Open Source · MIT Licensed

Stop letting Claude touch your prod database.

You're using Claude Code or Cursor against a real codebase with a real database. Every time the agent is about to do something database-adjacent, you feel that quiet pang of “wait, should I let it do that?”

sow is the safety layer. One command points it at your prod Postgres, samples the data, scrubs every PII column with realistic fakes, and gives your coding agent a sandboxed local copy to hammer. Prod never gets touched. The sandbox runs in seconds, resets in under one. 100% local. Zero API calls. Zero cost.

Install in 30 secondsStar on GitHub
bash
$ cd your-project
$ sow sandbox
✓ Detected Prisma project
✓ Sampled 18 tables (200 rows each)
✓ Sanitized 47 PII columns
✓ Local sandbox at :54320
✓ Patched .env.local (backup written)
Ready. Your coding agent now talks to a sanitized
copy of your DB. Prod is untouched.
$ sow branch reset sandbox
✓ Reset in 0.3s — back to seed state

Why sow

Six reasons it belongs in your dev loop

Built for coding agents

22 MCP tools, --json mode for every command, deterministic seeds so bugs reproduce across sessions.

PII-safe by default

Detects emails, phones, names, addresses, SSNs, and JSONB-embedded fields. Fail-closed: aborts on unknown Postgres types unless you opt in with --allow-unsafe.

Reset in under 1 second

Postgres template-database backed. Your agent can try a destructive change, verify, reset, retry — fifty iterations in a minute.

Zero config

Auto-detects env files, Prisma, Drizzle, Knex, TypeORM, Sequelize, Docker Compose. Identifies Supabase, Neon, Vercel Postgres, Railway.

Read-only on the source

sow never writes to your production database. Parameterized queries, identifier escaping, security-audited by Claude and Codex.

100% local

No cloud round-trip, no third party holding your sanitized data, no account, no API key. The sandbox lives on your laptop.

Cookbook

Three workflows that show what sow unlocks

Let Claude refactor your schema without fear

Add a column, drop an index, rename a table. Verify, reset, try a different approach. Five iterations in a minute, prod untouched.

See the workflow →

Let Cursor generate seed data for a new feature

Ask your agent for 100 realistic users with orders. Inspect with sow branch sample. Reset and ask for a different distribution.

See the workflow →

Let your coding agent debug a failing migration

Replay your last migration on the sandbox. If it fails, reset and try a fix. No prod risk, no staging pollution.

See the workflow →

Install

Install in 30 seconds

npm install -g @sowdb/cli
cd your-project
sow sandbox

That's it. Your .env.local now has DATABASE_URL pointing at the sandbox. Your coding agent reads it like any other env var.

Coming Soon

sow Cloud

sow CLI is free, open source, and works 100% locally. Always will be. sow Cloud is for teams: shared connectors, CI/CD without Docker-in-Docker, compliance, and a team dashboard.

Join the Waitlist