Back to Signal Feed
CodeTracked since May 20, 2026

Add noom-mcp-server wrapper to enforce Databricks SQL governance

Added a dedicated noom-mcp-server layer over databricks-mcp-server that applies Noom SQL governance controls at startup and during SQL execution, including authentication restrictions, credential/warehouse enforcement, and query tagging, while avoiding edits to upstream server code.

noom-mcp-serverdatabricks-mcp-serverSQLExecutorPAT

What Happened

  • Added a dedicated noom-mcp-server layer over databricks-mcp-server that applies Noom SQL governance controls at startup and during SQL execution, including authentication restrictions, credential/warehouse enforcement, and query tagging, while avoiding edits to upstream server code.
  • Added a dedicated noom-mcp-server layer over databricks-mcp-server that applies Noom SQL governance controls at startup and during SQL execution, including authentication restrictions, credential/warehouse enforcement, and query tagging, while avoiding edits to upstream server code.
  • 1 evidence item attached for review.

What is Different

Before

Scattered source updates, isolated context, and manual follow-up across multiple feeds.

Now

Implemented a non-invasive governance extension that blocks PAT-authenticated sessions, forces SQL to use a configured service principal and warehouse for all calls, appends `mcp_user:<email>` tags for audit and cost attribution, and fails fast if upstream server version is incompatible.

Why Track This

Why It Matters

Operators and developers running AI SQL workflows through MCP now get enforced governance defaults out of the box, so users cannot accidentally run Databricks SQL under personal credentials or fan out to unintended warehouses, and every statement is consistently attributable for audit and cost tracking. This materially reduces compliance exposure and operational ambiguity, but teams should watch for unintended disruption of PAT-based test/dev flows, verify `dbrix_mcp_secret` and warehouse configuration on every deployment, and monitor for failures when the upstream `databricks-mcp-server` version or `SQLExecutor` behavior changes.

Impact

Operators and developers running AI SQL workflows through MCP now get enforced governance defaults out of the box, so users cannot accidentally run Databricks SQL under personal credentials or fan out to unintended warehouses, and every statement is consistently attributable for audit and cost tracking. This materially reduces compliance exposure and operational ambiguity, but teams should watch for unintended disruption of PAT-based test/dev flows, verify `dbrix_mcp_secret` and warehouse configuration on every deployment, and monitor for failures when the upstream `databricks-mcp-server` version or `SQLExecutor` behavior changes.

What To Watch Next

  • Watch whether noom-mcp-server becomes a repeated pattern.
  • Track follow-up changes around AI Governance and Compliance.
  • Compare future signals against this evidence trail.
  • Re-check risk flags: pat_auth_blocked_dev_workflows, service_principal_secret_missing.
Open Topic TimelineOpen Technical EventOpen Original Sourcepat_auth_blocked_dev_workflows / service_principal_secret_missing / warehouse_override_misconfiguration / upstream_version_mismatch / query_tagging_dependency

Supporting Evidence

GITHUB PULL REQUESTHigh Trust

databricks-solutions/ai-dev-kit PR #542: Add noom-mcp-server: monkey-patch extension layer for SQL governance

The change introduces a thin extension layer that monkey-patches upstream SQL execution paths to enforce Noom-specific guardrails.