Agent-compatible middleware that lets AI systems query live databases through schema introspection, read-only SQL validation, saved connections, and audit logs.
Website: ai-business-analyst-production-8fa6.up.railway.app
Demo: 2-minute system walkthrough
The source application lives in de-10-ai-data-middleware/. This root README is written as the portfolio entrypoint.
AI agents are most useful when they can work with real data, but direct database access is risky. This middleware creates a safer control layer:
Natural-language question
-> live schema introspection
-> dialect-aware SQL generation
-> read-only SQL validation
-> query execution
-> logged, tabular result
Any agent that understands OpenAI-style function tools can fetch GET /tools/manifest and invoke database actions through POST /tools/invoke.
Most text-to-SQL demos stop after generating a query. This project keeps the operational parts visible:
- saved database connections instead of one-off credentials
- schema introspection before generation
- read-only validation before execution
- query audit logs
- a browser UI for human review
- a tools manifest for agent integration
- a roadmap toward tenants, source catalogs, object storage, and cost controls
- Changelog - iteration history from core prototype to control-plane direction
- Roadmap - production-readiness gaps and next steps
- Validation and boundaries - what is proven and what still needs hardening
- End Product Blueprint - SaaS product direction
- Universal Connector Strategy - expansion beyond relational databases
- Natural-language SQL over live schemas
- PostgreSQL, MySQL, and SQLite support in the core demo
- Saved connections with reusable
connection_idvalues - OpenAI-compatible tools manifest at
/tools/manifest - Tool execution endpoint at
/tools/invoke - SQL validator that blocks destructive and multi-statement patterns
- Schema viewer, SQL runner, Ask AI flow, tools tab, ops status, and history surfaces
- Local query logging plus Supabase-backed control-plane direction
- TokenFirewall integration path for routing, budget, cache, and usage controls
git clone https://github.com/SaneethSunkari/Ai-Business-Analyst.git
cd Ai-Business-Analyst/de-10-ai-data-middleware
cp .env.example .env
# set OPENAI_API_KEY in .envStart the demo stack:
docker compose up --buildOpen:
| Surface | URL |
|---|---|
| Homepage | http://localhost:8000/ |
| Workspace | http://localhost:8000/ui |
| Swagger docs | http://localhost:8000/docs |
| ReDoc | http://localhost:8000/redoc |
For non-Docker development:
cd backend
pip install -r requirements.txt
env $(cat ../.env | xargs) uvicorn app.main:app --reload --host 0.0.0.0 --port 8000The local Docker stack includes a PostgreSQL demo database with healthcare-style tables:
patientsencountersconditionsmedicationsproceduresobservationsprovidersorganizationscareplansallergiesimmunizationsimaging_studies
Starter questions:
How many patients are in the database?Show provider names and organization namesList all medications and their total costTop 10 most expensive encounters
| Area | Endpoints |
|---|---|
| Auth | POST /auth/signup, POST /auth/login, GET /auth/me, POST /auth/logout |
| Connections | POST /connections/test, POST /connections/register, GET /connections/, DELETE /connections/{id} |
| Query | POST /query/ask, POST /query/run |
| Schema | POST /schema/scan |
| Agent tools | GET /tools/manifest, POST /tools/invoke |
| Ops | GET /ops/status |
Ai-Business-Analyst/
|-- README.md
|-- CHANGELOG.md
|-- ROADMAP.md
|-- docs/
| `-- VALIDATION.md
`-- de-10-ai-data-middleware/
|-- backend/app/
|-- backend/tokenfirewall/
|-- demo_db/
|-- docs/
|-- supabase/migrations/
|-- Dockerfile
|-- docker-compose.yml
`-- README.md
This is a portfolio-grade product demo with a serious safety model, not a production security certification. The strongest current controls are read-only SQL validation, connection scoping, explicit tool invocation, and query logging. The roadmap calls out the remaining production work: parser-backed SQL validation per dialect, stronger auth, tenant isolation, secrets handling, policy tests, monitoring, and incident-response docs.
MIT. See de-10-ai-data-middleware/LICENSE.