Guard agent writes with propose

Guard every agent write with a pre-flight plan. Propose validates the SQL via EXPLAIN, surfaces an estimated row count, and mints a single-use execution token. Apply only when the scope looks correct.

import { PerSQL } from "@persql/sdk";

const db = new PerSQL({ token: process.env.PERSQL_TOKEN! })
  .database("acme", "tasks");

const plan = await db.proposals.propose(
  "UPDATE tasks SET status = ? WHERE id = ?",
  { params: ["done", 42] }
);

console.log(plan.estimatedAffectedRows, plan.sql);
if (plan.estimatedAffectedRows! > 1) {
  console.log("Too broad — letting token expire");
} else {
  const result = await db.proposals.apply(plan.executionToken);
  console.log("Applied", result.rowsWritten);
}

The same flow works in local mode, so tests and production share one guardrail.

Next step

Cost-aware loop