Use Case · Pydantic AI

Type-safe agents still need scoped data access.

Pydantic AI validates your agent's inputs and outputs. Civic validates which data sources it can reach in the first place.

Start building See how it works

use case / pydantic ai

The agent's structured output was perfect. The data it read wasn't supposed to be there.

Just imagine, one day…

You build a Pydantic AI agent to generate weekly analytics reports. It connects to your data warehouse and returns clean, typed output. Every field validated. Every schema enforced. Textbook implementation.

The agent queries the analytics database. It also queries the users table in the same database. The report includes aggregated revenue numbers broken down by customer tier, which is fine, and individual customer contract values, which is not. The structured output is perfectly typed. The data inside it is a breach.

Type safety validates the shape. It doesn't validate whether the agent should have read that table.

Without scoped access, type safety protects the shape, not the data.

It does things you did not intend

You asked for analytics. It read the contracts table too. The output was perfectly typed. The data was a breach.

You cannot prove what happened

Which tables were queried? Which rows returned? Pydantic validates output shape but doesn't log data access patterns. You're checking database audit logs.

You cannot stop it fast enough

The report was generated and delivered. The contract data is in someone's inbox. You can't un-send a validated, well-structured report.

It gets confused and you never know

The contracts table sits in the same database as analytics. The agent saw it as another data source to enrich the report. No guardrail told it otherwise.

Your Pydantic AI agent calls Civic. Civic scopes which tables it can query.

Connectivity

One MCP endpoint for databases, APIs, and file storage. Your Pydantic AI agent connects to all data sources through Civic.

Guardrails

Query analytics.events and analytics.metrics. Nothing else in that database. The contracts table is invisible, not blocked.

Auditability

Every query, every table access, every row count logged. See which data the agent touched before the report leaves your system.

Revocation

Revoke the agent's access and every database connection drops. No stale credentials. No cached connection pools.

Connect Pydantic AI through Civic in three steps

Pydantic AI Agent

Add analytics database.

Allow queries on analytics.events and .metrics.

Make customer_contracts invisible.

Done. 1 tool connected:

✓ Analytics DB — events + metrics only

Your MCP URL and token are ready to copy.

Read the docs

The same scenario. Different outcomes.

Without Civic, the agent queries every table the credentials allow. With Civic, it only sees the tables you scoped.

$ python analytics_agent.py --weekly

[pydantic-ai] querying analytics database...

[db:read] analytics.events — 1.2M rows

[db:read] analytics.users — 34K rows

[db:read] ✘ customer_contracts accessed

$ # contract values in the report. schema valid, data exposed.

$ python analytics_agent.py --weekly

[pydantic-ai] querying analytics via Civic...

[db:read] analytics.events — 1.2M rows

[db:read] analytics.metrics — OK

[nexus] customer_contracts — not in scope

$ # only analytics tables queried. contracts invisible.

Ship safer with Civic

We'll help you implement authenticated, scoped, and auditable access without slowing down your build.

Start building Read the docs