@neverinfamous/mysql-mcp 2.2.0 → 2.3.0

package/src/adapters/mysql/tools/__tests__/security.test.ts

@@ -289,6 +289,45 @@ describe("Security Tools", () => {
       expect(result.type).toBe("credit_card");
       expect(result.warning).toContain("too short");
     });
+
+    it("should fully mask 8-digit credit card values with warning", async () => {
+      const tool = tools.find((t) => t.name === "mysql_security_mask_data");
+      const result = (await tool?.handler(
+        { value: "12345678", type: "credit_card" },
+        mockContext,
+      )) as any;
+
+      expect(result.original).toBe("12345678");
+      expect(result.masked).toBe("********");
+      expect(result.type).toBe("credit_card");
+      expect(result.warning).toContain("too short");
+    });
+
+    it("should return warning when partial masking is ineffective", async () => {
+      const tool = tools.find((t) => t.name === "mysql_security_mask_data");
+      const result = (await tool?.handler(
+        { value: "AB", type: "partial", keepFirst: 5, keepLast: 5 },
+        mockContext,
+      )) as any;
+
+      expect(result.original).toBe("AB");
+      expect(result.masked).toBe("AB");
+      expect(result.type).toBe("partial");
+      expect(result.warning).toContain("Masking ineffective");
+    });
+
+    it("should return warning for empty string partial masking", async () => {
+      const tool = tools.find((t) => t.name === "mysql_security_mask_data");
+      const result = (await tool?.handler(
+        { value: "", type: "partial", keepFirst: 0, keepLast: 0 },
+        mockContext,
+      )) as any;
+
+      expect(result.original).toBe("");
+      expect(result.masked).toBe("");
+      expect(result.type).toBe("partial");
+      expect(result.warning).toContain("Masking ineffective");
+    });
   });
 
   describe("mysql_security_password_validate", () => {

package/src/adapters/mysql/tools/__tests__/spatial.test.ts

@@ -115,11 +115,12 @@ describe("Handler Execution", () => {
 
   describe("mysql_spatial_create_index", () => {
     it("should create a spatial index", async () => {
-      // First call returns column info (NOT NULL column), second call is the index creation
+      // First call: column info (NOT NULL), second: no existing index, third: CREATE
       mockAdapter.executeQuery
         .mockResolvedValueOnce(
           createMockQueryResult([{ IS_NULLABLE: "NO", DATA_TYPE: "point" }]),
         )
+        .mockResolvedValueOnce(createMockQueryResult([]))
         .mockResolvedValueOnce(createMockQueryResult([]));
 
       const tool = tools.find((t) => t.name === "mysql_spatial_create_index")!;
@@ -132,8 +133,8 @@ describe("Handler Execution", () => {
         mockContext,
       );
 
-      expect(mockAdapter.executeQuery).toHaveBeenCalledTimes(2);
-      const call = mockAdapter.executeQuery.mock.calls[1][0] as string;
+      expect(mockAdapter.executeQuery).toHaveBeenCalledTimes(3);
+      const call = mockAdapter.executeQuery.mock.calls[2][0] as string;
       expect(call).toContain("SPATIAL INDEX");
       expect(result).toHaveProperty("success", true);
     });
@@ -162,13 +163,18 @@ describe("Handler Execution", () => {
       });
     });
 
-    it("should handle index creation errors gracefully", async () => {
-      // First call returns column info, second call fails
+    it("should return structured reason for duplicate index", async () => {
+      // First call: column info, second: no existing index, third: fails with duplicate key
       mockAdapter.executeQuery
         .mockResolvedValueOnce(
           createMockQueryResult([{ IS_NULLABLE: "NO", DATA_TYPE: "point" }]),
         )
-        .mockRejectedValueOnce(new Error("Index already exists"));
+        .mockResolvedValueOnce(createMockQueryResult([]))
+        .mockRejectedValueOnce(
+          new Error(
+            "Query failed: Execute failed: Duplicate key name 'idx_locations_geom'",
+          ),
+        );
 
       const tool = tools.find((t) => t.name === "mysql_spatial_create_index")!;
       const result = await tool.handler(
@@ -182,7 +188,33 @@ describe("Handler Execution", () => {
 
       expect(result).toEqual({
         success: false,
-        error: "Index already exists",
+        reason:
+          "Index 'idx_locations_geom' already exists on table 'locations'",
+      });
+    });
+
+    it("should handle other index creation errors gracefully", async () => {
+      // First call: column info, second: no existing index, third: fails with generic error
+      mockAdapter.executeQuery
+        .mockResolvedValueOnce(
+          createMockQueryResult([{ IS_NULLABLE: "NO", DATA_TYPE: "point" }]),
+        )
+        .mockResolvedValueOnce(createMockQueryResult([]))
+        .mockRejectedValueOnce(new Error("Some other MySQL error"));
+
+      const tool = tools.find((t) => t.name === "mysql_spatial_create_index")!;
+      const result = await tool.handler(
+        {
+          table: "locations",
+          column: "geom",
+          indexName: "idx_locations_geom",
+        },
+        mockContext,
+      );
+
+      expect(result).toEqual({
+        success: false,
+        error: "Some other MySQL error",
       });
     });
   });

package/src/adapters/mysql/tools/__tests__/spatial_handler.test.ts

@@ -87,11 +87,12 @@ describe("Spatial Tools Handlers", () => {
 
     it("should generate default index name if not provided", async () => {
       const tool = findTool("mysql_spatial_create_index")!;
-      // First call returns column info (NOT NULL), second call is index creation
+      // First call: column info (NOT NULL), second: no existing index, third: CREATE
       mockAdapter.executeQuery
         .mockResolvedValueOnce(
           createMockQueryResult([{ IS_NULLABLE: "NO", DATA_TYPE: "point" }]),
         )
+        .mockResolvedValueOnce(createMockQueryResult([]))
         .mockResolvedValueOnce(createMockQueryResult([]));
 
       const result = await tool.handler(
@@ -102,15 +103,44 @@ describe("Spatial Tools Handlers", () => {
         mockContext,
       );
 
-      expect(mockAdapter.executeQuery).toHaveBeenCalledTimes(2);
+      expect(mockAdapter.executeQuery).toHaveBeenCalledTimes(3);
       expect(mockAdapter.executeQuery).toHaveBeenNthCalledWith(
-        2,
+        3,
         expect.stringContaining(
           "CREATE SPATIAL INDEX `idx_spatial_users_location`",
         ),
       );
       expect(result).toHaveProperty("indexName", "idx_spatial_users_location");
     });
+
+    it("should detect existing spatial index on same column", async () => {
+      const tool = findTool("mysql_spatial_create_index")!;
+      // First call: column info (NOT NULL)
+      // Second call: existing spatial index found
+      mockAdapter.executeQuery
+        .mockResolvedValueOnce(
+          createMockQueryResult([{ IS_NULLABLE: "NO", DATA_TYPE: "point" }]),
+        )
+        .mockResolvedValueOnce(
+          createMockQueryResult([{ INDEX_NAME: "idx_existing_geom" }]),
+        );
+
+      const result = await tool.handler(
+        {
+          table: "locations",
+          column: "geom",
+        },
+        mockContext,
+      );
+
+      expect(result).toEqual({
+        success: false,
+        reason:
+          "Spatial index 'idx_existing_geom' already exists on column 'geom' of table 'locations'",
+      });
+      // Should have called: 1) column check, 2) existing index check — NOT the CREATE
+      expect(mockAdapter.executeQuery).toHaveBeenCalledTimes(2);
+    });
   });
 
   describe("mysql_spatial_distance", () => {
@@ -475,6 +505,7 @@ describe("Spatial Tools Handlers", () => {
 
       expect((result as any).segmentsApplied).toBe(false);
       expect((result as any).segments).toBe(4);
+      expect((result as any).precision).toBe(6);
     });
 
     it("should include segmentsApplied: true for Cartesian SRID (buffer)", async () => {
@@ -501,6 +532,7 @@ describe("Spatial Tools Handlers", () => {
 
       expect((result as any).segmentsApplied).toBe(true);
       expect((result as any).segments).toBe(4);
+      expect((result as any).precision).toBe(6);
     });
   });
 });

package/src/adapters/mysql/tools/__tests__/transactions.test.ts

@@ -382,11 +382,9 @@ describe("Handler Execution", () => {
     it("should reject empty statements array", async () => {
       const tool = tools.find((t) => t.name === "mysql_transaction_execute")!;
       const result = await tool.handler({ statements: [] }, mockContext);
-
-      expect(result).toEqual({
-        success: false,
-        reason: "No statements provided. Pass at least one SQL statement.",
-      });
+      expect(result).toHaveProperty("success", false);
+      expect(result).toHaveProperty("reason");
+      expect((result as { reason: string }).reason).toContain("No statements");
       expect(mockAdapter.beginTransaction).not.toHaveBeenCalled();
     });
 

package/src/adapters/mysql/tools/admin/backup.ts

@@ -10,7 +10,12 @@ import type {
   ToolDefinition,
   RequestContext,
 } from "../../../../types/index.js";
-import { ExportTableSchema, ImportDataSchema } from "../../types.js";
+import {
+  ExportTableSchema,
+  ExportTableSchemaBase,
+  ImportDataSchema,
+  ImportDataSchemaBase,
+} from "../../types.js";
 import { z } from "zod";
 import {
   validateIdentifier,
@@ -94,7 +99,7 @@ export function createExportTableTool(adapter: MySQLAdapter): ToolDefinition {
     title: "MySQL Export Table",
     description: "Export table data as SQL INSERT statements or CSV format.",
     group: "backup",
-    inputSchema: ExportTableSchema,
+    inputSchema: ExportTableSchemaBase,
     requiredScopes: ["read"],
     annotations: {
       readOnlyHint: true,
@@ -175,7 +180,7 @@ export function createImportDataTool(adapter: MySQLAdapter): ToolDefinition {
     title: "MySQL Import Data",
     description: "Import data into a table from an array of row objects.",
     group: "backup",
-    inputSchema: ImportDataSchema,
+    inputSchema: ImportDataSchemaBase,
     requiredScopes: ["write"],
     annotations: {
       readOnlyHint: false,

package/src/adapters/mysql/tools/admin/maintenance.ts

@@ -12,9 +12,13 @@ import type {
 } from "../../../../types/index.js";
 import {
   OptimizeTableSchema,
+  OptimizeTableSchemaBase,
   AnalyzeTableSchema,
+  AnalyzeTableSchemaBase,
   CheckTableSchema,
+  CheckTableSchemaBase,
   FlushTablesSchema,
+  FlushTablesSchemaBase,
   KillQuerySchema,
 } from "../../types.js";
 import { z } from "zod";
@@ -25,7 +29,7 @@ export function createOptimizeTableTool(adapter: MySQLAdapter): ToolDefinition {
     title: "MySQL Optimize Table",
     description: "Optimize tables to reclaim unused space and defragment data.",
     group: "admin",
-    inputSchema: OptimizeTableSchema,
+    inputSchema: OptimizeTableSchemaBase,
     requiredScopes: ["admin"],
     annotations: {
       readOnlyHint: false,
@@ -47,7 +51,7 @@ export function createAnalyzeTableTool(adapter: MySQLAdapter): ToolDefinition {
     description:
       "Analyze tables to update index statistics for the query optimizer.",
     group: "admin",
-    inputSchema: AnalyzeTableSchema,
+    inputSchema: AnalyzeTableSchemaBase,
     requiredScopes: ["admin"],
     annotations: {
       readOnlyHint: false,
@@ -68,7 +72,7 @@ export function createCheckTableTool(adapter: MySQLAdapter): ToolDefinition {
     title: "MySQL Check Table",
     description: "Check tables for errors.",
     group: "admin",
-    inputSchema: CheckTableSchema,
+    inputSchema: CheckTableSchemaBase,
     requiredScopes: ["read"],
     annotations: {
       readOnlyHint: true,
@@ -125,7 +129,7 @@ export function createFlushTablesTool(adapter: MySQLAdapter): ToolDefinition {
     title: "MySQL Flush Tables",
     description: "Flush tables to ensure data is written to disk.",
     group: "admin",
-    inputSchema: FlushTablesSchema,
+    inputSchema: FlushTablesSchemaBase,
     requiredScopes: ["admin"],
     annotations: {
       readOnlyHint: false,

