Faz is a middleware that sits between AI agents and databases and ensures all query passes through safety pipelines, so that your agents can't nuke your databases or access data that they are not supposed to.
Nice concept!
I’m concerned about that LLM might discover `faz.yaml` and directly access the databases.
Wouldn’t it be more deterministic and safer to wrap the database itself and use a safety-pipeline-enabled DB instead?
It will definitely do that. That we believe you have to make it protocol aware. For eg. if it mysql, it should be proxy that translates as is. then it can't by pass. Also, the proxy should not reveal real credentials.