bonnard

Bonnard is a self-hosted, Docker-deployable semantic layer for AI agents. It provides an MCP server so agents can query governed metric definitions (cubes/views) consistently. It includes a Cube engine for query execution, a CubeStore cache for pre-aggregation, an admin UI, and a deploy API/CLI flow to push schema updates without restarting containers. A /health endpoint is available for monitoring.

Evaluated Mar 30, 2026 (21d ago)
Homepage ↗ Repo ↗ Ai Ml ai-ml agentic-analytics semantic-layer mcp-server structured-output text-to-sql data-modeling self-hosted typescript
⚙ Agent Friendliness
60
/ 100
Can an agent use this?
🔒 Security
55
/ 100
Is it safe for agents?
⚡ Reliability
29
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
85
Documentation
75
Error Messages
0
Auth Simplicity
85
Rate Limits
10

🔒 Security

TLS Enforcement
70
Auth Strength
65
Scope Granularity
20
Dep. Hygiene
45
Secret Handling
70

Docs recommend protecting endpoints with ADMIN_TOKEN (bearer token) and show TLS termination via Caddy. /health remains open. No evidence of fine-grained scopes/permissions, and rate limiting/throttling controls are not described. Secret handling guidance beyond using .env is not detailed.

⚡ Reliability

Uptime/SLA
30
Version Stability
35
Breaking Changes
20
Error Recovery
30
AF Security Reliability

Best When

You want a controlled semantic layer for AI agents with repeatable metric definitions and you can operate a Docker stack (cube/cubestore/bonnard) against a supported warehouse.

Avoid When

You cannot expose an authenticated MCP endpoint over HTTPS (or proxy) to agents, or you need detailed operational/SLA guarantees not evidenced in the provided docs.

Use Cases

  • Agent-native analytics with a single governed semantic layer
  • Text-to-SQL / metrics-layer querying via MCP for LLM agents
  • Serving consistent metrics across multiple consumers (agents, apps, dashboards)
  • Pre-aggregation caching for faster analytical reads
  • Managing and deploying metric/model changes to a running semantic layer

Not For

  • Run-it-and-forget-it fully managed SaaS analytics (this is self-hosted)
  • Low-latency OLTP transaction processing
  • Use cases that require fine-grained per-user authorization beyond bearer-token gating as described

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
Yes
Webhooks
No

Authentication

Methods: Bearer token via Authorization: Bearer <token> for API and MCP endpoints (ADMIN_TOKEN)
OAuth: No Scopes: No

Docs describe a single ADMIN_TOKEN (bearer) that gates API/MCP endpoints; /health remains open. No OAuth flow or fine-grained scopes are described.

Pricing

Free tier: No
Requires CC: No

Self-hosted open-source (Apache-2.0). Costs are infrastructure-related (Docker/compute/warehouse). No pricing information in provided content.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • Authentication is bearer-token based; agents need to send Authorization header for MCP/API calls.
  • The /health endpoint is intentionally unauthenticated; agents should not rely on it for authenticated operations.
  • Correct URL/route for MCP depends on your deployment (example shows /mcp behind a reverse proxy).
  • Rate limit behavior is not documented in the provided README; agents may need conservative request patterns.

Alternatives

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for bonnard.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

Scores are editorial opinions as of 2026-03-30.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered