Delv
CommunityAbandoned· 1.1y4.3by ktanaka101

DuckDB MCP

Executes SQL against DuckDB with read-only mode for analytical queries and Parquet or CSV exploration.

View repo
B
Safety & Trust

Delv Safety Grade: B

Score 72/100 · assessed 2026-04-28

Maintainer55
Permissions85
Supply chain75
Transparency70
Incidents100

DuckDB MCP is a community server from solo maintainer ktanaka101 that executes SQL queries against DuckDB databases. The read-only default mode is a strong safety feature for LLM-driven queries, limiting blast radius to data exfiltration rather than corruption. The server requires filesystem read access to load Parquet and CSV files, and can execute arbitrary SQL within DuckDB's sandbox. Distribution via PyPI as mcp-server-duckdb with uvx installation is standard and reasonably verifiable. The repository is open source with basic documentation, though activity appears modest. No known security incidents. Main risk is that SQL execution, even read-only, can be used to exfiltrate sensitive data files if the LLM is prompted maliciously. The maintainer is a solo developer with limited track record, raising bus factor concerns. Overall a competent implementation with sensible defaults, but community provenance and single-maintainer status warrant caution.

Lethal Trifecta (prompt-injection exposure)

ONE OF THREE
Private dataYes
Reads secrets, credentials, private files
Untrusted inputNo
Ingests web pages, PRs, issues, emails
External commsNo
Can send data outbound

Local DB.

Green flags

  • Read-only mode by default prevents data corruption
  • DuckDB provides sandboxed SQL execution environment
  • Standard PyPI distribution with uvx installation
  • Open source with clear repository and documentation
  • No environment variables or secrets required

Red flags

  • Solo maintainer with limited public track record
  • Read-only mode can still exfiltrate sensitive data via SQL queries
  • Filesystem read access allows scanning arbitrary local files
  • Modest repository activity suggests potential maintenance risk

Permissions requested

Read filesDB readDB write
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Install

uvx mcp-server-duckdb

Review

DuckDB MCP turns Claude into a local analytical database client. You point it at a DuckDB file or let it run in-memory, then query Parquet files, CSVs, or any data DuckDB can ingest. It runs in read-only mode by default, which is sensible for an LLM-driven tool, though you can disable that if you trust your prompts. I'd reach for this when I'm exploring a messy data dump and don't want to fire up a Jupyter notebook. Ask Claude to summarise a 2GB Parquet file, join it with a CSV, or run a window function over time-series data. It handles the SQL generation and execution in one go. The read-only default means you won't accidentally corrupt a dataset mid-conversation, which is more important than it sounds when you're iterating quickly. The repo is minimal but functional. Installation is a single uvx command. You add a JSON block to your Claude Desktop config pointing at a DuckDB file path, or leave it blank for in-memory mode. From there, Claude can run SELECT queries, aggregate data, and return results inline. It won't write back unless you explicitly allow it, which keeps the blast radius small. Quirks: DuckDB is fast but memory-hungry on large datasets. If you're working with multi-gigabyte files, watch your RAM. The MCP doesn't expose DuckDB extensions directly, so if you need spatial or JSON functions, you'll need to pre-configure them in the database file. Also, error messages from DuckDB can be terse. Claude sometimes struggles to interpret them, so you'll need to read the raw SQL error yourself. This isn't a replacement for a proper data warehouse or a BI tool. It's for ad-hoc analysis when you're already in a Claude conversation and don't want to context-switch. If you're doing repeatable ETL or dashboards, use dbt or Metabase. But for one-off questions like 'what's the 95th percentile response time in this log file', it's faster than writing the query yourself. Skip it if you don't already use DuckDB or if your data lives in Postgres or BigQuery. There are better MCPs for those. But if you're a data engineer or analyst who keeps Parquet files lying around, this is a clean way to interrogate them without leaving your editor.
Verdict

Install this if you're already comfortable with DuckDB and want to query local files or in-memory data through Claude. Skip it if your data lives in a remote database or if you need write access regularly. It's a sharp tool for a specific job, not a general-purpose database client.

Good at

  • Read-only by default prevents accidental data corruption during exploratory queries.
  • Handles Parquet and CSV natively, so you can query files without importing them first.
  • In-memory mode is fast for small datasets and doesn't require a database file.
  • DuckDB's SQL dialect is close to Postgres, so queries feel familiar if you know standard SQL.
  • Installation is a single command with no external dependencies beyond Python.

Watch out

  • Memory usage spikes on large datasets because DuckDB loads data into RAM for performance.
  • No direct access to DuckDB extensions like spatial or JSON functions without pre-configuring the database.
  • Error messages from DuckDB are terse and Claude sometimes misinterprets them, requiring manual debugging.
  • Only useful if your data is local or you're comfortable with DuckDB's file formats.
  • Write mode requires manual config and trust in your prompts, which isn't ideal for production workflows.

Use cases

  • analytical SQL
  • Parquet exploration
  • ad-hoc data science
  • local warehouse queries

Getting started

1. Run `uvx mcp-server-duckdb` to install the server. 2. Add this block to your Claude Desktop config under `mcpServers`: `{"duckdb": {"command": "uvx", "args": ["mcp-server-duckdb", "--db-path", "/path/to/your.db"]}}`. Leave out `--db-path` for in-memory mode. 3. Restart Claude Desktop and ask it to query a Parquet or CSV file by path. It should generate and run SQL automatically. 4. Watch your memory usage if you're working with files over a gigabyte. DuckDB loads data into RAM for speed. 5. If you need write access, add `--read-only false` to the args array, but test your prompts carefully first.

Works with

Claude DesktopClaude CodeCursor

Similar MCPs