mcpSource-backedReview first Safety ✓ Privacy ✓

SpotDB MCP Server for Claude

SpotDB local MCP server that exposes an ephemeral DuckDB sandbox for AI agents to upload CSV data, run guarded SQL queries, and explore datasets without touching production databases.

by Alien Giraffe·added 2026-06-16·

Claude Code Claude Desktop

HarnessClaude CodeClaude Desktop

Install

Source

Install spotdb from DOCS.md, start the server, then add the documented mcp-remote bridge from the MCP setup section.

Readiness

TrustReview first
Sourcesource-backed
Safety notesPresent
ReviewedYes

Documentation Source repository Registry JSON · LLM text

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

SpotDB is an ephemeral sandbox, but uploaded CSVs may contain sensitive business or personal data during the session.
SQL queries run through MCP are read-only by design, yet results can expose confidential rows if uploaded carelessly.
Localhost MCP bridges use --allow-http; run only on trusted machines and stop spotdb when finished.
Rate limiting and CSV injection validation are configurable; review SpotDB security settings before team rollout.

Privacy notes

Uploaded CSV data resides in local memory only and is destroyed when spotdb stops per official documentation.
Do not upload production exports containing credentials, tokens, or regulated personal data without policy review.
Query results returned to Claude follow your Claude client data handling settings.

Prerequisites

SpotDB installed and running locally per the official DOCS.md setup guide.
Node.js with npx available for the mcp-remote bridge documented in SpotDB MCP setup.
CSV files uploaded through the SpotDB web explorer on port 8080 before querying via MCP.
Understanding that SpotDB stores data in-memory only and destroys it when the server stops.

Schema details

Install type: cli
Reading time: 5 min
Difficulty score: 40
Troubleshooting: Yes
Breaking changes: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 15 minutes
Difficulty: intermediate

Tool listing metadata

Website: https://github.com/aliengiraffe/spotdb

Full copyable content

{
  "mcpServers": {
    "spotdb-sse": {
      "command": "npx",
      "args": ["-y", "mcp-remote", "SPOTDB_MCP_SSE_URL_FROM_DOCS", "--allow-http"],
      "env": { "npm_config_yes": "true" }
    }
  }
}

About this resource

Overview

SpotDB provides a local Model Context Protocol server backed by an ephemeral DuckDB sandbox. AI assistants can list tables, inspect schemas, and run guarded SQL queries against CSV data uploaded through the SpotDB web interface, without connecting to production databases.

Official setup and MCP configuration are documented in the SpotDB repository DOCS.md. The MCP server listens on port 8081 with SSE and streamable HTTP endpoints when spotdb is running.

Features

MCP integration for Claude Desktop and other MCP clients via mcp-remote.
Ephemeral in-memory DuckDB storage destroyed when the server stops.
CSV upload and automatic table creation through the web explorer.
Guarded read-only SQL access with validation and optional rate limiting.
SSE and streamable HTTP transports on localhost port 8081.

Use Cases

Explore ad hoc CSV exports with Claude without loading data into a warehouse.
Prototype SQL analysis prompts on sample datasets in an isolated sandbox.
Validate AI-generated queries against uploaded test files before production use.
Teach data exploration workflows where ephemeral storage is required by policy.

Installation

Install and start spotdb per DOCS.md.
Upload CSV files through the SpotDB web explorer on port 8080.
Copy the exact mcp-remote MCP server block from the Claude Desktop section of DOCS.md for port 8081 SSE or streamable transport.
Restart your MCP host and ask Claude to query uploaded tables.

Source Notes

Verified against SpotDB DOCS.md on 2026-06-16:

Documentation describes MCP SSE and streamable HTTP endpoints on localhost port 8081.
Setup instructions show mcp-remote bridges for Claude Desktop with --allow-http.
CSV uploads occur through the web explorer because MCP does not accept direct file uploads.
Data is ephemeral and destroyed when spotdb stops.

Duplicate Check

Checked content/mcp for SpotDB or aliengiraffe DuckDB sandbox coverage. No existing MCP entry covers ai.aliengiraffe/spotdb as a local ephemeral SQL sandbox.

