OrmAI is a policy-enforced runtime that lets AI agents query your database safely. Field-level redaction, automatic tenant isolation, query budgets, and audit logs for SQLAlchemy, Prisma, Drizzle, and more.https://ormai.neullabs.com/en-ushttps://ormai.neullabs.com/guides/ormai-with-drizzle/https://ormai.neullabs.com/guides/ormai-with-drizzle/Drizzle is the ORM of choice for teams who want type safety without code generation. Here's how to wrap it with OrmAI's policy engine.Wed, 15 Apr 2026 00:00:00 GMTdrizzletypescriptedgeme@dipankar.namehttps://ormai.neullabs.com/guides/ormai-with-prisma/https://ormai.neullabs.com/guides/ormai-with-prisma/Wrap your Prisma client with OrmAI's policy engine. Field-level redaction, tenant scoping, and audit logs over Prisma — without changing your schema.Wed, 15 Apr 2026 00:00:00 GMTprismatypescriptnextjsme@dipankar.namehttps://ormai.neullabs.com/guides/production-checklist/https://ormai.neullabs.com/guides/production-checklist/The 30 things to verify before letting your agent talk to a real database. Compiled from incidents, audits, and three years of shipping.Tue, 14 Apr 2026 00:00:00 GMTproductionchecklistoperationssoc2me@dipankar.namehttps://ormai.neullabs.com/guides/claude-mcp-integration/https://ormai.neullabs.com/guides/claude-mcp-integration/Expose OrmAI's policy-enforced tools as a Model Context Protocol server. Drop it into Claude Desktop, Cursor, or any MCP client.Mon, 13 Apr 2026 00:00:00 GMTmcpclaudeanthropiccursorme@dipankar.namehttps://ormai.neullabs.com/guides/vercel-ai-sdk-integration/https://ormai.neullabs.com/guides/vercel-ai-sdk-integration/Expose OrmAI tools to the Vercel AI SDK so your Next.js / Hono / Sveltekit agent has type-safe, policy-enforced database access.Sun, 12 Apr 2026 00:00:00 GMTvercel-ai-sdktypescriptnextjsagentsme@dipankar.namehttps://ormai.neullabs.com/guides/langgraph-integration/https://ormai.neullabs.com/guides/langgraph-integration/Wire OrmAI tools into a LangGraph state machine so each node has scoped, audited database access.Sat, 11 Apr 2026 00:00:00 GMTlanggraphlangchainpythonagentsme@dipankar.namehttps://ormai.neullabs.com/guides/write-operations-with-approval/https://ormai.neullabs.com/guides/write-operations-with-approval/How to let an agent mutate state without losing your nerve. Reason-required writes, two-person approvals, dry runs, and rollback by design.Fri, 10 Apr 2026 00:00:00 GMTwritesmutationsapprovalshuman-in-the-loopme@dipankar.namehttps://ormai.neullabs.com/articles/agent-database-anti-patterns/https://ormai.neullabs.com/articles/agent-database-anti-patterns/Eleven things we see teams do that cause production agent–database incidents, and what to do instead. Compiled from audits and incident reviews.Thu, 09 Apr 2026 00:00:00 GMTanti-patternsincidentsproductionlessonsme@dipankar.namehttps://ormai.neullabs.com/guides/query-budgets-and-runaway-agents/https://ormai.neullabs.com/guides/query-budgets-and-runaway-agents/Bound how much your agent can scan, return, mutate, and spend per minute. The patterns that keep one curious prompt from melting your database.Thu, 09 Apr 2026 00:00:00 GMTperformancebudgetsrate-limitingoperationsme@dipankar.namehttps://ormai.neullabs.com/articles/mcp-vs-function-calling-vs-policy-runtimes/https://ormai.neullabs.com/articles/mcp-vs-function-calling-vs-policy-runtimes/These three terms get conflated. They solve different problems, at different layers, and you usually want at least two of them. A practical disambiguation.Wed, 08 Apr 2026 00:00:00 GMTmcpfunction-callingpolicyarchitectureme@dipankar.namehttps://ormai.neullabs.com/guides/audit-logs-for-ai-agents/https://ormai.neullabs.com/guides/audit-logs-for-ai-agents/What to log, where to