Privacy and Security

When using AI features in DBCode, it’s important to understand what information is shared, where it goes, and what privacy protections apply. This guide covers the security model for all DBCode AI features.

What Information is Shared

DBCode’s AI features share different types of information depending on which feature you use. Understanding what gets shared helps you make informed security decisions.

Schema Information (Inline Completion, Schema Queries)

For inline completion and when asking Copilot/MCP to read table structures, DBCode shares simplified database schema information:

  • Table and view names
  • Column names and data types
  • Primary key definitions
  • Foreign key relationships
  • Comments on tables and columns (if present)

No actual data values are sent for these features.

Schema AND Data Values (Copilot Tools, MCP Query Execution)

When you ask Copilot Tools or MCP clients to execute queries, DBCode sends:

  • Schema information (as above)
  • Actual query results including data values from your database

This allows the AI to analyze your data, answer questions about specific records, and help you interpret results.

What is NEVER Shared

Regardless of which feature you use, DBCode NEVER sends:

  • Database credentials or passwords
  • Connection strings or server addresses
  • User information or access control settings
  • Data you didn’t explicitly ask the AI to query

Examples: What Gets Sent

For Inline Completion (schema only):

When you use inline completion, DBCode sends a simplified CREATE TABLE representation:

CREATE TABLE users (
  id INTEGER PRIMARY KEY,
  email VARCHAR(255),
  created_at TIMESTAMP
);


CREATE TABLE orders (
  id INTEGER PRIMARY KEY,
  user_id INTEGER,
  total DECIMAL(10,2),
  status VARCHAR(50)
);


ALTER TABLE orders ADD CONSTRAINT fk_user
  FOREIGN KEY (user_id) REFERENCES users(id);

For Copilot Tools / MCP Query Execution (schema AND data):

When you ask Copilot to execute a query like “Show me the top 5 orders”, DBCode sends:

  1. The schema (as above)
  2. The actual query results:
{
  "columns": ["id", "user_id", "total", "status"],
  "rows": [
    [1, 123, 299.99, "completed"],
    [2, 456, 149.50, "pending"],
    [3, 123, 89.99, "completed"],
    ...
  ]
}

This includes actual data values from your database.

Data Flow by Feature

Different DBCode features send schema information to different destinations. Understanding the flow helps you assess your security posture.

Inline Completion

Data Flow:

  1. You type in a SQL file or notebook
  2. DBCode retrieves schema for the active database connection
  3. Schema is sent to either:
    • GitHub Copilot’s API (if Copilot is installed and active), OR
    • DBCode’s hosted model (if Copilot is not available)
  4. Model generates SQL suggestion
  5. Suggestion appears in your editor

Privacy Model:

Copilot Tools

Data Flow:

DBCode → GitHub Copilot API (using your authenticated account) → Response
  1. You ask GitHub Copilot a question in chat
  2. Copilot uses DBCode tools to request information
  3. DBCode sends data directly to GitHub Copilot’s API:
    • Schema information (table/column names) when reading table structures
    • Actual data values when executing queries (SELECT, INSERT, UPDATE, DELETE, DDL)
  4. Copilot generates response using your GitHub account context

Privacy Model:

  • DBCode does not run its own intermediary service
  • Your data never passes through DBCode’s servers - it goes directly to GitHub Copilot
  • Data is sent using your authenticated GitHub account
  • Follows GitHub’s privacy policies (GitHub Copilot Trust Center)
  • Data (both schema and query results) sent on-demand when you explicitly ask Copilot

Important: Unlike inline completion (which only sends schema), Copilot Tools can send actual data values when you ask it to execute queries and return results.

MCP (Model Context Protocol)

Data Flow:

  1. External AI client (Cursor, Claude Desktop, etc.) connects to DBCode’s MCP server
  2. AI asks DBCode for information using MCP tools
  3. DBCode provides data only when explicitly requested:
    • Schema information (table/column names) when reading table structures
    • Actual data values when executing queries
  4. AI generates response using whatever model the external client provides

Privacy Model:

  • Follows the external client’s privacy policy (varies by client - could be Claude, GPT-4, etc.)
  • OAuth authentication ensures only approved clients can access your data
  • Data (both schema and query results) sent on-demand when the AI executes tools
  • You control which clients can connect via OAuth approval dialog

Note: MCP allows you to use different AI models (Claude, GPT-4, etc.) through external clients. The model used is determined by your MCP client, not by DBCode. Like Copilot Tools, MCP can send actual data values when executing queries.

DBCode Hosted Model Privacy

When GitHub Copilot is not available, DBCode uses its own hosted model as a fallback for inline completion only.

