# MongoDB MCP Server — npx + Read-Only Safety by Default

> MongoDB MCP Server exposes MongoDB queries and optional Atlas admin tools to MCP clients via npx or Docker, with a read-only mode that reduces risk.

## Install

Merge the JSON below into your `.mcp.json`:

## Quick Use

1. Add to an MCP client (Claude Desktop / Cursor):
   ```json
   {
     "mcpServers": {
       "mongodb": {
         "command": "npx",
         "args": ["-y", "mongodb-mcp-server@latest", "--readOnly"],
         "env": {
           "MDB_MCP_CONNECTION_STRING": "mongodb://localhost:27017/myDatabase"
         }
       }
     }
   }
   ```
2. Restart the client so it spawns the server.
3. Verify: run a `find` or `aggregate` query and confirm writes are blocked in read-only mode.

## Intro

MongoDB MCP Server exposes MongoDB queries and optional Atlas admin tools to MCP clients via npx or Docker, with a read-only mode that reduces risk.

- **Best for:** teams using MongoDB/Atlas that want MCP access with strong guardrails and a clear read-only baseline
- **Works with:** MongoDB connection strings or Atlas API credentials, Node.js, MCP clients that can spawn npx commands
- **Setup time:** 10-20 minutes

## Practical Notes

- Quant: start with `--readOnly` and a read-only DB user; you can still inspect schemas, run finds, and profile slow queries safely.
- Quant: keep exported query results scoped—treat every agent query as data egress to the LLM provider.

## Why it matters

MongoDB MCP Server helps when you want a single, standard integration path (npx/Docker) for agents to query MongoDB while minimizing accidental writes.

- Configuration examples are explicit and repeatable (npx + env), which is ideal for team onboarding.
- The docs emphasize read-only mode as the default safety posture.
- Atlas tools can be enabled with service-account credentials for teams that need admin automation as well as queries.

## Rollout pattern

- Use read-only mode for the first week; log the exact prompts and tool calls agents make during real incidents.
- Add Atlas credentials only after you decide which admin actions are safe to automate (users, clusters, indexes).
- If you ever enable writes, require a separate server instance and stronger approval/audit controls.

## Watchouts

Read-only mode reduces risk, but query results still leave your network when an agent summarizes them. Treat tool output as data egress and sanitize sensitive fields.

### FAQ

**Q: Can I use it without Atlas?**
A: Yes. You can connect via a plain MongoDB connection string and use database query tools only.

**Q: What does `--readOnly` change?**
A: It limits the server to read/connect/metadata operations and blocks write-capable tools.

**Q: How do I debug connection issues?**
A: Start with a local MongoDB URI, then move to Atlas with service-account credentials once the basics work.

## Source & Thanks

> Source: https://github.com/mongodb-js/mongodb-mcp-server
> License: Apache-2.0
> GitHub stars: 1,019 · forks: 240

---

<!-- ZH -->

## 快速使用

1. 在 MCP 客户端（Claude Desktop / Cursor）里加入配置：
   ```json
   {
     "mcpServers": {
       "mongodb": {
         "command": "npx",
         "args": ["-y", "mongodb-mcp-server@latest", "--readOnly"],
         "env": {
           "MDB_MCP_CONNECTION_STRING": "mongodb://localhost:27017/myDatabase"
         }
       }
     }
   }
   ```
2. 重启客户端，让它自动拉起 MCP server。
3. 验证：跑一次 `find` 或 `aggregate`，并确认只读模式下写操作会被阻止。

## 简介

MongoDB MCP Server 通过 npx 或 Docker 把 MongoDB 查询与可选的 Atlas 管理工具暴露给 MCP 客户端，并提供 `--readOnly` 模式降低误写风险，适合让 Agent 安全查数与排障。

- **适合谁：** MongoDB/Atlas 团队：希望给 Agent 开工具，但必须有明确只读基线与安全护栏
- **可搭配：** MongoDB 连接串或 Atlas API 凭证、Node.js、支持通过 npx 启动 MCP server 的客户端
- **准备时间：** 10-20 分钟

## 实战建议

- 量化信息：先用 `--readOnly` + 只读 DB 用户；照样能查 schema、跑查询、分析慢查询。
- 量化信息：把每次查询结果都当成数据外发（进入 LLM 上下文）；需要时做脱敏与字段限制。

## 为什么值得收录

当你希望用统一方式（npx/Docker）让 Agent 访问 MongoDB，又必须尽量避免误写时，MongoDB MCP Server 的价值就在于“默认只读 + 可控扩展”。

- 配置示例清晰可复制（npx + env），非常适合团队化落地。
- 文档把只读当默认安全姿态，符合生产预期。
- 需要时可启用 Atlas 工具，用服务账号做更安全的运维自动化。

## 落地路径

- 前 1 周只用只读模式，并把真实排障场景里的提示词与 tool 调用记录下来。
- 仅在明确哪些管理动作可自动化后，再加入 Atlas 凭证（用户/集群/索引等）。
- 若一定要开放写操作，建议单独部署实例，并增加更强的审批与审计。

## 注意事项

只读能降低误写风险，但查询结果依然会进入 LLM 上下文。把工具输出当作数据外发，必要时做脱敏/字段限制。

### FAQ

**不接 Atlas 能用吗？**
答：可以。用普通连接串即可，只使用数据库查询相关工具。

**`--readOnly` 会改变什么？**
答：它会限制为读/连接/元数据操作，并阻止写相关工具。

**连不上该怎么排查？**
答：先从本地 MongoDB URI 跑通，再迁移到 Atlas 并配置服务账号。

## 来源与感谢

> Source: https://github.com/mongodb-js/mongodb-mcp-server
> License: Apache-2.0
> GitHub stars: 1,019 · forks: 240


---
Source: https://tokrepo.com/en/workflows/mongodb-mcp-server-npx-read-only-safety-by-default
Author: MCP Hub