Natural language to SQL, with guardrails that block unsafe queries.

Ask a question in plain English. Claude generates a SQL query, then three independent guardrail layers decide whether it is safe to run. Try the safe questions, or try to attack it and watch the guardrails catch it.

Defense in depth

Three independent layers. Each one can block an unsafe query by itself.

1Prompt constraint

Claude is instructed to produce one read-only SELECT against four tables, with a LIMIT and no DDL or DML.

→

2Static SQL analysis

The generated SQL is parsed and inspected: SELECT only, single statement, no comments, allowlisted tables, no dangerous functions.

→

3Read-only role and transaction

Whatever survives runs on a SELECT-only Postgres role inside a READ ONLY transaction, so a destructive statement is refused by the database itself.

Safe questions

Attack attempts (raw SQL, straight to the guardrails)