Many people use artificial intelligence to write database commands. This saves time. However, these tools sometimes write dangerous code by mistake. The sql-shield tool acts as a filter. It sits between your software and your database. It checks every command the AI writes before the database runs it. This prevents errors and blocks malicious attempts to change or delete your data.
This tool performs four main tasks. It checks which tables and columns the AI wants to access. It makes sure the AI only reads data and never deletes or changes things. It blocks harmful input. Finally, it attempts to fix broken SQL code so your software stays online. It requires zero extra software to run.
- Windows 10 or Windows 11
- 2 gigabytes of RAM
- Working internet connection
- A database instance like PostgreSQL
You need to grab the installer from the official release page.
Click here to visit the release page to download your copy
Choose the file that ends with .exe and save it to your desktop.
- Find the file you downloaded.
- Double-click the file to start the installer.
- Follow the prompts on the screen.
- Click finish once the progress bar completes.
- Search your start menu for sql-shield to open the program.
When you open the program for the first time, you must enter your database link. You also need to list which tables the AI can see. Keep these lists short. Only grant access to the data the AI needs to do its job.
Open the Settings menu. Type your connection string into the Database URL box. Check the box labeled "Strict Mode" if you want the program to trigger an alert on every blocked command. Click Save to apply these changes.
The main dashboard shows a live feed of filtered commands. You will see green text for successful requests and red text for blocked ones. Check this window often when you first set up the tool. This helps you identify if the AI needs more permissions or if it is trying to access restricted areas.
Using this tool adds a layer of protection. Most AI tools receive data from users. Sometimes users try to trick the AI. This process is called injection. If someone types a harmful command into your chat interface, the AI might send that command to your database. Sql-shield identifies these patterns and stops them instantly. It keeps your private data safe from strangers.
If the program does not connect to your database, verify your login information. Make sure your database allows connections from your current location. If the program blocks too many requests, add the required tables to your whitelist.
If you see an error about port numbers, ensure that sql-shield uses a port separate from your database. The default port is usually 3000. If another program uses that port, change it in the Advanced settings tab.
The log file saves a history of every filter action. You can find this file in the installation folder. Open the file with any text editor. Each line shows the time of the event, the source of the command, and the action taken. This file is helpful if you need to explain to a manager why certain requests failed.
Updates improve safety and performance. You should visit the release page once a month to check for new versions. If a new version exists, download the new installer and run it. The installer automatically replaces old files while keeping your current settings intact.
Never share your database password. Always use a restricted database user account that only has read permissions. Even with sql-shield installed, limiting the permissions of your database user provides a second layer of defense. Keep your operating system updated to ensure the latest security patches stay active.
Does this tool store my data? No. The tool only inspects the commands passing through the connection. It does not save the contents of your database.
Will this slow down my applications? No. The tool performs checks instantly. Most users report no change in speed.
Can I use this for non-AI setups? Yes. It functions as a general filter for any incoming queries.
Does it support databases other than PostgreSQL? The tool works best with PostgreSQL. Do not use it with unsupported database types.
If you get stuck, look at the files in this repository. Ensure your configuration matches the provided examples. If you find a bug, open an issue on the repository page. Explain your setup clearly so others can understand the problem. Clear descriptions help solve issues faster.