Database-governed access
Auth for humans, agents, models, and tools.
MaluDB uses PostgreSQL roles, schemas, privileges, and Row Level Security to control who can read memory, publish observations, execute prompts, and call MCP tools.
create role support_agent;
grant usage on schema memory to support_agent;
create policy pool_read on memory.claims
using (compartment_id = current_setting('maludb.compartment'));One policy plane
The same database controls that protect rows also constrain retrieval, model prompts, tool calls, and context package assembly.
Agent-aware roles
Create roles for copilots, background workers, ingestion services, and human operators with explicit permissions for each memory compartment.
Auditable decisions
Access decisions can be logged with the memory and tool events they affect, keeping AI operations explainable for security reviews.
Related products
Secure the whole AI backend.
Use Auth with MC2DB, Active Memory Pools, and hybrid retrieval when agents need to act on sensitive institutional knowledge.