QueryShield Launches Secure SQL Proxy with Row-Level Security for AI Agents
Key Takeaways
- ▸QueryShield provides end-to-end encryption, AST-level SQL validation, and per-agent row-level security for AI agents querying databases
- ▸Free tier available with 3 databases and 1M queries/month; agents never have access to connection strings or encrypted credentials
- ▸MCP-native integration allows one-click deployment in Claude Desktop, Cursor, and compatible platforms via pip install
Summary
QueryShield, a new security-focused startup, has launched a secure proxy layer designed specifically for AI agents that need to query databases safely. The platform translates natural language requests from AI agents into validated SQL, enforcing row-level security (RLS) policies and maintaining an immutable audit log of all queries. Built with MCP (Model Context Protocol) integration, QueryShield allows agents in Claude Desktop, Cursor, and other MCP-aware clients to securely access databases without ever seeing connection strings.
The service operates through a straightforward workflow: developers register encrypted database connections, agents submit natural language queries via API, and QueryShield translates them to SQL using Claude, validates the SQL at the AST level for safety, applies per-agent RLS policies, and executes the query while logging all activity. Database credentials are encrypted at rest with AES-128 (Fernet), ensuring agents never gain access to sensitive connection information.
QueryShield's architecture addresses a critical gap in current AI agent deployments—the security and auditability of database access. By sitting between agents and databases, it enforces deterministic safety checks and ensures that agents operating in production environments can be properly governed and monitored. The product offers a generous free tier supporting up to 3 databases and 1 million queries per month with no credit card required, and is already listed in the official MCP Registry for easy installation.
- Addresses the critical need for auditability and governance in AI agent database access with append-only audit logging
Editorial Opinion
QueryShield tackles one of the most pressing challenges in AI agent deployment: how to let agents query live databases safely without compromising security or audit capabilities. The product's combination of natural language understanding, AST-level SQL validation, and per-agent row-level security represents a thoughtful approach that many enterprises will find essential for production AI agent systems. The tight integration with MCP and the generous free tier could make this a standard component in AI agent stacks, particularly for teams building on Claude.
