Database MCP

MCP trusted runner and conflict detection

The trusted runner executes approved writeback jobs and refuses stale proposals.

Overview

The trusted runner runs in the customer environment with the database write credential. The model does not see that credential, and Synapsor Cloud does not need to receive it.

`synapsor cloud connect` verifies a source-scoped runner token, registers runner metadata, and sends a heartbeat. It sends runner id/version, source id, engines, and capability metadata, not database URLs, passwords, prompts, or table data.

The runner validates the job schema, source scope, proposal hash/version, operation, allowed columns, primary key, tenant guard, conflict guard, idempotency key, and lease before executing one parameterized UPDATE.

If the target row changed after the proposal was created, the conflict guard fails and the runner returns conflict. No write is applied.

Developer notes

Use version/timestamp conflict guards where possible.
Treat affected_rows = 0 as conflict, not success.
Treat affected_rows > 1 as a safety failure.
Keep writeback idempotent so retries do not apply the mutation twice.

Conflict proof

stale-row.txt

proposal
  -> out-of-band row change
  -> approval
  -> trusted runner
  -> conflict
  -> no write applied

Examples

json

{
  "schema_version": "synapsor.execution-receipt.v1",
  "status": "conflict",
  "rows_affected": 0,
  "safe_error_code": "VERSION_CONFLICT",
  "source_database_mutated": false
}