Editorial Disclosure

Submitted as an independent community MCP entry by kiannidev, based on the public aliengiraffe/spotdb repository and DOCS.md. No paid placement, referral, or affiliate relationship.

Sources

SpotDB DOCS.md - https://github.com/aliengiraffe/spotdb/blob/main/DOCS.md
SpotDB repository - https://github.com/aliengiraffe/spotdb
Claude Code MCP - https://code.claude.com/docs/en/mcp

#duckdb #sql #data-analysis #local-mcp #ephemeral

Source citations

Add this badge to your README

Show that SpotDB MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/mcp/ai-aliengiraffe-spotdb-mcp-server.svg)](https://heyclau.de/entry/mcp/ai-aliengiraffe-spotdb-mcp-server)

How it compares

SpotDB MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	SpotDB MCP Server for Claude SpotDB local MCP server that exposes an ephemeral DuckDB sandbox for AI agents to upload CSV data, run guarded SQL queries, and explore datasets without touching production databases. Open dossier	DuckDB MCP Server MCP server for querying a local DuckDB database file from Claude through a single SQL query tool, with optional DuckDB-native read-only mode. Open dossier	Agent Device MCP Server Official MCP server for agent-device, Callstack's device automation CLI for inspecting, controlling, debugging, recording, and collecting evidence from iOS, Android, TV, macOS, Linux, React Native, Expo, Flutter, and native apps. Open dossier	AntV MCP Server Chart Visualization MCP server for generating charts, diagrams, maps, graphs, spreadsheets, and data-analysis visuals with AntV. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	mcp	mcp	mcp	mcp
Source	source-backed	source-backed	source-backed	source-backed
Author	Alien Giraffe	ktanaka101	Callstack	AntV
Added	2026-06-16	2026-06-06	2026-06-06	2026-06-05
Platforms	Claude CodeClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop
Source repo	—	—	—	—
Safety notes	✓SpotDB is an ephemeral sandbox, but uploaded CSVs may contain sensitive business or personal data during the session. SQL queries run through MCP are read-only by design, yet results can expose confidential rows if uploaded carelessly. Localhost MCP bridges use --allow-http; run only on trusted machines and stop spotdb when finished. Rate limiting and CSV injection validation are configurable; review SpotDB security settings before team rollout.	✓The server exposes a single `query` tool that can execute any valid DuckDB SQL statement against the configured database. Without `--readonly`, the server can create the database file, create tables, insert data, update rows, delete rows, and mutate database state. With `--readonly`, the server opens DuckDB with native read-only protection and fails to start if the database file or parent directory is missing. The `--keep-connection` option can hold a persistent DuckDB connection and file lock for the server lifetime. Treat SQL generated by a model as executable code; review queries before running them on important data.	✓Agent Device MCP exposes structured tools backed by `AgentDeviceClient`; the docs state it does not expose generic shell execution over MCP. Tools and CLI workflows can open apps, inspect UI, tap, type, scroll, perform gestures, wait, assert state, handle alerts, and close sessions. Evidence workflows can capture screenshots, recordings, logs, traces, network traffic, performance samples, crash context, React profiles, and replay files. Mutating commands should run serially against one session, and separate sessions or devices should be used for parallel work. Prefer dedicated test devices or simulators, and require approval before entering credentials, submitting forms, changing settings, installing apps, sending messages, or touching production accounts.	✓AntV MCP Server Chart can generate visual outputs from provided data, so review charts before using them in reports, dashboards, or customer-facing material. Geographic visualization tools may depend on external map services and have regional limitations described by the upstream project. Disable unsupported or unwanted chart tools with `DISABLED_TOOLS` when an MCP client has compatibility issues or a workflow should expose fewer visualization actions. Use private rendering infrastructure through `VIS_REQUEST_SERVER` when sensitive datasets should not be sent to the default chart generation service.
