INTEGRATIONS

Connect Vericto to your stack in minutes.

TCP proxy, HTTP API or CLI. Vericto works with any driver, ORM or pipeline that uses a standard connection string — without rewriting your code.

TCP DATABASE_URL=postgres://vericto-proxy:5433/db
API curl .../evaluate -d '{"sql":"DELETE FROM users"}'
CLI vericto check migrations/0001.sql
BLOCKED VERICTO-001 · DELETE sin WHERE
HOW TO CONNECT

Connection modes

Pick the one that fits your architecture. The same deterministic AST evaluation across all three.

TCP proxy

The simplest way: point your connection string at the Vericto proxy instead of your database. It intercepts every query at the protocol level (Postgres/MySQL) and blocks destructive ones before they land. Zero code changes.

Recommended

HTTP API

Validate SQL with a REST call before running it. Ideal for Text-to-SQL pipelines, serverless functions and agents that generate queries dynamically. API-key auth, verdict in the response.

REST

CLI

The vericto binary validates SQL against your workspace rules in pre-commit hooks and CI/CD pipelines. Exit code mirrors the verdict. Binaries for Linux, macOS and Windows published on every release.

CI/CD

Which mode should you use?

TCP proxy HTTP API CLI
Zero code changes
Inline blocking (in the query path)
Validation before execution
Ideal for CI/CD and pre-commit
Requires deploying the proxy
Dialects Postgres · MySQL All 4 All 4
Connection mode: TCP Protocol Via API CLI

Databases

PostgreSQL

Full Postgres dialect support (CTEs, subqueries, extensions) using pg_query, the official parser. Available via inline TCP proxy or the HTTP evaluation API.

TCP ProtocolVia APICLI

MySQL

Full MySQL dialect support with dialect-specific semantic rules — DELETE with LIMIT is valid in MySQL, Vericto applies the correct rules. Available via inline TCP proxy or the HTTP API.

TCP ProtocolVia APICLI

Oracle

Oracle dialect support via the HTTP evaluation API (no TCP wire proxy for Oracle yet). Blocks DELETE/UPDATE without WHERE, DROP TABLE, and TRUNCATE with the same deterministic AST parser.

Via APICLI

SQL Server

MSSQL / SQL Server dialect support via the HTTP evaluation API (no TCP wire proxy yet). AST parsing with T-SQL semantic rules, including CTEs and proprietary syntax.

Via APICLI

SQLite

Roadmap: SQLite dialect support for agents and embedded environments. Ideal for protecting AI pipelines in edge functions and CLI tools with local database access.

COMING SOON

Snowflake

Roadmap: protection for LLM analytics pipelines on Snowflake. Will block TRUNCATE and DROP on production data warehouses.

COMING SOON

Frameworks & tools

LangChain

Compatible with any LangChain agent that uses SQLDatabase. Just change the connection string in your SQLAlchemy engine.

Compatible

Vercel AI SDK

Vericto is transparent to Text-to-SQL pipelines built with the Vercel AI SDK: because the proxy intercepts at the database wire protocol, it protects generated queries no matter how they were produced. No changes to your generation code.

Compatible

Supabase

Protect your Supabase database from destructive agent queries. Being Postgres, it works with the native TCP proxy: point your connection string at the proxy, no code changes.

Compatible

MCP Servers

Native protection for MCP servers that expose databases to AI agents. The MCP ecosystem grows 3x YoY — Vericto grows with it.

Native

GitHub Actions

Native GitHub Actions integration for dry-run in CI/CD. Inline PR annotations flagging destructive queries with the rule code and fix suggestion.

CI/CD

GitLab CI

Run the Vericto CLI as a job in your GitLab CI pipeline. Validate SQL changes on every merge request and stop the pipeline if a destructive query appears.

CI/CD

Ready to connect your stack?

Get started free with the TCP proxy in minutes, or check the integration guide for the step-by-step detail.