Planet Scale MCP

Live

OAUTH 2.0

DATABASES

Developer Tools

Connect to PlanetScale MCP. Run SQL queries, inspect database branches and schemas, get query performance insights, and manage organizations and invoices.

  • Acts as the user: Every tool call runs as the authorizing user. Access and audit trail stay intact.
  • Credentials stay vaulted: AES-256 encrypted, resolved at request time, never stored in LLM context.
  • Scoped before every call: Per-user permissions enforced automatically. 90-day audit trail included.
Planet Scale MCP
agent · Acme Q3
Run
Planetscale Execute Read Query in Planet Scale MCP
S
planetscalemcp_planetscale_execute_read_query
85ms
Planet Scale MCP agent
Execute a read-only sql query (select, show, describe, explain) against a planetscale database branch..
Sources: Planet Scale MCP
planetscalemcpmcp
1 tool call
18:29
Message Claude...

Planet Scale MCP tools for AI agents

CALL ANY TOOL
12 tools covering planetscale.
planetscalemcp_planetscale_execute_read_query
Execute a read-only sql query (select, show, describe, expla
Execute a read-only sql query (select, show, describe, explain) against a planetscale database branch.
Parameters
Name
Type
Required
Description
branch
string
Required
Branch name (e.g., 'main')
database
string
Required
Database name
organization
string
Required
PlanetScale organization name
query
string
Required
SQL SELECT query to execute
postgres_database_name
string
Optional
Postgres only: target database name to connect to. Use when the user has created additional databases in the same PlanetScale Postgres cluster (e.g. via CREATE DATABASE). Omit to use the default database for the branch.
planetscalemcp_planetscale_execute_write_query
Execute a write sql query (insert, update, delete, or ddl) a
planetscalemcp_planetscale_get_branch
Get details about a specific database branch.
planetscalemcp_planetscale_get_branch_schema
Get the schema (tables and columns) for a specific database
planetscalemcp_planetscale_get_database
Get details about a specific planetscale database.
planetscalemcp_planetscale_get_insights
Get query performance insights for a planetscale database br
planetscalemcp_planetscale_get_invoice_line_items
Get all line items for a specific invoice, broken down by da
planetscalemcp_planetscale_get_organization
Get details about a specific planetscale organization.
planetscalemcp_planetscale_list_branches
List all branches within a planetscale database.
planetscalemcp_planetscale_list_cluster_sizes
List available planetscale cluster sizes (skus) for an organ
planetscalemcp_planetscale_list_databases
List all databases within a planetscale organization.
planetscalemcp_planetscale_list_invoices
List all invoices for a planetscale organization.
Build your Agent
Same auth pattern across every framework.
Python · LlamaIndex
from langchain_mcp_adapters.client import MultiServerMCPClient
from scalekit import ScalekitClient

client = ScalekitClient(env_url=ENV_URL, client_id=CLIENT_ID, client_secret=SECRET)
token = client.agent.get_token(user_id="user_id", connector="planetscalemcp")

mcp = MultiServerMCPClient({
"planetscalemcp": {
"url": "https://mcp.scalekit.com/planetscalemcp",
"headers": {"Authorization": "Bearer " + token}
}
})
tools = await mcp.get_tools()
import OpenAI from "openai";
import { ScalekitClient } from "@scalekit-sdk/node";

const client = new ScalekitClient({ envUrl, clientId, clientSecret });
const token = await client.agent.getToken({ userId: "user_id", connector: "planetscalemcp" });

const openai = new OpenAI();
// Connect to MCP at https://mcp.scalekit.com/planetscalemcp
// Pass: Authorization: Bearer + token
import Anthropic from "@anthropic-ai/sdk";
import { ScalekitClient } from "@scalekit-sdk/node";

const client = new ScalekitClient({ envUrl, clientId, clientSecret });
const token = await client.agent.getToken({ userId: "user_id", connector: "planetscalemcp" });

const anthropic = new Anthropic();
// Connect to MCP at https://mcp.scalekit.com/planetscalemcp
// Pass: Authorization: Bearer + token
from google.adk.agents import LlmAgent
from scalekit import ScalekitClient

client = ScalekitClient(env_url=ENV_URL, client_id=CLIENT_ID, client_secret=SECRET)
token = client.agent.get_token(user_id="user_id", connector="planetscalemcp")
# Connect to MCP at https://mcp.scalekit.com/planetscalemcp
# Pass: Authorization: Bearer + token
Try these prompts
Paste any prompt into your agent to get started.
Get started
Copy the prompt
Copied
Search the PlanetScale knowledge base for documentation, API references, code examples, and guides?
Copy the prompt
Copied
List all schema recommendations for a PlanetScale database based on production query patterns?
Advanced
Copy the prompt
Copied
Get details about a specific PlanetScale organization?
Copy the prompt
Copied
Execute a write SQL query (INSERT, UPDATE, DELETE, or DDL) against a PlanetScale database branch?
SEE HOW AUTH WORKS
User authorises once. Every agent call after uses their token with scope enforcement.
1
Authorize
Your user connects
Planet Scale MCP
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
Planet Scale MCP
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
Planet Scale MCP
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
Planet Scale MCP
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
See the same per-user auth pattern across other connectors.
ENGINEERING
DevOps assistant agent
Triage GitHub incidents, open Linear tickets, and notify the on-call channel in Slack with context already attached.
ENGINEERING
Auto-release notes agent
Group merged GitHub PRs by feature, fix, or chore and publish release notes per tag. No manual changelog grooming.
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought.
01.
Shared tokens break per-user analytics
A shared token looks fine in a demo. In production every call looks like a service account. Scalekit resolves the real user credential.
// shared token
audit → bot_service_account

// scalekit
audit → user_abc ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
One connector today. Ten tomorrow.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions

Does the agent access Planet Scale as the user or as a shared key?
As the user. Each workspace member authorizes once and Scalekit resolves their credential at request time. Audit logs attribute every action to that user, not a shared service account.

Where is the Planet Scale OAuth token stored?
In Scalekit's managed AES-256 token vault, namespaced per tenant. Refresh is automatic. Revocation is a single dashboard action. Tokens never appear in prompts, logs, or LLM context.

Can I limit what the agent is allowed to do in Planet Scale?
Yes. Pass a tool name filter to listScopedTools so the DevOps agent only sees the subset you authorize. Pre-API-call scope checks block out-of-policy actions before the request reaches Planet Scale.

What happens when a user revokes Planet Scale access?
The connection is invalidated on the next tool call. Subsequent requests for that user fail closed with a clear error. Other users in the tenant remain unaffected. The event is logged for audit.

Can the agent run write queries against production branches?
Only if the authorizing user's PlanetScale role allows it. Read and write query tools are separate, so you can filter the agent to reads while keeping branch schema and insights available.

Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code REPL
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
# ~/.cursor/mcp.json
{
""mcpServers"": {
""planetscalemcp"": {
""url"": ""https://mcp.scalekit.com/planetscalemcp"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
# ~/.codex/config.toml
[mcp_servers.planetscalemcp]
url = ""https://mcp.scalekit.com/planetscalemcp""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
# .vscode/mcp.json
{
""servers"": {
""planetscalemcp"": {
""url"": ""https://mcp.scalekit.com/planetscalemcp"",
""type"": ""http""
}
}
}