Important: The hosted model is only used for inline completion. Copilot Tools and MCP do not use the hosted model - they require GitHub Copilot or an external AI client respectively.

How It Works

The hosted model:

  • Powered by GROQ (api.groq.com) using the Llama 3.1 8B Instant model
  • Used only for inline completion feature
  • DBCode sends schema to dbcode.io API, which forwards to GROQ
  • Processes requests and returns SQL suggestions
  • Schema information is sent via encrypted HTTPS

Data Flow

DBCode → dbcode.io API → GROQ API → Response

Data Handling

  • Schema is sent to DBCode’s API, then forwarded to GROQ over encrypted HTTPS
  • No persistent storage of schema information by DBCode or GROQ
  • Requests are processed and discarded
  • No model training using customer data
  • Complies with DBCode’s privacy policy

When It’s Used

The hosted model is used automatically for inline completion when:

  • GitHub Copilot extension is not installed
  • GitHub Copilot subscription is inactive or expired
  • You explicitly choose the hosted model over Copilot

Note: If you want to use Copilot Tools or MCP features, you must have GitHub Copilot installed (for Copilot Tools) or an external AI client configured (for MCP). The hosted model cannot be used for these features.

Privacy Considerations

The hosted model sends schema data to DBCode’s servers and GROQ’s API for inline completion only. Consider this when deciding which model to use for your databases.

Disabling AI Features

You can selectively disable AI features while keeping other DBCode functionality.

Disable Inline Completion

Via Settings:

  1. Open Settings (Cmd/Ctrl + ,)
  2. Search for dbcode.ai.inlineCompletion
  3. Uncheck the checkbox

Via settings.json:

{
  "dbcode.ai.inlineCompletion": false
}

Disable Copilot Tools

Copilot Tools are only active when you explicitly use them. If you want to prevent accidental usage:

  1. Don’t enable agent mode in GitHub Copilot chat
  2. Don’t drag DBCode tables/databases into Copilot chat
  3. Copilot Tools won’t be invoked unless explicitly requested

Disable MCP Server

The MCP server is off by default. To ensure it stays disabled:

  1. Don’t run DBCode: MCP Start Server command
  2. Remove any MCP client configurations pointing to DBCode
  3. MCP will not send any schema information unless the server is running

Data Residency

DBCode Hosted Model

The DBCode hosted model uses GROQ’s infrastructure. Schema data flows through:

  1. DBCode’s API (hosted on Vercel)
  2. GROQ’s API (api.groq.com)

Check GROQ’s documentation for current data residency information.

GitHub Copilot

Data sent to GitHub Copilot is processed according to GitHub’s infrastructure. Check GitHub’s Copilot Trust Center for current data residency and privacy information.

MCP Clients

Data residency for MCP depends on which external AI client you use. Each client (Cursor, Claude Desktop, etc.) has its own infrastructure and data handling policies.

Frequently Asked Questions

Does DBCode send my query results to AI models?

It depends on which feature you use:

  • Inline Completion: No - only schema (table structure) is sent
  • Copilot Tools: Yes - when you ask Copilot to execute queries, actual data values are sent to GitHub Copilot
  • MCP: Yes - when the AI executes queries, actual data values are sent to the external client’s model

You have full control - data is only sent when you explicitly ask the AI to execute a query.

Can I use AI features offline?

No. All AI features require internet connectivity:

  • GitHub Copilot: Requires connection to GitHub’s Copilot API
  • DBCode hosted model: Requires connection to DBCode’s servers
  • MCP: Requires connection to both DBCode’s MCP server and the external AI client’s services

What happens if my database credentials are in environment variables or connection strings?

Database credentials are never sent to AI models. Only schema information is transmitted. Connection credentials remain local to your VS Code instance.

Does enabling Copilot Tools mean my schema is always being sent to GitHub?

No. Schema is sent only when you explicitly ask Copilot to read your database structure or execute queries. It’s not automatically transmitted.

How is the MCP server authenticated?

DBCode’s MCP server uses OAuth 2.1 by default. You must approve each client that wants to connect via an approval dialog in VS Code. This ensures only authorized AI clients can access your schema.

Can I see what schema information will be sent?

Yes. The schema format sent to AI models is a simplified CREATE TABLE syntax. You can preview what would be sent by:

  1. Right-clicking a table in the DB Explorer
  2. Selecting “Script Table → CREATE”
  3. Viewing the generated DDL (actual version sent is simplified further)

What if I have table/column names that reveal sensitive business information?

This is a valid concern. Table names like secret_projects or column names like classified_clearance_level may reveal information you don’t want shared. Options:

  1. Use generic aliases in development databases
  2. Disable AI features for those specific databases
  3. Review your organization’s policies on what can be shared with external AI services

External Resources