package/src/adapters/mysql/tools/cluster/__tests__/innodb-cluster.test.ts

@@ -210,6 +210,41 @@ describe("InnoDB Cluster Tools", () => {
       expect(result.routers[0].attributes.ROEndpoint).toBe("6447");
       expect(result.routers[0].attributes.Configuration).toBeUndefined();
     });
+
+    it("should flag stale routers when lastCheckIn is null or old", async () => {
+      const recentTime = new Date().toISOString();
+      mockAdapter.executeQuery.mockResolvedValue(
+        createMockQueryResult([
+          {
+            routerId: 1,
+            routerName: "active-router",
+            address: "192.168.1.1",
+            lastCheckIn: recentTime,
+            attributes: JSON.stringify({ ROEndpoint: "6447" }),
+          },
+          {
+            routerId: 2,
+            routerName: "stale-router",
+            address: "192.168.1.2",
+            lastCheckIn: null,
+            attributes: JSON.stringify({ ROEndpoint: "6447" }),
+          },
+        ]),
+      );
+
+      const tool = createClusterRouterStatusTool(
+        mockAdapter as unknown as MySQLAdapter,
+      );
+      const result = (await tool.handler(
+        { summary: false },
+        mockContext,
+      )) as any;
+
+      expect(result.routers).toHaveLength(2);
+      expect(result.routers[0].isStale).toBe(false);
+      expect(result.routers[1].isStale).toBe(true);
+      expect(result.staleCount).toBe(1);
+    });
   });
 
   describe("createClusterStatusTool - payload optimization", () => {

package/src/adapters/mysql/tools/cluster/innodb-cluster.ts

@@ -353,6 +353,14 @@ export function createClusterRouterStatusTool(
     handler: async (params: unknown, _context: RequestContext) => {
       const { summary } = SummarySchema.parse(params);
 
+      // Compute staleness: null lastCheckIn or >1 hour old
+      const computeStale = (lastCheckIn: unknown): boolean => {
+        if (lastCheckIn == null) return true;
+        const checkInTime = new Date(lastCheckIn as string).getTime();
+        if (isNaN(checkInTime)) return true;
+        return Date.now() - checkInTime > 3_600_000; // 1 hour
+      };
+
       try {
         // Summary mode: return only essential router info
         if (summary) {
@@ -369,9 +377,16 @@ export function createClusterRouterStatusTool(
                       FROM mysql_innodb_cluster_metadata.routers
                   `);
 
+          const routers = (result.rows ?? []).map((r) => ({
+            ...r,
+            isStale: computeStale(r["lastCheckIn"]),
+          }));
+          const staleCount = routers.filter((r) => r.isStale).length;
+
           return {
-            routers: result.rows ?? [],
-            count: result.rows?.length ?? 0,
+            routers,
+            count: routers.length,
+            staleCount,
           };
         }
 
@@ -388,6 +403,7 @@ export function createClusterRouterStatusTool(
                 `);
 
         const routers = (result.rows ?? []).map((r) => {
+          let processed = r;
           if (r["attributes"] != null) {
             try {
               const attrs =
@@ -395,17 +411,22 @@ export function createClusterRouterStatusTool(
                   ? (JSON.parse(r["attributes"]) as Record<string, unknown>)
                   : (r["attributes"] as Record<string, unknown>);
               delete attrs["Configuration"];
-              return { ...r, attributes: attrs };
+              processed = { ...r, attributes: attrs };
             } catch {
-              return r;
+              // Keep original if parsing fails
             }
           }
-          return r;
+          return {
+            ...processed,
+            isStale: computeStale(processed["lastCheckIn"]),
+          };
         });
+        const staleCount = routers.filter((r) => r.isStale).length;
 
         return {
           routers,
           count: routers.length,
+          staleCount,
         };
       } catch {
         return {

