zlacker

[return to "Ask HN: How do you safely give LLMs SSH/DB access?"]
1. vc289+cy1[view] [source] 2026-01-15 01:56:26
>>nico+(OP)
We solved this exact thing for the database layer (postgres for now) with https://tryardent.com

You can't trust any agent to be perfect with a real db so unless you find an infra level way to isolate it, you can't get rid of the problem

So we built a system that creates copy on write copies of your DB and allocates a copy for each agent run. This means a completely isolated copy of your DB with all your data that loads in under a second but zero blast radius risk to your actual system for the agent to operate on. When you're okay with the changes we have a "quick apply" to replay those changes onto your real db

Website is a little behind since we just launched our db sandboxing feature to existing customers and are making it public next week :)

If you want to try it email me -> vikram@tryardent.com

◧◩
2. vc289+Dy1[view] [source] 2026-01-15 01:59:27
>>vc289+cy1
Also, lots of people here have said to give it fine grained, read only access. This works if you want a copilot experience but doesn't allow you to fully let the agent do write-style things like model data or anything else. COW branching removes that restriction
[go to top]