AI database access should not be approved with a vibe check A developer at Conexor argues that AI database access requires a practical security checklist rather than a simple 'vibe check.' The checklist covers identity, permissions, tool scope, query controls, and auditability to ensure safe production access. The developer published a detailed checklist on Conexor's blog. The demo is easy. Connect a model to a database. Ask a natural-language question. Get an answer. The production decision is harder. Who is the model acting for? Which tables can it touch? What happens when it guesses the wrong join? Can you reconstruct what happened after the fact? Before an AI agent queries production data, the access path needs a review. Not a six-month governance program. A practical checklist. The checklist I keep coming back to: That last part matters. There is a big difference between letting an agent prepare a recommendation and letting it surprise production. MCP makes database access feel simple from the client side. That is good. But it also means the security model has to move into the layer between the prompt and the database: identity, permissions, tool scope, query controls, and auditability. I expanded this into a more detailed Conexor checklist here: https://conexor.io/blog/ai-database-access-review-checklist?utm source=devto&utm medium=article&utm campaign=content https://conexor.io/blog/ai-database-access-review-checklist?utm source=devto&utm medium=article&utm campaign=content The goal is not “connect AI to prod.” The goal is to approve a specific, inspectable AI data access path.