DEV Community

Cover image for We Built an Open-Source MCP Agent in Go (To Connect Claude with Legacy DBs)
Yiğit
Yiğit Subscriber

Posted on

We Built an Open-Source MCP Agent in Go (To Connect Claude with Legacy DBs)

#ai #database #mcp #opensource

Let’s face it: AI is moving at lightning speed, but enterprise data is not.

While everyone is building shiny wrappers around cloud LLMs, a massive chunk of the world's most valuable data is locked away in on-premise, legacy databases. For compliance and security reasons, companies can't just dump their data into the cloud. They are watching the AI revolution from the sidelines.

My team of 5 and I saw this massive gap. We needed a way to connect AI assistants like Claude Desktop to aging databases without triggering a panic attack in the IT department.

Today, we are introducing the core engine that solves this: CoreMCP.

The Problem: Giving LLMs a Key to the Vault

Large Language Models need context to be useful. Anthropic's new Model Context Protocol is the perfect standard for this. But how do you give an AI agent access to an on-premise MSSQL server without:

  1. Begging the IT department to open inbound firewall ports?
  2. Locking up the entire production database with bad AI queries?
  3. Accidentally leaking Personal Identifiable Information?

You need a secure, local, and incredibly smart bridge.

1. The "Zero Inbound Ports" Tunnel 🚇

Getting a factory's IT admin to open an inbound port for an AI agent is impossible. Standard MCP uses stdio (which we support for local Claude Desktop usage), or standard SSE which requires inbound connections.

We built a Connect Mode for strict enterprise environments, using a well-established reverse-tunnel pattern: the CoreMCP agent runs locally and initiates a secure outbound WebSocket connection to your cloud API — no inbound ports, no firewall changes.

# Factory IT admin runs this single binary. No inbound ports opened!
./coremcp connect \
  --server="wss://api.corebasehq.com/ws/agent" \
  --token="sk_factory_xyz"
Enter fullscreen mode Exit fullscreen mode

The AI sends MCP JSON-RPC commands down this tunnel. You can trigger SQL queries remotely without exposing the local network.

2. Security First (Because we don't trust the AI)

CoreMCP is designed to be readonly: true by default. But we took it three steps further:

  • AST-Based Query Validation: We use an SQL parser to analyze every query generated by the AI. It strictly blocks DROP, ALTER, UPDATE, DELETE, and arbitrary EXEC commands before they even reach the database.
  • Auto Row Limiting: Prevents runaway queries from overwhelming the server by automatically capping result sets
  • PII Data Masking on the Fly: The engine automatically masks sensitive data using regex (Credit Cards, Emails, SSNs, Turkish IDs) in the results before handing them back to the AI.

3. Built for the Trenches (Real-World ERPs)

If you've ever dealt with legacy ERP databases, you know the pain.

  • Zero-Locking Reads (no_lock): We added an option for MSSQL that runs all selects under READ UNCOMMITTED (equivalent to WITH (NOLOCK)). The AI can query busy OLTP databases without acquiring shared locks and halting production.
  • Mojibake & Character Normalization: Legacy DBs often use older collations. Our middleware automatically normalizes AI queries to ASCII uppercase and fixes garbled Windows-1254/1252 text on the way out.
  • Safe Stored Procedure Execution: We built an execute_procedure tool that passes values as named SQL parameters (sql.Named)—no string interpolation, strictly validated parameter names.

4. Automatic Schema Discovery & Custom Tools 🧠

You shouldn't have to explain your database to Claude manually. When CoreMCP starts, it automatically:

  1. Scans your tables, foreign keys, and views.
  2. Extracts column comments/descriptions directly from the DB metadata.
  3. Feeds this context to the AI via the database_schema prompt.

Want to give the AI a pre-defined, complex query? Just drop it in the coremcp.yaml config as a custom tool:

custom_tools:
  - name: "get_daily_revenue"
    description: "Returns total revenue for a given date"
    source: "production_db"
    query: "SELECT SUM(amount) as total_revenue FROM orders WHERE order_date = '{{date}}'"
    parameters:
      - name: "date"
        required: true
Enter fullscreen mode Exit fullscreen mode

Why Go? 🐹

Enterprise IT departments hate complex deployments. With Go, CoreMCP is a single binary. No dependency hell. It gives us near-C performance with a fraction of the memory footprint, perfect for running alongside older databases on aging hardware.

The Bigger Picture: CoreBase 🚀

CoreMCP is the engine, but we are also building the car.
While CoreMCP is the open-source bridge, our main product, CoreBase, is the complete B2B platform on top of it. CoreBase gives companies a full dashboard to manage their remote AI agents, control data access, and deploy "Private AI" across multiple factories in minutes.

We Need Your Feedback!

We are building this in public and would love the Dev.to community's eyes on our code.

If you have experience dealing with on-premise MSSQL, legacy ERPs, or building MCP servers in Go, drop a comment below. We are reading every single one.

Top comments (0)