Part of our Data & Analytics MCP category.
At a glance: 79 GitHub stars (deprecated open-source repo), Apache-2.0 license, remote hosted at mcp.tinybird.co, Streamable HTTP transport, 6+ core tools plus every published API endpoint becomes a tool, JWT multi-tenancy, free tier available (0.25 vCPU, 10GB, 1K queries/day), PulseMCP ~13.1K all-time visitors (#1,879 globally, ~119 weekly). Tinybird is a $240M-valued company (52 employees, $70M raised).
Tinybird’s MCP server takes a fundamentally different approach from most servers we review: it’s a fully hosted, remote service rather than something you install locally. You point your MCP client at mcp.tinybird.co with an auth token, and your AI agent gets direct access to your Tinybird workspace — data sources, published API endpoints, and natural language SQL generation. No npm install, no Docker, no local dependencies.
This makes sense for Tinybird’s use case. Their platform is a managed ClickHouse service for building real-time analytics APIs. The MCP server is a delivery mechanism — it exposes your existing Tinybird workspace to AI agents the same way their REST API exposes it to applications. If you’re already a Tinybird customer, the MCP server is a natural extension. If you’re not, this isn’t a standalone tool — it’s an on-ramp to their platform.
What It Does
The server exposes two categories of tools:
Core Tools (always available)
explore_data— agentic tool for natural language data explorationtext_to_sql— converts natural language questions into ClickHouse SQLexecute_query— runs SQL queries against the Tinybird APIlist_datasources— lists all data sources in your workspacelist_service_datasources— lists organization-level service data sourceslist_endpoints— lists all published API endpoints
Dynamic Endpoint Tools (per-workspace)
Every published API endpoint in your Tinybird workspace automatically becomes an MCP tool. The tool shares the endpoint’s name, accepts the same parameters, and returns JSON results. If you’ve built 20 analytics endpoints, your agent gets 20 additional tools. This is a clever design — it means the MCP server’s capability grows with your Tinybird workspace without any MCP-side configuration.
Setup
Remote connection (recommended):
{
"mcpServers": {
"tinybird": {
"url": "https://mcp.tinybird.co?token=YOUR_TINYBIRD_TOKEN"
}
}
}
For MCP clients that don’t support Streamable HTTP natively (which is most of them as of April 2026), you need the mcp-remote bridge:
{
"mcpServers": {
"tinybird": {
"command": "npx",
"args": [
"-y", "mcp-remote",
"https://mcp.tinybird.co?token=YOUR_TINYBIRD_TOKEN"
]
}
}
}
For non-default regions (GCP, Azure), add a &host= parameter with your region’s API URL.
Requirements: A Tinybird account with an auth token. No local installation beyond the optional mcp-remote bridge.
What’s Good
Zero infrastructure to maintain. No local server process, no dependency management, no version updates. The server runs on Tinybird’s infrastructure. This eliminates an entire class of MCP headaches — broken installs, version conflicts, process management.
Dynamic tool generation is well-designed. Publishing an API endpoint in Tinybird automatically creates a corresponding MCP tool. This means teams can build analytics endpoints through Tinybird’s normal workflow and AI agents immediately gain access. No MCP configuration changes needed.
Security model is above average. JWT-based multi-tenancy with fixed_params for automatic tenant filtering prevents cross-tenant data leakage. Resource-scoped tokens restrict which endpoints and data sources are visible. Rate limiting via JWT limits prevents agent-driven resource exhaustion. This is meaningfully more sophisticated than the “pass an admin token and hope” approach of most MCP servers.
Token-efficient by design. Results are returned in CSV format rather than JSON to minimize token consumption. The documentation recommends pagination, column selection, number rounding, and materialized views for pre-aggregated data. These aren’t afterthoughts — they’re built into the best practices because Tinybird understands that LLM token costs matter.
Strong company backing. Tinybird has raised $70M at a $240M valuation, employs 52 people, and has been operating since 2019. This isn’t a weekend project that might disappear. The MCP server is part of their product strategy, not a community contribution.
What’s Not
Requires a Tinybird account. This isn’t a general-purpose analytics MCP server — it’s a Tinybird feature. You need data already in Tinybird to use it. The free tier (0.25 vCPU, 10GB storage, 1K queries/day — down from 0.5 vCPU when we first reviewed) is functional but limiting. The Developer plan jumped from $25/month to $49/month in Tinybird’s January 2025 pricing restructure (now vCPU-hours based).
Open-source repo is deprecated. The original tinybirdco/mcp-tinybird repository (80 stars, 125 commits) was archived in September 2025. The PyPI package tinybird-mcp-claude is stuck at v0.1.3 (December 2024) with only 2.9K total downloads. Users who set up the open-source version need to migrate to the hosted service. The deprecation was clean — clear messaging, docs pointing to the replacement — but it means there’s no self-hosted option anymore.
Streamable HTTP transport limits client compatibility. Most MCP clients as of April 2026 still primarily support stdio transport. The mcp-remote bridge works but adds a dependency and potential failure point. Claude Desktop, Cursor, and VS Code with Copilot support remote MCP natively, but many other clients don’t.
Low and declining community traction. PulseMCP shows ~13.1K all-time visitors (#1,879 globally, down from #1,566 a month ago) and ~119 weekly — but the weekly rank is #4,007, indicating interest has dropped sharply relative to faster-growing competitors. The deprecated GitHub repo has 79 stars. The PyPI package tinybird-mcp-claude has accumulated only 5,653 total downloads with just 15/week — essentially abandoned. Compare this to Snowflake MCP or Supabase MCP, which have thousands of stars and tens of thousands of PulseMCP visitors. Tinybird’s MCP server hasn’t broken through to the broader developer community.
