DuckDB MCP Server
MCP server for querying a local DuckDB database file from Claude through a single SQL query tool, with optional DuckDB-native read-only mode.
Open the source and read safety notes before installing.
Safety notes
- The server exposes a single `query` tool that can execute any valid DuckDB SQL statement against the configured database.
- Without `--readonly`, the server can create the database file, create tables, insert data, update rows, delete rows, and mutate database state.
- With `--readonly`, the server opens DuckDB with native read-only protection and fails to start if the database file or parent directory is missing.
- The `--keep-connection` option can hold a persistent DuckDB connection and file lock for the server lifetime.
- Treat SQL generated by a model as executable code; review queries before running them on important data.
Privacy notes
- Tool calls and results can expose database paths, table names, schemas, query text, row values, file paths referenced by SQL, and analytical results to the MCP client and model provider.
- DuckDB can query local files and extensions depending on SQL, configuration, and installed capabilities; keep the server scoped to approved data directories.
- Do not point writable sessions at production, customer, regulated, or irreplaceable DuckDB files without backups and explicit approval.
- Query errors can reveal schema names, file paths, and data-shape details.
Prerequisites
- Python and `uvx` available to the MCP client runtime.
- Existing DuckDB database file when using `--readonly`.
- Path to a DuckDB database file that Claude is allowed to query.
- Decision on whether the server should run in read-only mode before connecting it to an agent.
- Backups or disposable test data before allowing writable SQL operations.
Schema details
- Install type
- cli
- Troubleshooting
- No
- Scope
- Source repo
- Estimated setup
- 10 minutes
- Difficulty
- intermediate
Full copyable content
{
"mcpServers": {
"duckdb": {
"command": "uvx",
"args": [
"mcp-server-duckdb",
"--db-path",
"./data.duckdb",
"--readonly"
]
}
}
}About this resource
Content
DuckDB MCP Server is a Python MCP server that connects Claude to a local DuckDB
database file. It exposes one tool, query, which executes SQL against the
configured database and returns results as text.
The server is intentionally simple: there are no custom MCP resources or
prompts, and database interaction is handled through SQL. That makes it useful
for local analytics, schema inspection, and data exploration, but it also means
the configured read/write mode matters. The README documents a --readonly
flag that opens DuckDB with native read-only protection and prevents write
operations.
Source Review
- https://github.com/ktanaka101/mcp-server-duckdb
- https://github.com/ktanaka101/mcp-server-duckdb/blob/main/README.md
- https://pypi.org/project/mcp-server-duckdb/
- https://github.com/ktanaka101/mcp-server-duckdb/blob/main/pyproject.toml
- https://github.com/ktanaka101/mcp-server-duckdb/blob/main/src/mcp_server_duckdb/server.py
- https://github.com/ktanaka101/mcp-server-duckdb/blob/main/LICENSE
These sources were reviewed on 2026-06-06. Prefer the live repository, README, PyPI page, package metadata, server implementation, and license for current command names, package version, database flags, and tool behavior.
Features
- Stdio MCP server packaged as
mcp-server-duckdb. - Single
querytool for executing DuckDB SQL. - Configurable
--db-pathfor the target DuckDB database file. - Optional
--readonlymode backed by DuckDB's native read-only connection. - Automatic database file and parent-directory creation when not in read-only mode.
- Optional
--keep-connectionmode for reusing a single connection across requests. - Query results returned as text to the MCP client.
- No custom MCP resources or prompts.
Installation
For MCP clients that launch stdio servers with uvx:
{
"mcpServers": {
"duckdb": {
"command": "uvx",
"args": [
"mcp-server-duckdb",
"--db-path",
"./data.duckdb",
"--readonly"
]
}
}
}
Remove --readonly only when Claude is allowed to create or mutate the database
file. Replace ./data.duckdb with the approved database path for the project.
Use Cases
- Ask Claude to inspect schema and sample analytical tables from a local DuckDB file.
- Run reviewed SELECT queries over local analytics data, evaluation outputs, CSV imports, or Parquet-derived tables.
- Let Claude draft SQL while a human approves the query before execution.
- Use read-only mode for safer data exploration in model-assisted workflows.
- Use a writable disposable database when prototyping transformations or temporary tables.
Safety and Privacy
DuckDB MCP gives a model a SQL execution surface. Use --readonly by default
for existing data, and only switch to writable mode for disposable or backed-up
databases where mutation is intended. Review generated SQL before execution,
especially statements that create, insert, update, delete, attach files, install
extensions, or reference local paths.
Keep database files, source data directories, and query outputs scoped to what the model is allowed to see. Even read-only queries can reveal sensitive rows, schemas, filenames, derived metrics, or internal business logic through results and errors.
Duplicate Check
The catalog already has a DuckDB tools entry for the embedded analytical
database engine itself. This entry covers the separate ktanaka101/mcp-server-duckdb
MCP wrapper that exposes DuckDB through Model Context Protocol. No
mcp-server-duckdb, ktanaka101/mcp-server-duckdb, or dedicated DuckDB MCP
entry was found in content/mcp, content/guides, content/agents, or
content/skills.
Source citations
Signals
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.