Cette page est affichée en anglais. Une traduction française est en cours.
MCP ConfigsMay 12, 2026·2 min de lecture

ClickHouse MCP — Read-Only Defaults + Drop Protection

ClickHouse MCP connects MCP clients to ClickHouse or embedded chDB with read-only defaults, optional writes, and double opt-in for DROP/TRUNCATE safety.

MCP Hub
MCP Hub · Community
Prêt pour agents

Staging sûr pour cet actif

Cet actif est d'abord staged. Le prompt copié demande à l'agent d'inspecter les fichiers staged avant d'activer scripts, config MCP ou config globale.

Stage only · 17/100Policy : staging
Surface agent
Tout agent MCP/CLI
Type
Mcp Config
Installation
Stage only
Confiance
Confiance : Established
Point d'entrée
Asset
Commande de staging sûr
npx -y tokrepo@latest install 284265e6-a9c0-5b2f-b769-60966256e908 --target codex

Stage les fichiers d'abord; l'activation exige la revue du README et du plan staged.

Introduction

ClickHouse MCP connects MCP clients to ClickHouse or embedded chDB with read-only defaults, optional writes, and double opt-in for DROP/TRUNCATE safety.

  • Best for: teams that want ClickHouse analytics access for agents but need strict safety controls for mutations and drops
  • Works with: ClickHouse or chDB, Python + uv/pip, MCP clients (Claude Desktop, Cursor) via stdio/HTTP
  • Setup time: 10-30 minutes

Practical Notes

  • Quant: keep CLICKHOUSE_ALLOW_WRITE_ACCESS off by default; enable it only for controlled workflows (migrations, backfills).
  • Quant: destructive ops require a second flag (CLICKHOUSE_ALLOW_DROP=true)—use that as a policy gate for production safety.

Rollout pattern

  • Start with the ClickHouse SQL playground credentials or a staging cluster to validate connectivity and result formats.
  • Keep writes disabled; create a second server instance for admin tasks if you truly need mutations.
  • Enable auth before exposing HTTP/SSE to any shared network and rotate tokens regularly.

Watchouts

Even with write flags off, leaking sensitive query results into an LLM is still a risk. Apply query limits, masking, and least-privilege credentials.

FAQ

Q: Can it work without ClickHouse (local only)? A: Yes. The README describes a chDB mode that runs an embedded ClickHouse engine.

Q: How do I enable writes safely? A: Set CLICKHOUSE_ALLOW_WRITE_ACCESS=true, and keep CLICKHOUSE_ALLOW_DROP off unless you explicitly need destructive operations.

Q: What should I test first? A: Run one SELECT against a known table and verify the server refuses mutation queries in default mode.

🙏

Source et remerciements

Source: https://github.com/ClickHouse/mcp-clickhouse > License: Apache-2.0 > GitHub stars: 777 · forks: 180

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires