faz

Introduction

Let your AI assistant query your databases — without it dropping a table, leaking sensitive rows, or pulling 200 million records by accident.

What is faz?

faz is a safety layer that sits between an AI assistant (Claude, Cursor, ChatGPT, or any MCP-compatible client) and your databases. You connect faz to your databases once — Postgres, MongoDB, Neo4j, Elasticsearch, and ten others. Your AI assistant then talks to faz instead of talking to your databases directly.

Every query the assistant writes is checked before it runs. Destructive commands are blocked. Tables you marked as off-limits stay off-limits. Large result sets get a LIMIT added automatically. Everything — allowed or blocked — is written to an audit log so you can see exactly what your assistant did.

How a query flows through faz

   Your AI assistant

          │   "SELECT * FROM customers WHERE total > 500"

   ┌────────────────────────────────────────┐
   │                  faz                   │
   │                                        │
   │   1. Block destructive intent          │
   │   2. Check table-level permissions     │
   │   3. Reject schema changes (DROP, …)   │
   │   4. Scan for injection patterns       │
   │   5. Add LIMIT and timeout             │
   │                                        │
   └────────────────────────────────────────┘

          │   Safe, bounded, audited

   ┌────────────────────────────────────────┐
   │   Your database                        │
   │   (PostgreSQL, MongoDB, Neo4j, …)      │
   └────────────────────────────────────────┘

If the query passes all five checks, faz runs it and returns the rows. If it fails any check, faz returns a clear error explaining which check rejected it and why — so your assistant can correct itself and try again.

Try it in three steps

Install faz and create a config file.

pip install faz-core
faz init

This creates faz.yaml (your config) and a .faz/ directory (where the audit log lives).

Add a database. The interactive wizard asks for connection details:

faz add-database
uv run faz add-database
python -m faz add-database

Or edit faz.yaml directly. A read-only Postgres setup looks like this:

databases:
  - name: <database>          # used as --database <database> in queries
    type: postgresql
    host: localhost
    port: 5432
    database: <db-name>
    username: <username>
    password: <password>

permissions:
  - database: <database>      # must match `name:` above
    access: R                 # read-only baseline for every table

Connect your AI assistant. This auto-configures Claude Desktop, Cursor, or OpenClaw:

faz mcp install
uv run faz mcp install
python -m faz mcp install

Restart your assistant, and ask it: "What databases do you have access to?"

Did a step fail? See Troubleshooting for fixes to the most common install, config, and connection issues.

Where to go next

Quickstart

The detailed setup walkthrough — connection strings per database type and how to verify it's working.

How faz protects you

Each of the five safety checks explained, with examples of what they catch and what they let through.

Configuration

The full faz.yaml reference — databases, per-table permissions, row limits, and timeouts.

Install

Install faz with pip, generate a config file, and verify the install works against your environment.

On this page

What is faz?How a query flows through fazTry it in three stepsWhere to go next