dbt-core-mcp
A Model Context Protocol (MCP) server that lets AI assistants interact with dbt projects: inspect project/resource metadata (models, sources, seeds, snapshots, tests), analyze lineage and impact, and run dbt commands/queries using the user’s existing dbt/adapter/environment via “bridge execution” (no dbt-core/adapters required on the server).
Score Breakdown
⚙ Agent Friendliness
🔒 Security
No explicit transport/authentication controls are documented for the MCP server. The primary security risk is that the agent can cause execution of dbt commands against configured warehouses, potentially using sensitive credentials from local dbt profiles. Dependency hygiene appears moderate (explicit pins include psutil==7.2.1; other deps are unpinned). TLS and secret-handling behavior are not documented in the provided content.
⚡ Reliability
Best When
You have a local dbt project and want an agent to safely operate within your environment (workspace directory, dbt version, adapter, and credentials) to inspect metadata and execute dbt commands.
Avoid When
You cannot grant the agent permission to run dbt commands against your data warehouses (or you require strict restrictions on execution). Also avoid if your dbt project relies heavily on Python models.
Use Cases
- • Ask questions about dbt projects (models, sources, tests) and retrieve compiled SQL/metadata
- • Lineage and impact analysis prior to changes (what is upstream/downstream of a resource)
- • Run smart dbt builds and tests for changed models and downstream dependencies
- • Debug transformations by inspecting compiled SQL and (claimed) CTE-level details
- • Validate connection/environment via dbt debug through the tooling
Not For
- • Running or introspecting non-SQL dbt models (Python models are explicitly not supported)
- • Scenarios requiring a hosted SaaS API with centralized authentication/quotas (this is local/workspace-oriented tooling)
- • Production workflows that need strong enterprise security guarantees without additional hardening/controls around dbt execution and database credentials
Interface
Authentication
The README focuses on local execution and workspace detection rather than MCP/API authentication. Security therefore depends on your local environment, dbt profiles/credentials, and MCP client/host access controls.
Pricing
No pricing information provided; repository appears to be an MIT-licensed open source tool installed locally.
Agent Metadata
Known Gotchas
- ⚠ Executing dbt commands can be long-running and can fail due to warehouse/adapter/auth/profile issues; the server mentions optional timeouts for dbt commands.
- ⚠ Only SQL models are supported; Python models are not.
- ⚠ The tool may trigger dbt compile when requesting compiled SQL (can be expensive/time-consuming and may require access to your project and dependencies).
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for dbt-core-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.