `Failed to read Cursor request file: ${error.message}`,
+        };
+    }
+    const requestedTool = request.tool || request.toolName || request.name;
+    if (requestedTool) {
+        return await executeToolByName(requestedTool, request.arguments || request.args || {});
+    }
+    if (request.query) {
+        const inferredTool = inferSqlToolName(request.query, request.mode || "auto");
+        return await executeToolByName(inferredTool, {
+            query: request.query,
+            params: request.params,
+            dry_run: request.dry_run,
+        });
+    }
+    return {
+        status: "error",
+        error: "Cursor request must contain either tool/toolName/name with arguments, or query with optional mode.",
+    };
+};
 // Handle tool call requests
 server.setRequestHandler(types_js_1.CallToolRequestSchema, async (request) => {
     const { name, arguments: args } = request.params;
@@ -1951,11 +2071,14 @@ server.setRequestHandler(types_js_1.CallToolRequestSchema, async (request) => {
             case "describe_connection":
                 result = await mysqlMCP.describeConnection();
                 break;
+            case "cursor_execute_request":
+                result = await executeCursorRequest();
+                break;
             case "test_connection":
                 result = await mysqlMCP.testConnection();
                 break;
             case "list_all_tools":
-                result = await mysqlMCP.listAllTools();
+                result = await mysqlMCP.listAllTools(getRuntimeToolCatalog());
                 break;
             case "read_changelog":
                 result = await mysqlMCP.readChangelog((args || {}));
@@ -2002,6 +2125,9 @@ server.setRequestHandler(types_js_1.CallToolRequestSchema, async (request) => {
             case "export_table_to_csv":
                 result = await mysqlMCP.exportTableToCSV((args || {}));
                 break;
+            case "export_query_to_csv":
+                result = await mysqlMCP.exportQueryToCSV((args || {}));
+                break;
             // Query Optimization Tools
             case "analyze_query":
                 result = mysqlMCP.analyzeQuery((args || {}));

package/dist/security/securityLayer.d.ts

@@ -71,7 +71,7 @@ export declare class SecurityLayer {
     /**
      * Check if a query is a read-only SELECT query or information query (SHOW, DESCRIBE, etc.)
      */
-    isReadOnlyQuery(query: string): boolean;
+    isReadOnlyQuery(query: string, bypassDangerousCheck?: boolean): boolean;
     /**
      * Check if a query contains dangerous operations
      */

package/dist/security/securityLayer.js

@@ -404,13 +404,13 @@ class SecurityLayer {
     /**
      * Check if a query is a read-only SELECT query or information query (SHOW, DESCRIBE, etc.)
      */
-    isReadOnlyQuery(query) {
+    isReadOnlyQuery(query, bypassDangerousCheck = false) {
         // Check if it's an information query first (SHOW, DESCRIBE, EXPLAIN, etc.)
         if (this.isInformationQuery(query)) {
             return true;
         }
         // Check if it's a SELECT query
-        const validation = this.validateQuery(query);
+        const validation = this.validateQuery(query, bypassDangerousCheck);
         return validation.valid && validation.queryType === "SELECT";
     }
     /**

package/dist/tools/dataExportTools.d.ts

@@ -12,6 +12,8 @@ export declare class DataExportTools {
      * Escape string value for SQL INSERT statements
      */
     private escapeValue;
+    private escapeCsvValue;
+    private rowsToCSV;
     /**
      * Export table data to CSV format
      */
@@ -26,4 +28,13 @@ export declare class DataExportTools {
         data?: any;
         error?: string;
     }>;
+    exportQueryToCSV(queryParams: {
+        query: string;
+        params?: any[];
+        include_headers?: boolean;
+    }): Promise<{
+        status: string;
+        data?: any;
+        error?: string;
+    }>;
 }