How are you letting AI agents touch your production database without it being terrifying?

Reddit r/AI_Agents News

Summary

A developer asks the community how to safely let AI agents interact with production databases, highlighting concerns over SQL injection, data leaks, and lack of audit trails.

I'm wiring up an AI agent (Claude/Cursor-style) to our production Postgres and I've kind of frozen. The options I see all feel bad: Give it the official DB MCP / raw connection → it can write arbitrary SQL on prod. One bad query or a prompt injection and it DELETEs something or leaks our whole customer table. Hard no. Build hand-written safe tools/views for every query → works, but it's a ton of manual work and breaks every time the schema changes. Read replica only → helps for reads, does nothing for the writes we actually want the agent to do. What's nagging me specifically: How do you stop the agent from running destructive or runaway SQL on prod? How do you keep PII / columns the agent shouldn't see out of its context? How do you handle writes safely (if at all)? Do you have any audit trail of what the agent actually did? For those of you running agents on a real production DB — how are you actually doing this today? Rolled your own? Some gateway? Just... not letting agents near prod? Genuinely curious what's working and what isn't.
Original Article

Similar Articles