Privacy and Security

When using AI features in DBCode, it’s important to understand what information is shared, where it goes, and what privacy protections apply. This guide covers the security model for all DBCode AI features.

What Information is Shared

DBCode’s AI features share different types of information depending on which feature you use. Understanding what gets shared helps you make informed security decisions.

Schema Information (Inline Completion, Schema Queries)

For inline completion and when asking Copilot/MCP to read table structures, DBCode shares simplified database schema information:

• Table and view names
• Column names and data types
• Primary key definitions
• Foreign key relationships
• Comments on tables and columns (if present)

No actual data values are sent for these features.

Schema AND Data Values (Copilot Tools, MCP Query Execution)

When you ask Copilot Tools or MCP clients to execute queries, DBCode sends:

• Schema information (as above)
• Actual query results including data values from your database

This allows the AI to analyze your data, answer questions about specific records, and help you interpret results.

What is NEVER Shared

Regardless of which feature you use, DBCode NEVER sends:

• Database credentials or passwords
• Connection strings or server addresses
• User information or access control settings
• Data you didn’t explicitly ask the AI to query

Examples: What Gets Sent

For Inline Completion (schema only):

When you use inline completion, DBCode sends a simplified CREATE TABLE representation:

CREATE TABLE users (
  id INTEGER PRIMARY KEY,
  email VARCHAR(255),
  created_at TIMESTAMP
);

CREATE TABLE orders (
  id INTEGER PRIMARY KEY,
  user_id INTEGER,
  total DECIMAL(10,2),
  status VARCHAR(50)
);

ALTER TABLE orders ADD CONSTRAINT fk_user
  FOREIGN KEY (user_id) REFERENCES users(id);

For Copilot Tools / MCP Query Execution (schema AND data):

When you ask Copilot to execute a query like “Show me the top 5 orders”, DBCode sends:

1. The schema (as above)
2. The actual query results:

{
  "columns": ["id", "user_id", "total", "status"],
  "rows": [
    [1, 123, 299.99, "completed"],
    [2, 456, 149.50, "pending"],
    [3, 123, 89.99, "completed"],
    ...
  ]
}

This includes actual data values from your database.

Data Flow by Feature

Different DBCode features send schema information to different destinations. Understanding the flow helps you assess your security posture.

Inline Completion

Data Flow:

1. You type in a SQL file or notebook
2. DBCode retrieves schema for the active database connection
3. Schema is sent to one of:
   • Your custom model endpoint (if configured — see Custom Provider), OR
   • GitHub Copilot’s API (if Copilot is installed and active), OR
   • DBCode’s hosted model (fallback)
4. Model generates SQL suggestion
5. Suggestion appears in your editor

Privacy Model:

• Custom model: Data goes to whichever endpoint you configured. For local models (Ollama, LM Studio), data never leaves your machine.
• GitHub Copilot: Follows GitHub’s privacy policies (GitHub Copilot Trust Center)
• DBCode hosted models: Follows DBCode’s privacy policy (see DBCode Hosted Models Privacy)
• Schema is cached locally to reduce API calls
• Cache is cleared when database schema changes

Copilot Tools

Data Flow:

DBCode → GitHub Copilot API (using your authenticated account) → Response

1. You ask GitHub Copilot a question in chat
2. Copilot uses DBCode tools to request information
3. DBCode sends data directly to GitHub Copilot’s API:
   • Schema information (table/column names) when reading table structures
   • Actual data values when executing queries (SELECT, INSERT, UPDATE, DELETE, DDL)
4. Copilot generates response using your GitHub account context

Privacy Model:

• DBCode does not run its own intermediary service
• Your data never passes through DBCode’s servers - it goes directly to GitHub Copilot
• Data is sent using your authenticated GitHub account
• Follows GitHub’s privacy policies (GitHub Copilot Trust Center)
• Data (both schema and query results) sent on-demand when you explicitly ask Copilot

Important: Unlike inline completion (which only sends schema), Copilot Tools can send actual data values when you ask it to execute queries and return results.

MCP (Model Context Protocol)

Data Flow:

1. External AI client (Cursor, Claude Desktop, etc.) connects to DBCode’s MCP server
2. AI asks DBCode for information using MCP tools
3. DBCode provides data only when explicitly requested:
   • Schema information (table/column names) when reading table structures
   • Actual data values when executing queries
4. AI generates response using whatever model the external client provides

Privacy Model:

• Follows the external client’s privacy policy (varies by client - could be Claude, GPT-4, etc.)
• OAuth authentication ensures only approved clients can access your data
• Data (both schema and query results) sent on-demand when the AI executes tools
• You control which clients can connect via OAuth approval dialog

Note: MCP allows you to use different AI models (Claude, GPT-4, etc.) through external clients. The model used is determined by your MCP client, not by DBCode. Like Copilot Tools, MCP can send actual data values when executing queries.

DBCode Hosted Models Privacy

DBCode uses purpose-specific hosted models for inline completion and execution plan analysis. These models are routed through the Vercel AI Gateway.

Important: Hosted models are used for inline completion and execution plan analysis only. Copilot Tools and MCP do not use hosted models - they require GitHub Copilot or an external AI client respectively.

