DEV Community

merc3q65
merc3q65

Posted on

I Built a Postgres Proxy That Masks PII for AI Agents

#ai #postgres #security #opensource

I'm building AI agents that need database access. Problem is, one bad prompt and it's DELETE FROM users WHERE 1=1.

So I built AXP - a proxy that sits between your agent and Postgres.

## What it does

  • Agent sees j***@gmail.com instead of real emails
  • DROP TABLE gets blocked before it reaches the DB
  • Rate limits to prevent runaway queries
  • Full audit log of everything

## Demo

AXP Demo

## How it works

Your agent connects to AXP instead of Postgres directly. Define permissions in YAML: 


yaml                                                                                                                   
  spec:                                                                                                                     
    permissions:                                                                                                            
      - resource: database/postgres/mydb                                                                                    
        actions: [READ]                                                                                                     
        tables: [users, orders]                                                                                             
        mask:                                                                                                               
          - column: email                                                                                                   
            pattern: partial                                                                                                
    safety:                                                                                                                 
      blocked_patterns:                                                                                                     
        - "DROP TABLE"                                                                                                      

  Zero code changes. Any Postgres client works.                                                                             

[Github](https://github.com/AXP-Core/axp)

  Would love feedback!
Enter fullscreen mode Exit fullscreen mode

Top comments (0)