Duckdb | AI Builder Hub Review & Alternatives | Flaex AI

VERIFIED

Duckdb

Safety: 65/100

0.0(0)

MCP server for DuckDB, enabling SQL queries and database interactions via LLMs; supports read-only mode for safety and single connection reuse for performance.

MCP ServersData & DatabasesAI & LLMUtilitiesDevelopmentSearch & WebFreemium

Boost this tool

Subscribe to listing upgrades or segmented pushes.

Overview

MCP server for DuckDB, enabling SQL queries and database interactions via LLMs; supports read-only mode for safety and single connection reuse for performance.

The server is relatively safe when running in read-only mode, as it prevents any write operations. However, when running with write access enabled, the risk increases significantly due to the ability to execute arbitrary SQL queries, potentially leading to data modification or deletion. Proper input validation and access control mechanisms are crucial for mitigating these risks.

Performance depends on the complexity of the SQL queries and the size of the DuckDB database. Using a single connection (--keep-connection) can improve performance but may lead to locking issues.

No direct cost, as DuckDB is a free and open-source database. However, complex queries may consume significant CPU and memory resources.

LocalPython172 starsMITReleased 5/5/2025CI/CD

Connections & Capabilities

Connects To

GitHub

Capabilities

ReadWriteExec

Client Compatibility

Claude Desktop

full

Cursor

untested

Windsurf

untested

VS Code (Copilot)

untested

Quickstart

Install

npx -y @smithery/cli install mcp-server-duckdb --client claude

Claude Desktop Config

{
  "mcpServers": {
    "duckdb": {
      "command": "uvx",
      "args": [
        "mcp-server-duckdb",
        "--db-path",
        "~/mcp-server-duckdb/data/data.db"
      ]
    }
  }
}

Tools (1)

high

query

Executes an arbitrary SQL query against the DuckDB database.

Allows execution of arbitrary SQL, potentially leading to data modification or information disclosure.

Security

Auth Method

None

Data Locality

local

Known Risks

!SQL injection vulnerabilities if user input is not properly sanitized.
!Unintended data modification or deletion if write access is enabled and queries are not carefully controlled.
!Lack of authentication makes the server vulnerable to unauthorized access if exposed.
!Potential for resource exhaustion if queries are not optimized or if the database is very large.
!If `--keep-connection` is enabled, it can hold an exclusive lock on the file.

Safety Score

moderate risk

Positive

+Supports read-only mode to prevent unintended writes.
+DuckDB's native read-only protection is enforced when the server is in read-only mode.
+No custom resources or prompts implemented, reducing attack surface.
+Single `query` tool simplifies access control.

Risks

-Allows execution of arbitrary SQL queries, which can be risky if not properly controlled.
-If not in read-only mode, the server can perform write operations (CREATE, INSERT, UPDATE, DELETE).
-No built-in authentication or authorization mechanisms.
-Potential for SQL injection if input is not sanitized.

Use Cases

Data Analysis

-Querying and analyzing local datasets stored in DuckDB.
-Performing ad-hoc data exploration using natural language queries.
-Generating reports and visualizations from DuckDB data.

Data Transformation

-Transforming data using SQL queries.
-Creating new tables and views based on existing data.
-Loading data from external sources into DuckDB.

Local LLM Augmentation

-Enabling LLMs to query local data for more informed responses.
-Providing LLMs with access to structured data for improved reasoning.
-Building LLM-powered applications that leverage local data sources.

Who Is This For?

Best For

Local data analysis and exploration.
Prototyping LLM-powered applications that require access to structured data.
Small to medium-sized datasets that can be efficiently stored in DuckDB.
Users who need a simple and easy-to-use database solution.

Not Ideal For

Large-scale data warehousing or OLAP applications.
High-concurrency environments with many concurrent users.
Applications that require advanced security features or access control mechanisms.

Autonomy & Execution

Default ModeConfigurable

Destructive Tools

Autonomy is highly dependent on the configuration. Read-only mode significantly restricts autonomy, while write-enabled mode grants full access to the database. Exercise caution when granting write access to LLMs.

StatelessNo

Retry LogicNot documented

ConcurrencyNot documented

Production Tip

Always run the server in read-only mode in production environments unless write access is absolutely necessary. Implement robust input validation and access controls to mitigate risks.

FAQ

How do I enable read-only mode?

Use the `--readonly` flag when starting the server.

Can I use this server with multiple LLMs?

Yes, but be mindful of potential concurrency issues and resource limitations.

How do I protect against SQL injection?

Implement robust input validation and sanitization techniques in your LLM application.

What happens if the database file does not exist?

If `--readonly` is not specified, the server will automatically create the database file and parent directories if they don't exist. If `--readonly` is specified and the database file doesn't exist, the server will fail to start with an error.

How do I specify the path to the DuckDB database file?

Use the `--db-path` parameter when starting the server.

What kind of SQL queries can I execute?

You can execute any valid DuckDB SQL statement.

How can I debug issues with the server?

Use the MCP Inspector for detailed request/response logging and debugging.

Key Features

Data & Databases AI & LLM Utilities Development Search & Web

Metrics

Discovered2/14/2026

Reviews0

Saved By0 users

Duckdb

Overview

Connections & Capabilities

Connects To

Capabilities

Client Compatibility

Quickstart

Install

Claude Desktop Config

Tools (1)

Security

Safety Score

Positive

Risks

Use Cases

Data Analysis

Data Transformation

Local LLM Augmentation

Who Is This For?

Best For

Not Ideal For

Autonomy & Execution

FAQ

How do I enable read-only mode?

Can I use this server with multiple LLMs?

How do I protect against SQL injection?

What happens if the database file does not exist?

How do I specify the path to the DuckDB database file?

What kind of SQL queries can I execute?

How can I debug issues with the server?

Key Features

Metrics

Related Tools