Privacy notes	✓Uploaded CSV data resides in local memory only and is destroyed when spotdb stops per official documentation. Do not upload production exports containing credentials, tokens, or regulated personal data without policy review. Query results returned to Claude follow your Claude client data handling settings.	✓Tool calls and results can expose database paths, table names, schemas, query text, row values, file paths referenced by SQL, and analytical results to the MCP client and model provider. DuckDB can query local files and extensions depending on SQL, configuration, and installed capabilities; keep the server scoped to approved data directories. Do not point writable sessions at production, customer, regulated, or irreplaceable DuckDB files without backups and explicit approval. Query errors can reveal schema names, file paths, and data-shape details.	✓Screenshots, recordings, traces, logs, network dumps, replay files, reports, UI snapshots, typed input, and React profiles can contain private UI state, tokens, request data, customer information, or credentials. macOS, iOS, Android, and TV automation can expose local app state, notifications, device names, package identifiers, app content, system dialogs, and permission prompts. Network inspection artifacts may include headers, payloads, session identifiers, URLs, and API data; review before sharing or committing. Interactive CLI runs may check npm for newer package versions unless `AGENT_DEVICE_NO_UPDATE_NOTIFIER=1` is set.	✓Chart data, labels, prompts, generated images, service identifiers, and rendering requests may contain business metrics, personal data, locations, or customer information. Default chart rendering can involve AntV-hosted services; review data sensitivity before sending private datasets. Protect custom rendering endpoints, service identifiers, and any generated record links in client configs, logs, screenshots, and shared prompts.
Prerequisites	SpotDB installed and running locally per the official DOCS.md setup guide. Node.js with npx available for the mcp-remote bridge documented in SpotDB MCP setup. CSV files uploaded through the SpotDB web explorer on port 8080 before querying via MCP. Understanding that SpotDB stores data in-memory only and destroys it when the server stops.	Python and `uvx` available to the MCP client runtime. Existing DuckDB database file when using `--readonly`. Path to a DuckDB database file that Claude is allowed to query. Decision on whether the server should run in read-only mode before connecting it to an agent.	Node.js 22 or newer and `agent-device` installed globally or project-locally. Xcode tooling for iOS, tvOS, or macOS targets, or Android SDK and ADB for Android targets. Device, simulator, emulator, TV, macOS, or Linux desktop target that the agent is allowed to automate. Required local permissions such as Android device trust, iOS Developer Mode, macOS Accessibility, and Screen Recording where applicable.	Node.js and npm available to the MCP client runtime. Structured data or a clear visualization request. Optional private chart rendering service if default remote rendering is not appropriate for the data. Optional tool filtering plan for chart types that should not be exposed to a given agent workflow.
Install	`Install spotdb from DOCS.md, start the server, then add the documented mcp-remote bridge from the MCP setup section.`	`uvx mcp-server-duckdb --db-path ./data.duckdb --readonly`	`claude mcp add --transport stdio --scope user agent-device -- agent-device mcp`	`npx -y @antv/mcp-server-chart`
Config	`{ "mcpServers": { "spotdb-sse": { "command": "npx", "args": ["-y", "mcp-remote", "SPOTDB_MCP_SSE_URL_FROM_DOCS", "--allow-http"], "env": { "npm_config_yes": "true" } }, "spotdb-streamable": { "command": "npx", "args": ["-y", "mcp-remote", "SPOTDB_MCP_STREAM_URL_FROM_DOCS", "--allow-http"], "env": { "npm_config_yes": "true" } } } }`	`{ "mcpServers": { "duckdb": { "command": "uvx", "args": ["mcp-server-duckdb", "--db-path", "./data.duckdb", "--readonly"] } } }`	`{ "mcpServers": { "agent-device": { "command": "agent-device", "args": ["mcp"] } } }`	`{ "mcpServers": { "mcp-server-chart": { "command": "npx", "args": ["-y", "@antv/mcp-server-chart"], "env": { "DISABLED_TOOLS": "generate_fishbone_diagram,generate_mind_map" } } } }`
Citations	Source repositorygithub.com 2026-06-16T20:02:04+00:00 Documentationgithub.com Submitted by kiannidev2026-06-16	Source repositorygithub.com 2026-06-16T20:02:04+00:00 Documentationgithub.com Submitted by oktofeesh12026-06-06	Source repositorygithub.com 2026-06-16T20:02:04+00:00 Documentationgithub.com Submitted by oktofeesh12026-06-06	Source repositorygithub.com 2026-06-16T20:02:04+00:00 Documentationgithub.com Submitted by oktofeesh12026-06-05
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Signals

Loading live community signals…