Active Integration Layer

AI Agents

Pipeline automation for AI agents

Connect Cursor, Claude Code, GitHub Copilot, and custom scripts to MantrixFlow. Draft source-to-destination workflows, inspect runs, and query delivered data cleanly — with strict security guards.

Interactive Demo

Watch MCP Agent in Action

sync new Stripe charges into analytics.revenue every hour
Searching…
Searched sources, destinations, and schemas
Created pipeline-stripe-revenue

Done! Configured a pipeline from stripe.charges to

analytics.revenue with hourly upsert delivery.

How It Works

Multi-service trust boundary

A MantrixFlow custom agent is a model-powered pipeline worker tied to a specific pipeline. Go server acts as the secure boundary, enforcing permission checks before decrypting credentials or calling the ELT runner.

Agent Settings Hub

Configure publisher permissions, allowed origin domains, and table scopes for each worker agent.

AI Flow Planner

Translates natural language prompts into structural tool calls and formatted query options.

Query Guard Boundary

Validates all generated SQL. Blocks mutations, table creation, and queries to unauthorized tables.

Secure Runner

Executes isolated read-only queries against allowlisted sources and destinations.

Client-Side SDK

Loads a lightweight embedded query widget or hooks directly into IDE interfaces via safe API keys.

Request flow
Interface HubIDE or Embedded Widget
AI PlannerTool & query synthesis
Security GuardSchema contracts
Query EngineIsolated execution
Data StoreAllowlisted tables only

Secure Query Execution

Every user question is translated into queries that run within isolated read-only environments. Safe parsing ensures that queries do not mutate destination tables or expose unauthorized connection credentials.

MantrixFlow Agent · analytics.revenue
What was revenue last week?
Generated SQL
SELECT
  SUM(total) AS revenue,
  COUNT(*) AS orders
FROM analytics.order_history
WHERE created_at >= NOW()
  - INTERVAL '7 days'
Revenue last week was $45,231 across 234 orders.
Read-only query validated against allowed_tables

Query Guard

Guarded read-only execution

When an agent requests database content, the system parses the SQL, extracts table references, and matches them against the explicit scoped allowlist. Mutating queries are immediately rejected.

Destination Scope

Queries restricted to authorized allowed_tables configuration.

Source Scope

Queries disabled by default unless explicitly allowed.

Security First

Public embed security model

Your public `agent_key` is safe to put in HTML. Next.js and Go enforce multiple strict runtime barriers to ensure external visitors cannot access private configurations.

Domain allowlisting

Rejects unknown browser origins

Table scoping

Rejects SQL outside the selected table set

Read-only SQL

Rejects mutating SQL before ELT execution

Rate limiting

100 requests per browser session per hour

No public run tools

Embeds cannot trigger pipeline runs

Internal token

Next.js calls Go via X-Internal-Token

Model Agnostic

Model provider integrations

Configure your preferred LLM provider at runtime. The platform dynamically adapts the prompt format and tool completions.

Anthropic

Hosted model with strong tool-call reasoning

Claude Sonnet 4

OpenRouter

Access 100+ models through a single API

Llama 3.1 8B

Ollama

Run locally on M3 Pro — no API key needed

Qwen 3.5 4B

Vercel AI Gateway

Unified routing with analytics and rate limiting

Any provider

OpenAI-compatible

Any proxy that exposes chat completions

LM Studio / vLLM

Agent Workflows

Designed for IDE-native operations

Manage agents cleanly from workspace configuration down to public external embedded widgets.

01

Authenticated Test Chat

Workspace users test the agent before embedding. Tools include execute_query, run_pipeline, and get_run_status — all gated through Go.

02

Public Embedded Chat

Run the same agent from an external website via agent.js or the React SDK. Public chat never receives pipeline-run tools.

03

Pipeline Worker Tools

Authenticated users operate the pipeline from chat: trigger runs, check status, and query delivered data with full SQL validation.

Ready to deploy

Launch pipeline agent

Create an agent for any existing PostgreSQL pipeline in your workspace with zero code needed.