Developer builds SQL client with AI agent safeguards after finding existing tools too risky
A developer built a SQL client called data-peek after finding that existing tools lacked safe ways to grant AI agents controlled database access. The tool runs a local MCP server, allowing AI clients like Claude Code to query databases while enforcing strict read-only rules through database-level transaction rollbacks rather than simple string matching. A single write tool, execute_statement, requires explicit human approval via an in-app dialog before any data-modifying SQL is executed, with auto-rejection after 60 seconds of inaction. Every query run by either humans or agents is recorded in a tamper-evident local audit log using a hash chain, letting users verify exactly what the agent executed. The server runs only on localhost, uses bearer-token authentication, and never exposes database credentials through any tool.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in