package/src/adapters/mysql/tools/codemode/index.ts

@@ -0,0 +1,249 @@
+/**
+ * mysql-mcp - Code Mode Tool: mysql_execute_code
+ *
+ * MCP tool that executes LLM-generated code in a sandboxed environment
+ * with access to all MySQL tools via the mysql.* API.
+ */
+
+import { z } from "zod";
+import type { MySQLAdapter } from "../../MySQLAdapter.js";
+import type {
+  ToolDefinition,
+  RequestContext,
+} from "../../../../types/index.js";
+import {
+  createSandboxPool,
+  type ISandboxPool,
+  type SandboxMode,
+} from "../../../../codemode/sandbox-factory.js";
+import { CodeModeSecurityManager } from "../../../../codemode/security.js";
+import { createMysqlApi } from "../../../../codemode/api.js";
+import type { ExecuteCodeOptions } from "../../../../codemode/types.js";
+
+// Schema for mysql_execute_code input
+export const ExecuteCodeSchema = z.object({
+  code: z
+    .string()
+    .describe(
+      "TypeScript/JavaScript code to execute. Use mysql.{group}.{method}() for database operations.",
+    ),
+  timeout: z
+    .number()
+    .optional()
+    .describe("Execution timeout in milliseconds (max 30000, default 30000)"),
+  readonly: z
+    .boolean()
+    .optional()
+    .describe("If true, restricts to read-only operations"),
+});
+
+// Schema for mysql_execute_code output
+export const ExecuteCodeOutputSchema = z.object({
+  success: z.boolean().describe("Whether the code executed successfully"),
+  result: z
+    .unknown()
+    .optional()
+    .describe("Return value from the executed code"),
+  error: z.string().optional().describe("Error message if execution failed"),
+  metrics: z
+    .object({
+      wallTimeMs: z
+        .number()
+        .describe("Wall clock execution time in milliseconds"),
+      cpuTimeMs: z.number().describe("CPU time used in milliseconds"),
+      memoryUsedMb: z.number().describe("Memory used in megabytes"),
+    })
+    .optional()
+    .describe("Execution performance metrics"),
+  hint: z.string().optional().describe("Helpful tip or additional information"),
+});
+
+// Singleton instances (initialized on first use)
+let sandboxPool: ISandboxPool | null = null;
+let securityManager: CodeModeSecurityManager | null = null;
+
+/**
+ * Get isolation mode from environment variable
+ */
+function getIsolationMode(): SandboxMode {
+  const envMode = process.env["CODEMODE_ISOLATION"];
+  if (envMode === "worker") return "worker";
+  return "vm"; // Default
+}
+
+/**
+ * Initialize Code Mode infrastructure
+ */
+function ensureInitialized(): {
+  pool: ISandboxPool;
+  security: CodeModeSecurityManager;
+} {
+  sandboxPool ??= createSandboxPool(getIsolationMode());
+  sandboxPool.initialize();
+  securityManager ??= new CodeModeSecurityManager();
+  return { pool: sandboxPool, security: securityManager };
+}
+
+/**
+ * Create the mysql_execute_code tool
+ */
+export function createExecuteCodeTool(adapter: MySQLAdapter): ToolDefinition {
+  return {
+    name: "mysql_execute_code",
+    title: "MySQL Execute Code",
+    description: `Execute TypeScript/JavaScript code in a sandboxed environment with access to all MySQL tools via the mysql.* API.
+
+Available API groups:
+- mysql.core: readQuery, writeQuery, listTables, describeTable, createTable, createIndex (8 methods)
+- mysql.transactions: begin, commit, rollback, savepoint, execute (7 methods)
+- mysql.json: extract, set, insert, remove, contains, keys, merge, diff, stats (17 methods)
+- mysql.text: regexpMatch, likeSearch, soundex, substring, concat, collationConvert (6 methods)
+- mysql.fulltext: fulltextSearch, fulltextCreate, fulltextBoolean, fulltextExpand (5 methods)
+- mysql.performance: explain, explainAnalyze, slowQueries, bufferPoolStats, tableStats (8 methods)
+- mysql.optimization: indexRecommendation, queryRewrite, forceIndex, optimizerTrace (4 methods)
+- mysql.admin: optimizeTable, analyzeTable, checkTable, repairTable, flushTables, killQuery (6 methods)
+- mysql.monitoring: showProcesslist, showStatus, showVariables, innodbStatus, poolStats (7 methods)
+- mysql.backup: createDump, exportTable, importData, restoreDump (4 methods)
+- mysql.replication: masterStatus, slaveStatus, binlogEvents, gtidStatus, replicationLag (5 methods)
+- mysql.partitioning: partitionInfo, addPartition, dropPartition, reorganizePartition (4 methods)
+- mysql.schema: listSchemas, createView, listFunctions, listTriggers (10 methods)
+- mysql.events: eventCreate, eventAlter, eventDrop, eventList, schedulerStatus (6 methods)
+- mysql.sysschema: sysSchemaStats, sysStatementSummary, sysIoSummary (8 methods)
