All Products
Database Guard
SQL injection prevention for AI agents
Database Guard validates SQL queries generated by AI agents before execution.
It prevents SQL injection, detects sensitive data access, and enforces table/operation
restrictions. Reference: OWASP ASI03 (Identity and Privilege Abuse).
python
from sentinelseed.database import DatabaseGuard
# Configure allowed tables and limits
guard = DatabaseGuard(
allowed_tables={"orders", "products"},
max_rows_per_query=1000,
require_where_clause=True,
)
# Validate AI-generated query
query = agent.generate_query("Show me orders from last week")
result = guard.validate(query)
if result.allowed:
# Execute the query
db.execute(query)
else:
print(f"Blocked: {result.reason}")
for v in result.violations:
print(f" - {v.description}")Key Features
SQL injection pattern detection
Table allowlist/blocklist enforcement
Sensitive column detection (passwords, SSN, credit cards)
Row limit enforcement
Preset policies (STRICT, MODERATE, PERMISSIVE)
Best For
Text-to-SQL agents
Data analysis assistants
Business intelligence bots
Customer service with DB access