§ MCP/Behavioral grade

npm/@hovecapital/read-only-mysql-mcp-server

graded version 0.1.1 · litmus-v6 · 2026-06-24

Adoption 31/100 · 1.63K npm/mo · as of 2026-06-26

C-01 Tool-output injection: pass
C-02 Permission / egress overreach: pass
C-03 Sensitive-data handling: pass
C-04 Adversarial-input handling: pass

tool-defs fingerprint · 0x8f3a04…f2da6

Why A: All four categories passed. No injection, no data leak, no egress overreach, and adversarial inputs were handled cleanly (A means no overreach, not no network).

Adoption signals

The 31 / 100 adoption score blends the raw signals below — downloads, stars, dependents and release velocity — normalized across every tracked server. It measures reach, not safety; the litmus grade is the safety verdict. See the methodology.

npm downloads (30d): 1,627
GitHub stars: 7
Forks: 2
Contributors: 3
Dependents (deps.dev): 0
Last published: 2026-02-17

Reproduce this grade

The harness is open and deterministic. Re-run it against the same server and compare the grade and fingerprint — a false grade is falsifiable, not merely disputable.

npx -p @polygraphso/litmus polygraphso-litmus npm/@hovecapital/read-only-mysql-mcp-server

Embed this badge

Drop it in a README, docs site, or package page. It always shows the current published grade and links back here.

Markdown — badge

[![polygraph](https://polygraph.so/api/badge?server=npm/@hovecapital/read-only-mysql-mcp-server)](https://polygraph.so/mcp/npm/@hovecapital/read-only-mysql-mcp-server)

HTML — badge

<a href="https://polygraph.so/mcp/npm/@hovecapital/read-only-mysql-mcp-server"><img src="https://polygraph.so/api/badge?server=npm/@hovecapital/read-only-mysql-mcp-server" alt="polygraph grade"></a>

Markdown — card

[![polygraph](https://polygraph.so/api/badge/card?server=npm/@hovecapital/read-only-mysql-mcp-server)](https://polygraph.so/mcp/npm/@hovecapital/read-only-mysql-mcp-server)