Now in beta macOS · Windows · Linux

Your AI assistant.
Your database.
One audited bridge.

AccessVault sits between Claude and your PostgreSQL database. Credentials never leave the app, and every query is audited on the way through. Built for Claude Desktop and Claude Code — it speaks standard MCP, so any MCP-compatible assistant can connect.

Now in beta Credentials never leave the app Every query audited No cloud required
How AccessVault works A query travels from an AI assistant through AccessVault, where it is logged to the audit trail and credentials stay behind, on to PostgreSQL — and the results flow back the same audited way. MCP SQL Claude any MCP client AccessVault credentials never leave · every query logged PostgreSQL your database
PostgreSQL
MySQL — coming soon
SSH tunnels with auto-reconnect
OS-native credential storage
Complements TablePlus, DataGrip, DBeaver
Why a bridge

Don't wire an AI straight into production

MCP makes it trivial to hand an AI your database. Handing it a raw connection string is the problem. AccessVault is the piece in between.

01
Credentials in a config file
A direct hookup pastes your connection string into the assistant's config. Through AccessVault, the AI never sees it.
02
No record of what the AI ran
Every query that crosses the bridge lands in a local, append-only audit log.
03
The whole database, exposed
You approve the tools and columns the AI can touch. Everything else stays out of reach.
04
Your auditor will ask anyway
30 automated checks score your PostgreSQL against SOC 2, HIPAA, PCI-DSS, GDPR, and CIS controls.
Features

Everything a security-conscious DBA needs

Built for the intersection of database operations and security compliance — not a general-purpose client.

User & Privilege Management
A complete view of every database user, their role attributes, schema-level privileges, and where those privileges originate — direct, inherited, or via PUBLIC.
  • Role attributes: superuser, bypassRLS, replication, connection limits, expiry
  • Per-schema privilege editor with visual grant/revoke
  • Privilege source attribution — direct, role inheritance, PUBLIC
  • Privilege Analysis: compare granted vs. actual query usage
  • One-click revocation of unused or over-provisioned access
Real-time Performance Monitoring
Live metrics that matter for database health — cache efficiency, lock contention, table bloat, and the slow queries dragging down your p99 latency.
  • Cache hit ratios & transaction throughput
  • Lock summaries with blocked connection detection
  • Table health: dead tuples & autovacuum status
  • Index scan efficiency: sequential vs. index scans
  • Slow query tracking: calls, mean & total time
Audit Readiness Scanner
30 automated security checks across authentication, least privilege, connection security, logging, and data protection — each mapped to the compliance controls your auditors actually cite.
  • Maps to SOC 2, HIPAA, PCI-DSS, GDPR & CIS Benchmark controls
  • Severity-weighted readiness scoring
  • Remediation guidance with copy-ready SQL fixes
  • PDF and CSV export for auditors
Native & Cross-Platform
Built in Rust with Tauri — one codebase, native builds for macOS, Windows, and Linux. No Electron, no JVM, no bundled browser. It stays out of the cloud and off the network.
  • Native installers for macOS, Windows & Linux
  • SSH tunnels with keepalive & automatic reconnect
  • Credentials held in your OS credential store — never plaintext on disk
  • Connection color-coding for environment awareness
  • Runs entirely on your machine — no cloud, no background sync
Unique to AccessVault

Safe AI access to your database

Your AI assistant can query your database — without ever seeing your connection string, password, or SSH keys. You control exactly which columns and tools are exposed.

Interactive — column rules decide what the AI sees in every result
Column Rules — applied to every query 4 visible 3 blocked
Column Type Status
AI Query Result
claude: SELECT * FROM users LIMIT 3
Watch — describe a query, AI generates a safe parameterized tool
AI Tool Generator
Analyzing schema & generating tool…
get_high_value_orders Needs Review
SELECT order_id, customer, amount, status
FROM orders
WHERE amount > $1 AND created_at > $2
ORDER BY amount DESC
$1: min_amount (numeric) $2: since_date (date)
get_table_schema
Column names and types for a table
Active
get_slow_queries
Queries exceeding duration threshold
Active
list_active_connections
Current database connections and states
Active
get_index_usage
Index scan counts and efficiency stats
Active
+ Next tool will appear here
Replay animation
Localhost Only
Binds to 127.0.0.1 — never network exposed
Query Catalog
The AI can only call tools you’ve enabled — never raw SQL
Token Auth + Audit
Every request is authenticated and logged
Column-Level Control
Mask or block sensitive columns before they reach AI
Audit Readiness

Built for the frameworks that matter

30 automated checks. A readiness score you can show your auditor. Export to PDF in one click.

SOC 2
CC6 access controls
HIPAA
Access controls
PCI-DSS
Req. 7, 8, 10
GDPR
Data access audit
CIS Benchmark
PostgreSQL
30
Automated security checks
5
Compliance categories
1
Click to export PDF for auditors
8
Authentication & Access Control
6
Least Privilege
5
Connection Security
6
Logging & Audit Trail
5
Data Protection
Beta

Join the AccessVault beta

AccessVault is in beta on macOS, Windows, and Linux. Leave your email and we’ll send you an invite as beta access opens up — no spam, just the invite.

We’ll only email you about AccessVault beta access. Unsubscribe anytime.