Launching today

valv
Give AI agents safe, scoped access to your database
10 followers
Give AI agents safe, scoped access to your database
10 followers
Most agents get one god-mode DB connection, valv gives every user their own. A customer asks your support agent "where's my order?" With a raw connection, that query could read every other customer's rows too. With valv, you set programmatic per-user permissions once, every query is validated and scoped to the caller, and no raw SQL ever hits your DB. Ships as an MCP server or a TypeScript library.








Breadcrumb
Hey Product Hunt 👋
Giving an agent access to your database is one of the most powerful ways to gain insights over your customers, product or even to debug issues. But every time I connect an agent to a real database you have to handle the same things:
As soon as you want to give this capability to other people as well this becomes a messy construct of prompting and DB rules to handle. One malicious prompt, one uncaught query, and the agent could read or wipe data it was never meant to touch.
Valv solves this issue:
You define programmatic, per-user permissions in code. From then on, every query the agent runs is validated and scoped to the user before it ever reaches your DB. No raw SQL and no god-mode connection.
Use it...
...as an MCP server, so any MCP client can query your data safely
...as a TypeScript library, dropped straight into your own app. This also lets you expose an MCP server for others to use.
Same safe layer, wherever your agent runs.
It's live today as an early release that we are already using ourselves. We would love to hear your feedback, especially from anyone who's tried (and struggled) to give an agent real data access. What broke for you? What would you want valv to handle next?
Thanks for checking it out 🙏
How does it actually validate the SQL when it's coming from an LLM, since the model can pretty much construct any query it wants?
@davulcurab82692 Hi Rabia, the cool thing is that the LLM doesn't write any sql, it generates a json that gets validated against your schema and policies that you define. It then gets compiled to SQL that is safe to run. Let us know if you have any feedback!