put it, and how to query it when the security team asks 'what did the agent do?'Wed, 08 Apr 2026 00:00:00 GMTauditcompliancesoc2observabilityme@dipankar.namehttps://ormai.neullabs.com/articles/audit-trails-llms-cant-tamper-with/https://ormai.neullabs.com/articles/audit-trails-llms-cant-tamper-with/When the agent has tools, the audit log becomes a target. Here's how to design one that survives a determined LLM (or a determined attacker reaching the LLM).Tue, 07 Apr 2026 00:00:00 GMTauditsecuritytamper-resistancecomplianceme@dipankar.namehttps://ormai.neullabs.com/guides/field-level-redaction-pii/https://ormai.neullabs.com/guides/field-level-redaction-pii/Stop your agent from ever seeing what it shouldn't. Mask, hash, or deny columns at the policy level — without touching application code.Tue, 07 Apr 2026 00:00:00 GMTpiiredactioncompliancesecurityme@dipankar.namehttps://ormai.neullabs.com/articles/capability-based-security-for-ai-agents/https://ormai.neullabs.com/articles/capability-based-security-for-ai-agents/What it would mean to design agent permissions the way capability-secure operating systems were designed. A blueprint.Mon, 06 Apr 2026 00:00:00 GMTcapabilitiessecurityagentsdesignme@dipankar.namehttps://ormai.neullabs.com/guides/multi-tenant-isolation/https://ormai.neullabs.com/guides/multi-tenant-isolation/How to enforce tenant scoping for every read and write your AI agent makes — and why doing it any other way leaks data.Mon, 06 Apr 2026 00:00:00 GMTmulti-tenantisolationsecurityrlsme@dipankar.namehttps://ormai.neullabs.com/articles/from-rag-to-safe-writes/https://ormai.neullabs.com/articles/from-rag-to-safe-writes/Most teams shipped a RAG-only agent in 2024. The next step — letting the agent change state — is a different category of engineering. Here's the path.Sun, 05 Apr 2026 00:00:00 GMTragwritesagentsproductionme@dipankar.namehttps://ormai.neullabs.com/guides/quickstart-fastapi-sqlalchemy/https://ormai.neullabs.com/guides/quickstart-fastapi-sqlalchemy/Stand up a policy-enforced agent database layer in 5 minutes. SQLAlchemy models, FastAPI endpoints, OrmAI policy, and a working tool call you can hand to Claude or GPT.Sun, 05 Apr 2026 00:00:00 GMTquickstartfastapisqlalchemypythonme@dipankar.namehttps://ormai.neullabs.com/articles/capability-tokens-for-ai-a-primer/https://ormai.neullabs.com/articles/capability-tokens-for-ai-a-primer/An old idea from operating systems is becoming load-bearing for agent security. Here's what capability tokens are, and why your agent toolkit should think in them.Sat, 04 Apr 2026 00:00:00 GMTcapabilitiessecurityprimertheoryme@dipankar.namehttps://ormai.neullabs.com/articles/the-agent-data-security-gap/https://ormai.neullabs.com/articles/the-agent-data-security-gap/Most AI safety attention is on the model. The next class of incidents will be at the model–database boundary, and the industry is unprepared.Fri, 03 Apr 2026 00:00:00 GMTsecurityindustryopinionme@dipankar.namehttps://ormai.neullabs.com/articles/why-text-to-sql-fails-in-production/https://ormai.neullabs.com/articles/why-text-to-sql-fails-in-production/It works in demos. It works on a single user's database. It does not work as the safety story for a multi-tenant SaaS agent. Here's the failure-mode catalog.Thu, 02 Apr 2026 00:00:00 GMTtext-to-sqlproductionagentssecurityme@dipankar.namehttps://ormai.neullabs.com/articles/spider-benchmark-zero-unsafe-ops/https://ormai.neullabs.com/articles/spider-benchmark-zero-unsafe-ops/We replayed the entire Spider benchmark — 1,034 natural-language queries across 200 databases — through OrmAI and a strong text-to-SQL baseline. Here's what we found.Wed, 01 Apr 2026 00:00:00 GMTbenchmarkspidertext-to-sqlsecurityme@dipankar.name