Open-source tool gives AI agents vetted actions instead of raw database access
Connecting an AI agent to a real database usually means giving the model a tool that runs raw SQL, then trying to contain the risk with read-only roles, SQL validation, allowlists, and prompt instructions. All of these still hand the model full database authority first and then attempt to restrict it afterward. Synapsor Runner flips that order.
It's a runtime that sits between an and Postgres or MySQL, exposing reviewed, purpose-built instead of SQL access — things like looking up an invoice, proposing a late-fee waiver, or proposing a support credit. The model can only read the columns and rows a predefined contract allows, and while it can propose changes, the MCP surface it interacts with contains no ability to actually approve or execute them. The project is released under Apache-2.0.
It ships with an audit tool that flags risky MCP tool shapes and a quick demo — both runnable via npx with no database or signup — that walks through the propose → evidence → replay boundary.
Key points
- Exposes reviewed, task-specific actions to AI agents instead of raw SQL execution
- Model can only read columns/rows a contract permits, and cannot approve or execute changes itself
- Example actions include invoice lookup, late-fee waiver proposals, and support credit proposals
- under Apache-2.0, runs as a runtime between an and Postgres/MySQL
- Try it instantly via npx with no database setup or signup required