> agents query production systems
How do you handle PII or other sensitive data that the LLM shouldn’t know or care about?
replies(2):
EnrichMCP is built on top of [MCP][2] and acts like an ORM, but for agents instead of humans. You define your data model using SQLAlchemy, APIs, or custom logic, and EnrichMCP turns it into a type-safe, introspectable interface that agents can discover, traverse, and invoke.
It auto-generates tools from your models, validates all I/O with Pydantic, handles relationships, and supports schema discovery. Agents can go from user → orders → product naturally, just like a developer navigating an ORM.
We use this internally to let agents query production systems, call APIs, apply business logic, and even integrate ML models. It works out of the box with SQLAlchemy and is easy to extend to any data source.
If you're building agentic systems or anything AI-native, I'd love your feedback. Code and docs are here: https://github.com/featureform/enrichmcp. Happy to answer any questions.
It's also addressed directly in the README. https://github.com/featureform/enrichmcp?tab=readme-ov-file#...
I know LLMs can be scary, but this is the same problem that any ORM or program that handles user data would deal with.
What you are talking about is essentially only row level security (which is important for tenant seperation), while in the case of integrating external service providers, you column level security is a more important factor.
> I know LLMs can be scary, but this is the same problem that any ORM or program that handles user data would deal with.
In most other progams you don't directly plug your database full of PII to an external service provider.
In most other programs you don't have that same problem because the data takes a straight path from DB -> server -> user.
The README repeats an example that makes the user's email available for an agent to query (enabling PII leakage), setting a bad precedent in a space that's already chock-full of vibe coders without any concern about data privacy.