Connect Postgres, MySQL, or ClickHouse once. Scope each role down to the row. Your team's agents work on live data and never see more than you allow.
| account | region | plan | mrr | card_number |
|---|---|---|---|---|
| Acme | EU | Pro | $4,200 | 4242 42•• •••• 1881 |
| Globex | US | Free | $0 | 5555 55•• •••• 4444 |
| Northwind | EU | Pro | $3,100 | 4916 •••• •••• 8207 |
| Initech | APAC | Ent | $8,900 | 3782 ••••• •6210 |
| Umbrella | US | Biz | $2,400 | 6011 •••• •••• 3401 |
Your databases connect to valv once and live there as sources. Team members and their agents get access from that one place: scoped to their role, revocable in a click, never a raw connection string.
why did checkout errors spike last night?
⏺ valv · query orders, last 24h
⎿ 42 rows in 138ms
⏺ valv · describe orders.status
⎿ enum, 6 values
Every failing order has status = 5 with a null amount. The webhook worker assumes amount is set, so refunded orders crash it.
Agents write down what they learn about your data: what an enum really means, how a metric is defined, which query shapes work. The next teammate's agent inherits it instead of rediscovering it, so no one re-explains the same schema twice.
status 5 means refunded, not cancelled. 3 and 4 are unused legacy states
MRR excludes one-time credits and is summed from subscriptions.amount, not invoices
"biz" and "business" both appear; treat them as the same plan
fiscal year starts in February; "Q1" in questions means Feb to Apr
valv includes a chat wired to your sources, so the first answer is a minute away. Useful answers become live dashboards your team keeps. And whatever you build on the layer inherits its permissions.
Every permission is enforced by the open-source valv library. The rules deciding what your agents can see are not a black box: they're code you can read, audit, and run yourself.
One plan to get your whole team on your data. Custom when you need more scale and control. Every workspace starts free.
Everything to get your team querying your data with their own agents.
Scoped to your security, compliance, and scale requirements.
A connection string is all or nothing: whoever holds it sees every row. With valv, each person's agent authenticates as them and works inside their role's permissions. Access is granted and revoked per person, and your credentials never leave valv.
Anything that speaks MCP: Claude Code, Cursor, Codex, or an agent you built yourself. No agent set up yet? valv includes a chat wired to your sources.
Postgres, MySQL, and ClickHouse today. valv reads your schema directly. No pipelines, no warehouse, no copy of your data.
Down to the row and column, by role. A support engineer and an analyst can run the same query on the same table and see different data. Every agent request runs inside those limits, enforced by the open-source valv library.
Facts agents figure out while working with your data: what an enum really means, how a metric is defined, which query shapes work. It stays in your workspace, and your team can review and delete any entry.
The enforcement engine, the valv library, is open source and runs anywhere. The platform is its hosted home: teams, permissions in a UI, shared memory, billing.