+- mysql.stats: descriptive, percentiles, correlation, regression, timeSeries, histogram (8 methods)
+- mysql.spatial: distance, distanceSphere, point, polygon, buffer (12 methods)
+- mysql.security: sslStatus, userPrivileges, audit, sensitiveTables (9 methods)
+- mysql.cluster: clusterStatus, grStatus, grMembers, clusterTopology (10 methods)
+- mysql.roles: roleCreate, roleGrant, roleAssign, roleList (8 methods)
+- mysql.docstore: docCreateCollection, docFind, docAdd, docModify (9 methods)
+- mysql.router: routerStatus, routerRoutes, routerRouteHealth (9 methods)
+
+Example:
+\`\`\`javascript
+const tables = await mysql.core.listTables();
+const results = [];
+for (const t of tables.tables) {
+    const count = await mysql.core.readQuery(\`SELECT COUNT(*) as n FROM \\\`\${t.name}\\\`\`);
+    results.push({ table: t.name, rows: count.rows[0].n });
+}
+return results;
+\`\`\``,
+    group: "codemode",
+    inputSchema: ExecuteCodeSchema,
+    requiredScopes: ["admin"],
+    annotations: {
+      readOnlyHint: false,
+      destructiveHint: true,
+      idempotentHint: false,
+      openWorldHint: false,
+    },
+    handler: async (params: unknown, _context: RequestContext) => {
+      const { code, readonly } = params as ExecuteCodeOptions;
+
+      // Initialize infrastructure
+      const { pool, security } = ensureInitialized();
+
+      // Validate code
+      const validation = security.validateCode(code);
+      if (!validation.valid) {
+        return {
+          success: false,
+          error: `Code validation failed: ${validation.errors.join("; ")}`,
+          metrics: { wallTimeMs: 0, cpuTimeMs: 0, memoryUsedMb: 0 },
+        };
+      }
+
+      // Check rate limit
+      const clientId = "default";
+      if (!security.checkRateLimit(clientId)) {
+        return {
+          success: false,
+          error: "Rate limit exceeded. Please wait before executing more code.",
+          metrics: { wallTimeMs: 0, cpuTimeMs: 0, memoryUsedMb: 0 },
+        };
+      }
+
+      // Create mysql API bindings
+      const mysqlApi = createMysqlApi(adapter);
+      const bindings = mysqlApi.createSandboxBindings();
+
+      // Validate bindings are populated
+      const totalMethods = Object.values(bindings).reduce(
+        (sum: number, group) => {
+          if (typeof group === "object" && group !== null) {
+            return sum + Object.keys(group).length;
+          }
+          return sum;
+        },
+        0,
+      );
+      if (totalMethods === 0) {
+        return {
+          success: false,
+          error:
+            "mysql.* API not available: no tool bindings were created. Ensure adapter.getToolDefinitions() returns valid tools.",
+          metrics: { wallTimeMs: 0, cpuTimeMs: 0, memoryUsedMb: 0 },
+        };
+      }
+
+      // Capture active transactions before execution for cleanup on error
+      const transactionsBefore = new Set(adapter.getActiveTransactionIds());
+
+      // Execute in sandbox
+      const result = await pool.execute(code, bindings);
+
+      // Always cleanup orphaned transactions (uncommitted txns from any execution)
+      const transactionsAfter = adapter.getActiveTransactionIds();
+      const orphanedTransactions = transactionsAfter.filter(
+        (txId: string) => !transactionsBefore.has(txId),
+      );
+
+      for (const txId of orphanedTransactions) {
+        try {
+          await adapter.rollbackTransaction(txId);
+        } catch {
+          // Best-effort cleanup
+        }
+      }
+
+      // Sanitize result
+      if (result.success && result.result !== undefined) {
+        result.result = security.sanitizeResult(result.result);
+      }
+
+      // Audit log
+      const record = security.createExecutionRecord(
+        code,
+        result,
+        readonly ?? false,
+        clientId,
+      );
+      security.auditLog(record);
+
+      // Add help hint for discoverability
+      const helpHint =
+        "Tip: Use mysql.help() to list all groups, or mysql.core.help() for group-specific methods.";
+
+      return {
+        ...result,
+        hint: helpHint,
+      };
+    },
+  };
+}
+
+/**
+ * Get all Code Mode tools
+ */
+export function getCodeModeTools(adapter: MySQLAdapter): ToolDefinition[] {
+  return [createExecuteCodeTool(adapter)];
+}
+
+/**
+ * Cleanup Code Mode resources (call on server shutdown)
+ */
+export function cleanupCodeMode(): void {
+  if (sandboxPool) {
+    sandboxPool.dispose();
+    sandboxPool = null;
+  }
+}