duckdb_mcp
Verified Safeby teaguesterling
Overview
Integrates DuckDB with the Model Context Protocol (MCP), enabling it to consume resources/tools from external MCP servers and expose its own database capabilities as an MCP server.
Installation
./build/release/duckdb -init examples/01-simple/init-mcp-db.sql -f examples/01-simple/start-mcp-server.sqlEnvironment Variables
- DUCKDB
- DB_PATH
- MEMORY_LIMIT
- THREADS
- READ_ONLY
- ENABLE_EXECUTE
- DUCKDB_MCP_FOREGROUND
- allowed_mcp_commands
- allowed_mcp_urls
- mcp_server_file
- mcp_lock_servers
- mcp_disable_serving
- mcp_log_level
- mcp_log_file
- mcp_console_logging
Security Notes
The extension features a robust security framework, including an allowlist for executable commands (`allowed_mcp_commands`), argument sanitization against shell injection (`..`, `|`, `;`, `&`, backticks, `$`), and immutability of command settings after first use. The `execute` server tool (for DDL/DML) is disabled by default. However, by default, the client-side `ATTACH` command operates in a 'permissive mode' if `allowed_mcp_commands` is not explicitly set, which is a potential risk if deployed without proper configuration. TCP/WebSocket/HTTP transports are noted as 'planned' or 'placeholder' and may not yet have the same level of security vetting as the `stdio` transport.
Similar Servers
dbt-mcp
Provides AI agents with tools to interact with dbt Core, dbt Fusion, and dbt Platform, enabling advanced data analytics and project management capabilities within a model context protocol (MCP) server.
db-mcp-server
Provides AI assistants with structured access to multiple databases, enabling them to execute SQL queries, manage transactions, explore schemas, and analyze performance through a unified interface.
ddg_search
Provides an MCP server for web search via DuckDuckGo and AI-powered answers from IAsk AI and Monica.
mcp-mysql-server
Provides an MCP-compliant interface for AI models to securely interact with a MySQL database for CRUD operations, schema inspection, and performance analysis.