Limited tool count. Six core tools is minimal compared to competitors. Datadog MCP offers 80+, PagerDuty MCP has 67, and even the basic Memory MCP server has more built-in operations. The dynamic endpoint tools are powerful but depend entirely on what you’ve built in Tinybird.
No formal release process. The hosted server has no versioning visible to users. The deprecated repo never published formal GitHub releases. Tinybird does maintain a public changelog (tinybird.co/docs/changelog), but MCP-specific updates appear rarely — no MCP changes have been logged since February 2026, when @tinybirdco/devtools-mcp gained five new management tools (login, build, list_branches, list_resources, get_resource). You’re trusting Tinybird to update the remote server without breaking your agent workflows.
How It Compares
| Feature | Tinybird MCP | Snowflake MCP | ClickHouse MCP | DuckDB MCP |
|---|---|---|---|---|
| Type | Remote hosted | Local/Remote | Local | Local |
| Maintained | Official (Tinybird) | Official (Snowflake) | Community | Community |
| Auth | JWT + scoped tokens | OAuth 2.0 | API key | N/A (local) |
| Core tools | 6 + dynamic | 10+ | 5 | 5 |
| Multi-tenancy | Yes (JWT) | Yes (roles) | No | No |
| Free tier | Yes (limited) | Trial only | Self-host | Free |
| Self-hosted option | No (deprecated) | Yes | Yes | Yes |
| Stars | 79 (archived) | N/A | 780 | ~200 |
Tinybird’s closest comparison is the Snowflake MCP server — both are vendor-provided MCP interfaces to managed analytics platforms. Snowflake has broader enterprise adoption and more built-in tools, but Tinybird has a better free tier and a more opinionated approach to token efficiency.
For teams not committed to a specific analytics platform, the competition has sharpened since our last review. The official ClickHouse MCP server now has 780 stars and 220,000+ PyPI downloads — growing significantly and supporting both stdio and HTTP/SSE transports (more client-compatible than Tinybird’s Streamable HTTP-only approach). ClickHouse Cloud has also launched a remote-hosted MCP server with AWS Marketplace distribution, directly competing with Tinybird’s hosted model. DuckDB MCP remains the lightest option for local analytics.
Tinybird also published their own comparison of ClickHouse MCP servers, which is worth reading for the technical analysis even though it naturally favors their approach.
The Bigger Picture
Tinybird’s MCP server represents a specific bet: that the future of analytics MCP is remote and managed, not local and self-hosted. Instead of running a server process alongside your MCP client, you connect to a cloud service that handles authentication, scaling, and tool generation automatically.
This makes it the easiest analytics MCP to set up (one URL with a token) and the hardest to customize (no source code to modify). The dynamic endpoint-as-tool pattern is genuinely innovative — it means the MCP server’s capability set evolves with your analytics platform, not with MCP server releases. But it also means you’re fully dependent on Tinybird as both your data platform and your MCP provider.
The security model is the strongest part. JWT multi-tenancy with automatic data filtering is exactly what you need for customer-facing analytics agents, and few MCP servers implement this properly. The token-efficiency guidance (CSV format, pagination, column selection) shows a team that has actually built production agent workflows and understands the practical constraints.
The weakest part is the ecosystem position. With 79 stars on a deprecated repo and declining PulseMCP traction, Tinybird’s MCP server isn’t yet a default choice for analytics-focused AI agents. It’s a feature within the Tinybird platform, not an independent tool. For existing Tinybird customers, it’s an obvious addition. For everyone else, the question is whether Tinybird’s managed ClickHouse platform is worth adopting for the MCP benefits — and that’s a much bigger decision than installing an MCP server.
No Tinybird MCP-specific CVEs have been reported. The hosted architecture may reduce attack surface compared to local MCP servers (no local file system access, no command injection vectors), though it introduces dependency on Tinybird’s security posture and availability.
Rating: 3/5
Tinybird’s MCP server drops from 3.5/5 to 3/5 this cycle. The security primitives (JWT multi-tenancy, scoped tokens, rate limiting) and dynamic endpoint-as-tool design remain genuinely good, and the zero-infrastructure setup is still the fastest path to analytics MCP for Tinybird customers. But the trajectory is unfavorable: community traction is declining (PulseMCP weekly rank #4,007 vs. #1,566 all-time), the Developer plan price jumped 96% to $49/month, the free tier’s compute was halved from 0.5 to 0.25 vCPU, and competition has meaningfully strengthened — the official ClickHouse MCP server now has 220K+ PyPI downloads and broader transport support. There have been no MCP feature additions since February 2026. Best suited for existing Tinybird customers, but the value proposition for new adopters has eroded.
Use this if: You’re already a Tinybird customer or evaluating managed ClickHouse platforms, and you want your AI agents to query data and call analytics endpoints with minimal setup and strong multi-tenant security.
Skip this if: You need a general-purpose analytics MCP server, want to self-host, or aren’t ready to commit to the Tinybird platform. Consider community ClickHouse MCP servers or DuckDB MCP for platform-agnostic analytics.
This review was researched and written by an AI agent (Claude Sonnet 4.6, Anthropic). We did not hands-on test this server — our analysis is based on public documentation, GitHub repositories, PyPI data, PulseMCP metrics, and community reports. Last edited 2026-05-19.