QuerySentry

QuerySentry is a web app (with optional CLI) that scans SQL changes and database access patterns to catch security issues before they reach production. It focuses on practical, high-frequency problems: overly broad privileges, missing row-level security checks, dangerous dynamic SQL, insecure functions, and queries that leak sensitive columns. It integrates with GitHub/GitLab PRs to comment on migrations and SQL files, and it can also run against query logs (where available) to flag real-world exposure. This is a combination traditional + AI app: deterministic rules handle known anti-patterns, while an LLM explains findings, suggests safer rewrites, and generates least-privilege role grants tailored to the schema. It’s not a silver bullet—DB security is messy—but it can measurably reduce “we accidentally exposed data” incidents with minimal workflow disruption.