{"id":"firebolt-db-mcp-server","name":"mcp-server","homepage":"https://www.firebolt.io/","repo_url":"https://github.com/firebolt-db/mcp-server","category":"ai-ml","subcategories":[],"tags":["mcp","firebolt","ai-agents","data-warehouse","sql","documentation-access","go","sse","stdio"],"what_it_does":"An MCP (Model Context Protocol) server (implemented in Go) that connects an LLM/agent to the Firebolt Data Warehouse. It exposes MCP tools for browsing Firebolt documentation, establishing Firebolt connections, executing SQL queries, and searching docs. It runs as a stdio-based MCP server by default, with optional SSE transport, and can be deployed via Docker or a binary. Authentication is done using Firebolt service-account credentials (client ID/secret) or via a Firebolt Core URL.","use_cases":["Enable LLM/agent assistants to query Firebolt data warehouses via MCP tools","Let agents browse/search Firebolt SQL/function/documentation from within an MCP workflow","Connect multiple Firebolt engines/workspaces for agent-driven analysis","Provide “docs proof” gating before allowing connection/querying to reduce missing-context failures"],"not_for":["Interactive, low-latency chat use cases that cannot tolerate extra steps (e.g., docs-read proof and/or doc/resource-heavy MCP calls)","Environments where exposing database query capabilities to an autonomous agent is not acceptable without additional guardrails","Clients that cannot integrate MCP over stdio or SSE"],"best_when":"You want to integrate an MCP-capable LLM client (Cursor/VS Code Copilot Chat/Claude Desktop/others) with Firebolt for doc-aware SQL querying and analysis, and you can supply Firebolt service-account credentials (or a Firebolt Core URL).","avoid_when":"You need a traditional REST/GraphQL API surface rather than MCP, or you require fine-grained, per-query authorization/permissions enforced at the MCP layer (not documented here).","alternatives":["Use Firebolt’s own client libraries/SDKs directly from your application and wrap them with your own tool endpoints","Create a custom MCP server that exposes only a tightly scoped subset of SQL operations and enforces query policies","Use other Firebolt integrations/tools that are not MCP-based (depending on your agent platform)"],"af_score":57.5,"security_score":59.5,"reliability_score":32.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:38:27.434287+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Firebolt service account (client ID + client secret via env/CLI args)","Firebolt Core connection via CORE URL"],"oauth":false,"scopes":false,"notes":"README indicates authentication is done via Firebolt service-account credentials or a Firebolt Core URL. No explicit per-scope authorization model is described for MCP tools."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing details are provided for the MCP server itself; Firebolt usage costs (if any) would depend on the Firebolt plan."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":57.5,"security_score":59.5,"reliability_score":32.5,"mcp_server_quality":78.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":70.0,"rate_limit_clarity":10.0,"tls_enforcement":75.0,"auth_strength":65.0,"scope_granularity":25.0,"dependency_hygiene":55.0,"secret_handling":75.0,"security_notes":"Authentication is based on Firebolt service-account client ID/secret or Core URL. The README shows secrets passed via CLI args/env variables (not in code snippets), but it does not document how secrets are stored, redacted, or logged, nor does it describe fine-grained tool authorization (all-or-nothing capabilities at the MCP level are implied). The server supports running with --network host in Docker examples, which can increase exposure if not constrained by your environment network policies. No CSP/SSRF/query-safety controls are documented; since it can execute SQL, additional guardrails are recommended when used with autonomous agents.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":50.0,"error_recovery":25.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Cursor may not work because the server uses MCP resources heavily; set FIREBOLT_MCP_DISABLE_RESOURCES=true to mitigate","The default firebolt_connect tool requires an LLM to present a read proof of Firebolt docs first; this can increase latency and token usage; disable via --skip-docs-proof / FIREBOLT_MCP_SKIP_DOCS_PROOF"]}}