QueryGuard
SQL safety gate for AI agents — catch the missing WHERE before it wrecks prod
npx -y github:Isco0819/query-guardEver run into this?
AI agents writing SQL have no guardrail before execution — a missing WHERE on a DELETE or an accidental TRUNCATE can nuke a prod table in seconds. sqlfluff (7k+ GitHub stars) proves developers desperately want SQL linting, but there is no MCP-native layer an agent can call before a query runs.
The fix
QueryGuard is an MCP server and npx CLI that intercepts SQL, detects destructive patterns (DELETE/UPDATE without WHERE, DROP, TRUNCATE, unbounded full-table scans), scores risk as low/medium/critical, and returns structured feedback agents can act on before touching the database.
What it does
- Detect DELETE/UPDATE without WHERE clause — block or warn before the query reaches your DB
- Flag DDL ops (DROP, TRUNCATE, ALTER) with risk scores: low / medium / critical
- MCP tool guard_sql(query, dialect?) returns {safe, risk, issues, suggestion} — drops into any agent tool-call chain