On‑premise bridge for AI queries that keeps credentials local
kyomi-connect, from Kyomi Ai, is an on‑premise agent that links internal warehouses to MCP-compatible AI clients for natural language data querying. The tool forwards encrypted query results to cloud models while keeping database credentials inside your network, and it includes a Rust-based binary, Docker and Kubernetes deployment, plus an interactive CLI setup. It targets data engineers, AI developers, and security teams who require controlled, auditable access between private data stores and AI workflows.
What tasks you can actually use it for?
The agent exposes internal data warehouses to AI clients for query-driven analysis. It connects databases and data warehouses to Model Context Protocol clients so AI models can run natural language queries and return result sets. Use cases include exploratory data queries, ad‑hoc SQL generation, and feeding selected rows into downstream model prompts for analysis accessible from MCP-compatible clients.
How it handles credential and data security in practice
Credentials remain on your infrastructure, and transport uses authenticated, encrypted channels. Database usernames, passwords, and connection strings are stored locally and are not transmitted; the agent uses JWT-authenticated WebSocket connections with TLS for streaming query outputs. This design isolates secrets inside the network and sends only encrypted query outputs to the connected AI interface.
What inputs and environments it accepts and limits
The agent supports major engines and common deployment patterns. Supported backends include PostgreSQL, MySQL, ClickHouse, Redshift, Snowflake, BigQuery, Databricks, SQL Server, and Azure Synapse. It runs on Linux, macOS, and Windows and deploys as a standalone binary, Docker container, or inside Kubernetes. Inputs are standard database connections; it does not ingest arbitrary file stores as a primary data path.
Is it practical to deploy and operate in an engineering workflow?
Deployment favors engineers and security-conscious teams rather than nontechnical users. The agent is a lightweight Rust binary with minimal resource footprint and an interactive CLI setup wizard for configuration. It integrates with MCP servers and clients such as Claude Desktop, Cursor, and Claude Code, making it suitable for teams that already use MCP-based AI tooling and can manage on‑premise services.
A focused option for teams that need on‑premise control with auditable code
kyomi-connect suits data engineering and security teams that require local credential custody and transparent code audits under the Apache 2.0 license. Expect a production-ready bridge for MCP workflows, but plan for human review of model-driven analysis since the agent forwards query outputs to external models. A practical tip: pair the agent with an internal review step before acting on automated insights.