Models Used

Feature	Model	Provider
Inline Completion	Llama 3.1 8B	Cerebras (via Vercel AI Gateway)
Execution Plan Analysis	GPT-oss 120B	Baseten (via Vercel AI Gateway)

Data Flow

DBCode → dbcode.io API → Vercel AI Gateway → Model Provider → Response

What Data Is Sent

Inline Completion:

• Database schema (table/column names, types, relationships)
• The SQL prefix and suffix around your cursor position

Execution Plan Analysis:

• The query execution plan (EXPLAIN/ANALYZE output)
• The original SQL query
• Database schema (when available)
• Database dialect (e.g., PostgreSQL, MySQL)

Data Handling

• Data is sent to DBCode’s API, then routed through Vercel AI Gateway over encrypted HTTPS
• No persistent storage of schema, queries, or execution plans by DBCode or model providers
• Requests are processed and discarded
• No model training using customer data
• Complies with DBCode’s privacy policy

When Hosted Models Are Used

Inline Completion uses the hosted model automatically when:

• GitHub Copilot extension is not installed
• GitHub Copilot subscription is inactive or expired
• You explicitly choose the hosted model over Copilot

Execution Plan Analysis uses the hosted model when:

• You request AI analysis from the Plan Explorer

Note: If you want to use Copilot Tools or MCP features, you must have GitHub Copilot installed (for Copilot Tools) or an external AI client configured (for MCP). Hosted models cannot be used for these features.

Privacy Considerations

Hosted models send data to DBCode’s servers and through the Vercel AI Gateway to model providers. Consider this when deciding whether to use AI features with sensitive databases.

Disabling AI Features

You can selectively disable AI features while keeping other DBCode functionality.

Disable Inline Completion

Via Settings:

1. Open Settings (Cmd/Ctrl+,)
2. Search for dbcode.ai.inlineCompletion
3. Uncheck the checkbox

Via settings.json:

{
  "dbcode.ai.inlineCompletion": false
}

Disable Copilot Tools

Copilot Tools are only active when you explicitly use them. If you want to prevent accidental usage:

1. Don’t enable agent mode in GitHub Copilot chat
2. Don’t drag DBCode tables/databases into Copilot chat
3. Copilot Tools won’t be invoked unless explicitly requested

Disable MCP Server

The MCP server is off by default. To ensure it stays disabled:

1. Don’t run DBCode: MCP Start Server command
2. Remove any MCP client configurations pointing to DBCode
3. MCP will not send any schema information unless the server is running

Data Residency

DBCode Hosted Models

DBCode’s hosted models are routed through the Vercel AI Gateway, which selects the optimal provider. Data flows through:

1. DBCode’s API (hosted on Vercel)
2. Vercel AI Gateway
3. Model provider (Cerebras for inline completion, Baseten for execution plan analysis)

Check Vercel’s AI Gateway documentation for current data residency information.

GitHub Copilot

Data sent to GitHub Copilot is processed according to GitHub’s infrastructure. Check GitHub’s Copilot Trust Center for current data residency and privacy information.

MCP Clients

Data residency for MCP depends on which external AI client you use. Each client (Cursor, Claude Desktop, etc.) has its own infrastructure and data handling policies.

Frequently Asked Questions

Does DBCode send my query results to AI models?

It depends on which feature you use:

• Inline Completion: No - only schema (table structure) is sent
• Copilot Tools: Yes - when you ask Copilot to execute queries, actual data values are sent to GitHub Copilot
• MCP: Yes - when the AI executes queries, actual data values are sent to the external client’s model

You have full control - data is only sent when you explicitly ask the AI to execute a query.

Can I use AI features offline?

It depends on your provider:

• Custom model (local): Yes — if you’re running a local model server like Ollama or LM Studio, no internet connection is needed
• Custom model (cloud): No — requires connection to the remote API
• GitHub Copilot: No — requires connection to GitHub’s Copilot API
• DBCode hosted model: No — requires connection to DBCode’s servers
• MCP: No — requires connection to both DBCode’s MCP server and the external AI client’s services

What happens if my database credentials are in environment variables or connection strings?

Database credentials are never sent to AI models. Only schema information is transmitted. Connection credentials remain local to your VS Code instance.

Does enabling Copilot Tools mean my schema is always being sent to GitHub?

No. Schema is sent only when you explicitly ask Copilot to read your database structure or execute queries. It’s not automatically transmitted.

How is the MCP server authenticated?

DBCode’s MCP server uses OAuth 2.1 by default. You must approve each client that wants to connect via an approval dialog in VS Code. This ensures only authorized AI clients can access your schema.

Can I see what schema information will be sent?

Yes. The schema format sent to AI models is a simplified CREATE TABLE syntax. You can preview what would be sent by:

1. Right-clicking a table in the DB Explorer
2. Selecting “Script Table → CREATE”
3. Viewing the generated DDL (actual version sent is simplified further)

What if I have table/column names that reveal sensitive business information?

This is a valid concern. Table names like secret_projects or column names like classified_clearance_level may reveal information you don’t want shared. Options:

1. Use generic aliases in development databases
2. Disable AI features for those specific databases
3. Review your organization’s policies on what can be shared with external AI services

Related Documentation

• Models and Configuration - How to configure and select AI models
• Custom Provider - Use your own AI model
• Inline Completion - Using inline SQL suggestions
• Copilot Tools - Natural language database queries
• MCP - Connecting external AI clients

External Resources

• GitHub Copilot Trust Center
• DBCode Privacy Policy