MCP servers for databases and data workflows
Database, SQL, analytics, and data workflow MCP servers that help Claude inspect, query, transform, or document structured data.
Database, SQL, analytics, and data workflow MCP servers that help Claude inspect, query, transform, or document structured data.
Choose a database MCP server by the database you run and how much write access you want to grant. Prefer source-backed servers with documented safety and privacy behavior, and confirm whether the server exposes read-only queries or full read/write before connecting it to anything that matters.
How to choose
- Your database
- Match the server to PostgreSQL, MySQL, MongoDB, Redis, or your managed provider.
- Read vs read/write
- Check whether the server allows mutations, and scope the credentials you give it to least privilege.
- Source & trust
- Prefer first-party or source-backed servers with a verifiable repository over unverified ones.
- Safety & privacy notes
- Confirm the server documents what data it reads and what it sends before granting database access.
Compared at a glance
The top 5 picks side by side on trust, install, platform support, and disclosed notes — full rationale for each below.
3 trust signals differ across this comparison (Package trust, Source provenance, Submitter).
| Field | Token-efficient database MCP server for PostgreSQL, MySQL, MariaDB, SQL Server, and SQLite. Open dossier | SQLAlchemy-backed MCP server for exploring relational databases, inspecting schemas and relationships, and executing SQL queries from Claude. Open dossier | Official MCP server providing read-only access to PostgreSQL databases with schema inspection and query capabilities Open dossier | Connect Claude to Teradata — list databases and tables, inspect DDL, run SQL queries, preview data, analyze column quality, and explore DBA diagnostics — with the official Teradata MCP server supporting optional ML tool expansion via the teradataml Python package. Open dossier | Connect Claude to ClickHouse for read-only SQL exploration, schema discovery, and safe analytics workflows. Open dossier |
|---|---|---|---|---|---|
| Next steps | |||||
| Trust | |||||
| Review status | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed |
| Package trustDiffers | Package not verified | Package not verified | Package verified | Package not verified | Package not verified |
| Source provenanceDiffers | Source-backed | Source-backed | No submission link | Source-backed | Source-backed |
| SubmitterDiffers | oktofeesh1 | oktofeesh1 | — | — | oktofeesh1 |
| Install risk | Review first | Review first | Low risk | Review first | Review first |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Brand | — | — | — | ||
| Category | mcp | mcp | mcp | mcp | mcp |
| Source | Source-backed | Source-backed | First-party | Source-backed | Source-backed |
| Author | Bytebase | Rune Kaagaard | Anthropic | Teradata | ClickHouse |
| Added | 2026-06-05 | 2026-06-06 | 2025-09-16 | 2026-06-18 | 2026-06-03 |
| Platforms | |||||
| Harness | |||||
| Source repo | — | — | — | — | — |
| Safety notes | ✓DBHub can execute SQL queries against configured databases. SQL execution can read, create, update, delete, or otherwise modify data depending on database permissions and requested queries. Configure read-only mode, row limits, query timeouts, least-privilege credentials, and human review before using DBHub with production or sensitive databases. Custom tools can wrap reusable parameterized SQL, so review their definitions before allowing agents to call them. | ✓MCP Alchemy exposes database table discovery, schema inspection, relationship mapping, and SQL execution. The execute_query tool can run arbitrary SQL text against the configured SQLAlchemy database. The source creates SQLAlchemy connections with AUTOCOMMIT, so successful write, DDL, or administrative statements can commit immediately. The server does not enforce read-only SQL; use database permissions, read-only users, and human review to constrain writes. Query results are truncated by EXECUTE_QUERY_MAX_CHARS unless Claude Local Files output is configured. When CLAUDE_LOCAL_FILES_PATH is set, full result sets can be written to local files for artifact access. | ✓Use a read-only database user with restricted schemas unless write access is explicitly needed and reviewed. | ✓The `base_query` tool executes arbitrary SQL on your Teradata system — only connect with credentials scoped to the minimum required permissions. Row limits (`DEFAULT_ROW_LIMIT`, `MAX_ROW_LIMIT`) prevent accidental full-table scans returning millions of rows; leave defaults in place unless you need larger result sets. | ✓The upstream server runs ClickHouse queries in read-only mode by default because `CLICKHOUSE_ALLOW_WRITE_ACCESS` is false unless explicitly enabled. Leave write access disabled for production investigation workflows. If write access is enabled, destructive operations such as DROP and TRUNCATE require the additional `CLICKHOUSE_ALLOW_DROP` opt-in. Treat both flags as privileged operational changes, not normal client configuration. Use a dedicated least-privilege ClickHouse user or role. MCP read-only mode does not hide tables, columns, rows, or system metadata that the database account is already allowed to read. Review model-generated SQL before execution, especially broad table scans, expensive aggregations, cross-database queries, or wide time ranges against production clusters. For HTTP or SSE transports, keep authentication enabled. The upstream server requires authentication by default for those transports and only documents disabling it for local development. |
| Privacy notes | ✓Database connection strings, hostnames, schemas, table names, column names, row data, query text, query results, traces, and errors may be visible to the MCP client and model provider. Databases can contain personal data, customer records, credentials, business metrics, audit logs, payment data, healthcare data, and proprietary operational state. Avoid exposing production databases or regulated data unless the database, MCP client, and model session are approved for that access. | ✓DB_URL can contain database hostnames, usernames, passwords, database names, driver names, and connection options. Schemas, table names, column names, foreign keys, SQL text, query results, errors, row counts, and generated local result files may be visible to the MCP client and model provider. SQLAlchemy-compatible databases can contain customer records, credentials, analytics, payment data, healthcare data, source-code metadata, or other regulated information. DB_URL, DB_ENGINE_OPTIONS, CLAUDE_LOCAL_FILES_PATH, result files, and database credentials should stay out of prompts, issues, logs, screenshots, and committed files. | ✓Queried schemas, table names, rows, connection details, and application data may be exposed through tool calls. | ✓Query results, schema definitions, DDL, and session/system metadata from your Teradata instance are surfaced in Claude's context. Your database credentials are embedded in the `DATABASE_URI` — keep it in the MCP config env and never commit it to version control. | ✓Query results, database names, table names, column metadata, create-table definitions, and aggregate outputs can become visible to the connected MCP client and model session. ClickHouse data often includes logs, events, analytics records, user identifiers, IP addresses, request payloads, or product usage data; use database permissions and query limits before exposing production datasets. Store ClickHouse passwords, roles, and bearer tokens in MCP environment configuration or your client secret-management flow, not in prompts or checked-in configuration files. chDB support can query local files, URLs, and embedded datasets when enabled. Keep it disabled unless that local data access is intentional. |
| Prerequisites |
|
|
|
|
|
| Install | | | | | |
| Config | | | | | |
| Citations | |||||
| Claim | Unclaimed | Unclaimed | Unclaimed | Unclaimed | Unclaimed |
- 01
DBHub MCP Server
Let Claude explore schemas, execute SQL, and use reusable database tools across multiple database engines through DBHub.
Added 1mo agoSafety ✓ Privacy ✓by Bytebase · submitted by oktofeesh1Why it made the cutDBHub MCP Server is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 02
MCP Alchemy
Connect Claude to SQLAlchemy-compatible databases for schemas, relationships, and SQL queries.
Added 1mo agoSafety ✓ Privacy ✓by Rune Kaagaard · submitted by oktofeesh1Why it made the cutMCP Alchemy is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 03
Postgresql MCP Server - MCP Servers
Official MCP server providing read-only access to PostgreSQL databases with schema inspection and query capabilities
Added 10mo agoSafety ✓ Privacy ✓by AnthropicWhy it made the cutPostgresql MCP Server - MCP Servers is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 04
Teradata MCP Server for Claude
Official Teradata MCP: query databases, inspect schemas, run SQL & analyze data quality from Claude.
Added 1mo agoSafety ✓ Privacy ✓by TeradataWhy it made the cutTeradata MCP Server for Claude is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 05
ClickHouse MCP Server for Claude
MCP server for ClickHouse SQL queries, database and table discovery, and analytics exploration with read-only defaults.
Added 1mo agoSafety ✓ Privacy ✓by ClickHouse · submitted by oktofeesh1Why it made the cutClickHouse MCP Server for Claude is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 06
DuckDB MCP Server
Query local DuckDB database files through an MCP SQL tool with optional read-only mode.
Added 1mo agoSafety ✓ Privacy ✓by ktanaka101 · submitted by oktofeesh1Why it made the cutDuckDB MCP Server is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 07
MCP SQLite Server for Claude
MCP SQLite: read and write any local SQLite database from Claude with full CRUD and raw SQL.
Added 1mo agoSafety ✓ Privacy ✓by jparkerwebWhy it made the cutMCP SQLite Server for Claude is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 08
MySQL MCP Server
Let Claude inspect MySQL schemas and run controlled SQL queries with environment-based permissions, multi-database mode, and SSH tunnel support.
Added 1mo agoSafety ✓ Privacy ✓by benborla · submitted by oktofeesh1Why it made the cutMySQL MCP Server is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 09
Postgres MCP Pro
Inspect Postgres schemas, run guarded SQL, explain query plans, analyze slow workloads, and get index or health recommendations from Claude.
Added 1mo agoSafety ✓ Privacy ✓by Crystal DBA · submitted by oktofeesh1Why it made the cutPostgres MCP Pro is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 10
StarRocks MCP Server
Connect Claude to StarRocks SQL, schemas, system resources, overviews, and charts.
Added 1mo agoSafety ✓ Privacy ✓by StarRocks · submitted by oktofeesh1Why it made the cutStarRocks MCP Server is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 11
Turso MCP Server for Claude
Official Turso MCP: query, modify, and schema-manage libSQL databases from Claude.
Added 1mo agoSafety ✓ Privacy ✓by TursoWhy it made the cutTurso MCP Server for Claude is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 12
Redis MCP Server for Claude
Official Redis MCP server providing natural language interface for Redis data management and operations
Added 10mo agoSafety ✓ Privacy ✓by RedisWhy it made the cutRedis MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 13
CockroachDB Cloud MCP Server for Claude
Official CockroachDB Cloud MCP: query schemas, run SELECT, explain plans & monitor clusters from Claude.
Added 1mo agoSafety ✓ Privacy ✓by Cockroach LabsWhy it made the cutCockroachDB Cloud MCP Server for Claude is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 14
MotherDuck MCP Server for Claude
Official MotherDuck/DuckDB MCP server: run SQL analytics and explore schemas from Claude.
Added 1mo agoSafety ✓ Privacy ✓by MotherDuckWhy it made the cutMotherDuck MCP Server for Claude is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 15
Neon MCP Server for Claude
Connect Claude to Neon Postgres projects, branches, schemas, queries, migrations, Auth, Data API setup, and docs.
Added 1mo agoSafety ✓ Privacy ✓by Neon · submitted by oktofeesh1Why it made the cutNeon MCP Server for Claude is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 16
Airtable MCP Server for Claude
Read and write records, manage bases and tables in Airtable directly from Claude
Added 10mo agoSafety ✓ Privacy ✓by domdomeggWhy it made the cutAirtable MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
Missing a pick? Propose an edit to this list — every change goes through the same review queue as new entries.
Suggest a pickGet the weekly brief
One calm read on Claude workflows. Sundays. No tracking pixels.
Unsubscribe any time. No tracking pixels. No partner blasts.