9 releases (4 breaking)

Uses new Rust 2024

new 0.8.0	May 6, 2026
0.7.0	May 4, 2026
0.6.2	May 4, 2026
0.6.0	Apr 22, 2026
0.4.0	Feb 4, 2026

#997 in Artificial intelligence

Apache-2.0

2MB
37K SLoC

Kimberlite MCP Server

This crate implements a Model Context Protocol (MCP) server for Kimberlite, enabling secure LLM and third-party API access to database operations.

Overview

The MCP server exposes the following tools:

kmb_query: Execute SQL queries with automatic access control and transformation
kmb_export: Bulk data export with anonymization
kmb_verify: Verify integrity of previously exported data
kmb_list_tables: Discover available tables based on access scope

Security

All tool invocations require a valid access token (from kmb-sharing). The token determines:

Which tables can be accessed
Which fields are visible
What transformations are applied (redaction, masking, pseudonymization, etc.)
Maximum row limits

Audit Logging

Every tool invocation is logged with:

Token ID and tenant
Tool name and parameters
Tables accessed
Transformations applied
Success/failure status
Duration

Example

use std::sync::Arc;
use kimberlite::Kimberlite;
use kimberlite_sharing::TokenStore;
use kimberlite_mcp::McpServer;

// Create the MCP server
let db = Arc::new(Kimberlite::open("./data")?);
let tokens = Arc::new(TokenStore::new());
let server = McpServer::with_db_and_tokens(db, tokens);

// Handle a JSON-RPC request
let request = r#"{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}"#;
let response = server.handle_request(request);

Protocol

The server implements MCP over JSON-RPC 2.0. Supported methods:

initialize: Initialize the MCP session
tools/list: List available tools
tools/call: Execute a tool

Dependencies

~64MB
~1M SLoC