qlik-sense-mcp-server
An MCP server that exposes a unified set of tools for interacting with Qlik Sense Enterprise Repository and Engine APIs, including application discovery, metadata inspection, script extraction, field/variable retrieval with pagination/search, and an operation to create a hypercube for analytics.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security posture is largely dependent on TLS verification and the private key handling by the deployment. TLS is supported via HTTPS and certificate-based auth, but the config explicitly allows disabling SSL verification (QLIK_VERIFY_SSL=false). No documentation was provided about authorization scoping per tool or least-privilege strategies beyond using Qlik credentials. Secrets appear configured via env vars and cert paths (not described as logged), which is a positive sign; however, no explicit guidance on logging redaction is included.
⚡ Reliability
Best When
You need a structured MCP interface for Qlik Sense metadata and limited analytics primitives, and you can provide client certificates and connectivity to Qlik Sense Repository/Engine ports.
Avoid When
You cannot establish mutual TLS/certificate-based connectivity to Qlik Sense or you require documented fine-grained rate-limit and error-retry semantics for safe automated agents.
Use Cases
- • Discover and enumerate Qlik Sense applications and streams
- • Inspect application metadata (fields, tables, objects, sheets) and extract app scripts
- • Retrieve field values and variable values with pagination and wildcard search
- • Get field statistics for analytics/QA workflows
- • Create hypercubes for downstream analysis workflows using Qlik’s Engine capabilities
Not For
- • General-purpose Qlik administration beyond the listed MCP tools
- • Use where TLS verification must never be disabled (the configuration explicitly allows turning it off)
- • Production use without validating Qlik certificate material and least-privilege credentials
Interface
Authentication
The README describes certificate-based authentication via env vars (QLIK_CLIENT_CERT_PATH, QLIK_CLIENT_KEY_PATH, QLIK_CA_CERT_PATH). It also includes an option to disable SSL verification via QLIK_VERIFY_SSL=false, which weakens transport security if used.
Pricing
No pricing information provided; repository metadata indicates MIT-licensed open-source package.
Agent Metadata
Known Gotchas
- ⚠ QLIK_VERIFY_SSL=false is documented; agents should default to true and ensure CA verification is set correctly.
- ⚠ Large JSON responses are cautioned against (the README suggests small limits during testing), implying payload size can be an issue for agents/clients.
- ⚠ Some MCP tools bridge Qlik Engine WebSocket calls (timeouts/retries are configurable), so transient WS issues may require tuning (QLIK_WS_TIMEOUT/QLIK_WS_RETRIES).
- ⚠ engine_create_hypercube is an action-like operation; lack of documented idempotency means agents should avoid blind retries without safeguards.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for qlik-sense-mcp-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-04-04.