Model Context Protocol moderate risk

Duckdb

MCP server for DuckDB, enabling SQL queries and database interactions via LLMs; supports read-only mode for safety and single connection reuse for performance.

Connections & Capabilities

Connects To

GitHub

Capabilities

readwriteexec

Quickstart

Install

npx -y @smithery/cli install mcp-server-duckdb --client claude

Config

{
  "mcpServers": {
    "duckdb": {
      "command": "uvx",
      "args": [
        "mcp-server-duckdb",
        "--db-path",
        "~/mcp-server-duckdb/data/data.db"
      ]
    }
  }
}

Exposed MCP Tools (1)

high

query

Executes an arbitrary SQL query against the DuckDB database.

Allows execution of arbitrary SQL, potentially leading to data modification or information disclosure.

Safety Assessment

The server is relatively safe when running in read-only mode, as it prevents any write operations. However, when running with write access enabled, the risk increases significantly due to the ability to execute arbitrary SQL queries, potentially leading to data modification or deletion. Proper input validation and access control mechanisms are crucial for mitigating these risks.

Supports read-only mode to prevent unintended writes.
DuckDB's native read-only protection is enforced when the server is in read-only mode.
No custom resources or prompts implemented, reducing attack surface.
Single `query` tool simplifies access control.

Allows execution of arbitrary SQL queries, which can be risky if not properly controlled.
If not in read-only mode, the server can perform write operations (CREATE, INSERT, UPDATE, DELETE).
No built-in authentication or authorization mechanisms.
Potential for SQL injection if input is not sanitized.