superset-mcp
Provides an MCP server that lets AI agents interact with an Apache Superset instance (manage dashboards/charts/datasets/tags and run/inspect SQL Lab queries) via a set of MCP tools.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
README states credentials are stored locally in .env and access token is stored in .superset_token. Tool-driven actions can modify/delete Superset resources, so least-privilege and agent call restrictions are important. TLS enforcement and secure token transport/storage hardening are not described in the provided content; rate limiting and detailed auth error handling are not documented.
⚡ Reliability
Best When
You control both the MCP runtime and the Superset instance, and you want agents to automate Superset metadata and SQL Lab tasks.
Avoid When
You cannot restrict agent permissions or audit/monitor tool calls; or you require well-specified operational behaviors (retries, pagination, rate limits) to be documented.
Use Cases
- • Agent-assisted Superset administration (list/create/update/delete dashboards and charts)
- • Programmatic dataset and database connection management
- • Natural-language-driven SQL Lab querying and saved query workflows
- • Metadata exploration (databases, catalogs, functions, related objects, tags, recent activity)
- • Dynamic chart exploration artifact creation (form data/permalinks)
Not For
- • High-security environments without additional hardening/review (the tooling enables destructive operations like deletes)
- • Untrusted agent execution where tool calls could be used to exfiltrate/modify business data
- • Production setups without TLS and careful secret/token management
- • Use cases requiring strict guarantees around idempotency, pagination, or retry safety (not documented)
Interface
Authentication
Auth is configured via SUPERSET_USERNAME and SUPERSET_PASSWORD and then an access token is managed/stored locally (per README: .superset_token). No explicit scope granularity is described.
Pricing
Open-source (MIT) library; costs are primarily your infrastructure/LLM usage and any Superset hosting.
Agent Metadata
Known Gotchas
- ⚠ Tools include destructive operations (e.g., delete dashboards/charts/tags); agents should be constrained with permissions and guarded prompts/approval flows.
- ⚠ Token is stored locally in .superset_token; ensure secure local handling and cleanup for shared environments.
- ⚠ No documented behavior for pagination, rate limiting, retries, or idempotency—agents may need defensive handling.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for superset-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.