Agent-DB Safety Gateway With Column-Level Redaction and Per-Session Cost Quotas

dev tool real project ••• trending

Teams are being asked to give AI/ML agents production database access and discovering it's a different beast than BI tools — agents generate unbounded queries, hallucinate seven-way joins, and reason over rows you thought were redacted. The pattern that holds up is column-level redaction at a logical replica, plus hard per-session memory and timeout quotas, but nobody ships this as a packaged product.

builder note

The product is a Postgres-wire-protocol proxy. Hash/null PII columns by config, kill any session over X memory or Y seconds, and emit one structured audit event per agent session. Sell to startups before their first ML hire bricks the primary.

landscape (4 existing solutions)

The community is converging on the right pattern (redacted logical replica + connection-pool-level audit + per-session quotas) without anyone packaging it. AI Agent DB Gateway is a real category waiting to be named.

PgBouncer / ProxySQL Connection pooling, not column redaction or query semantics.

Hasura / PostgREST + RLS RLS doesn't help when an agent reasons over rows it received from a non-redacted view.

Bytebase / Gravity Built around human DBA workflows — review, approve, change — not LLM session policy and per-query cost gating.

Snowflake / DuckDB sandbox patterns Documented best practice ('offload a redacted slice') but it's a build-it-yourself architecture, not a product.

sources (2)

hn https://news.ycombinator.com/item?id=47827486 "Their AI/ML team wants production Postgres data and nobody's quite sure how." 2026-04-19

hn https://news.ycombinator.com/item?id=47827486 "An LLM agent is a monkey with a grenade." 2026-04-20

ai-agentsdatabasedata-redactionllm-safetypostgres