Build Secure AI Agents
with Open Source Tools.
Two independent but complementary projects to power your AI infrastructure: a secure database kernel for multi-tenant access, and a privacy-first desktop app for local AI.
Open Source Projects
Two Tools, One Mission
Independent projects that work great alone — and even better together.
Cori Kernel
The Secure Kernel for AI
MCP-native database gateway that enforces tenant isolation and role-based permissions at the data layer. Stop giving agents raw database access.
Cori Desktop
Privacy-First AI Assistant
Cross-platform desktop app with local LLM inference, BYOK provider support, and built-in MCP integration. Your AI conversations stay on your machine.
Better Together
Connect Desktop to Kernel via MCP
Use Cori Desktop as your AI interface, connected to Cori Kernel for secure database operations. The perfect stack for building enterprise AI agents.
Cori Desktop
Local AI Interface
Cori Kernel
Secure DB Gateway
PostgreSQL
Multi-Tenant Data
Both projects are fully open source under permissive licenses. No vendor lock-in.
Run everything locally. Your data never leaves your infrastructure.
Built on Model Context Protocol for seamless AI tool integration.
Multi-tenant isolation, audit trails, and role-based access control built-in.
Get Early Access
Join the Alpha Program
Be among the first to get access to new features, pre-built binaries, and direct support from the team. Sign up for early access notifications and exclusive updates.
Join the waitlist for upcoming access.
Cori Kernel
The Trust Layer Between AI and Data
Enterprise databases contain multi-tenant data. When you deploy AI agents, you need guarantees: Client A's agent must never see Client B's data. Traditional app-level isolation fails when agents act autonomously.
Cori Kernel bridges this trust gap. Agents discover MCP tools dynamically based on their token's permissions. Every operation is tenant-scoped, column-filtered, and audit-logged.
name: support_agent
approvals:
group: support_managers
tables:
customers:
readable: [id, name, email]
tickets:
readable: [id, subject, status]
updatable:
status:
only_when:
- old.status: open
new.status: [in_progress]Biscuit Token Auth
Cryptographic tokens with attenuable permissions. Define a role once, then attenuate to specific tenants with expiration. No external PDP needed.
Dynamic Tool Generation
MCP tools are generated from your database schema + role permissions. Agents only see tools they can actually use.
Human-in-the-Loop
Flag sensitive operations for human approval. Dry-run mode lets agents preview changes before execution.
Local LLM
Embedded llama.cpp for offline, private conversations with GGUF models.
BYOK Providers
OpenAI, Anthropic, Gemini, or any OpenAI-compatible endpoint.
MCP Integration
Connect to MCP servers including Cori Kernel for secure database access.
Agent Orchestrator
Multi-step reasoning, tool chaining, and automatic error recovery.
Cori Desktop
Your Private AI Workstation
A cross-platform desktop app built with Tauri 2.0 — combining a React/Next.js frontend with a Rust backend for native performance and security.
Simple, accessible, and intuitive. Zero configuration required to get started. Your conversations stay on your machine — no cloud sync, no telemetry, no subscription required.