Skip to content

DevWhiz1/SQL-Agent-Security-Analytics

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

2 Commits
SQLAgent
SQLAgent
Β 
Β 
.gitignore
.gitignore
Β 
Β 
README.md
README.md
Β 
Β 
langchain-google-genai.txt
langchain-google-genai.txt
Β 
Β 
requirements.txt
requirements.txt
Β 
Β 

Repository files navigation

πŸ›‘οΈ SQL Agent Security & Analytics

A hands-on educational repository demonstrating the evolution from basic SQL agents to secure, production-ready analytics systems using LangChain and OpenAI. Learn step-by-step how to build safe, effective SQL agents for business intelligence.

πŸš€ Quick Start

Prerequisites

  • Python 3.8+
  • OpenAI API key (for scripts using LLMs)
  • Basic knowledge of SQL and Python

Setup Instructions

# 1. Create and activate a virtual environment (from project root)
python -m venv .venv && source .venv/bin/activate

# 2. Install dependencies
pip install -r requirements.txt

# 3. Navigate to the SQLAgent folder
cd SQLAgent

# 4. (Optional) Reset the database to its initial state
python scripts/reset_db.py

# 5. Run the tutorial scripts in order
python scripts/00_simple_llm.py         # Simple LLM usage (no agents/tools)
python scripts/01_simple_agent.py       # Basic SQL agent
python scripts/02_risky_delete_demo.py  # ⚠️ Dangerous patterns (educational)
python scripts/03_guardrailed_agent.py  # Secure implementation
python scripts/04_complex_queries.py    # Advanced analytics

πŸ“ Project Structure

agent/
β”œβ”€β”€ requirements.txt
β”œβ”€β”€ README.md
└── SQLAgent/
    β”œβ”€β”€ sql_agent_class.db         # SQLite database with sample data
    β”œβ”€β”€ sql_agent_seed.sql         # Database schema and seed data
    └── scripts/
        β”œβ”€β”€ 00_simple_llm.py           # Simple LLM usage
        β”œβ”€β”€ 01_simple_agent.py         # Basic SQL agent
        β”œβ”€β”€ 02_risky_delete_demo.py    # Dangerous patterns (educational)
        β”œβ”€β”€ 03_guardrailed_agent.py    # Secure SQL agent
        β”œβ”€β”€ 04_complex_queries.py      # Advanced analytics
        └── reset_db.py                # Database reset utility

πŸ“š Learning Progression

Each script demonstrates a new concept or security improvement:

  1. 00_simple_llm.py – Pure LLM usage, no database or agent
  2. 01_simple_agent.py – Basic SQL agent, unrestricted access
  3. 02_risky_delete_demo.py – Shows dangerous patterns and why security is needed
  4. 03_guardrailed_agent.py – Secure agent with input validation and guardrails
  5. 04_complex_queries.py – Advanced analytics and business intelligence

πŸ”’ Security Concepts Demonstrated

  • Input validation and SQL injection prevention
  • Whitelist-based security (only allow SELECT statements)
  • Result set limiting
  • Multi-statement prevention
  • Error handling and safe reporting

πŸ—„οΈ Database Schema

The included SQLite database (sql_agent_class.db) contains realistic e-commerce data with tables for customers, orders, order_items, products, payments, and refunds. The schema and seed data are in sql_agent_seed.sql.

⚠️ Safety Guidelines

  • Use the provided SQLite database for learning only
  • Do NOT use dangerous patterns from 02_risky_delete_demo.py in production
  • Always validate and restrict agent capabilities in real-world applications

🀝 Contributing

Contributions to improve documentation, security, or analytics examples are welcome!

Start with the basics, understand the risks, and build robust, secure SQL agents!

About

SQL Agent Security & Analytics Masterclass

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages