Constructive turns its widely adopted open source Postgres tooling into a commercial platform that compiles security at the database layer, aiming to eliminate misconfigurations in fast-growing AI-generated backends.
Constructive has unveiled a commercially available platform that prioritizes security from the outset, leveraging its popular open-source Postgres tooling. This innovative platform is specifically designed to safeguard AI-generated and agentic backends by enforcing security measures before any application code is executed. By compiling Row-Level Security (RLS) policies at the time of table creation, it integrates permissions directly into the database layer, effectively mitigating the risks associated with common misconfigurations.
This launch is a significant milestone, following over 100 million npm downloads of Constructive’s open-source developer tools, which function beneath the application layer at the abstract syntax tree (AST) level. Currently, these tools are operational in more than 10 million databases, finding applications across various ecosystems, including Supabase, Neon (recently acquired by Databricks), and Gel Data (acquired by Vercel).
As AI-assisted development accelerates the adoption of Postgres, Constructive aims to address the expanding security gap. Notable incidents, such as the Moltbook exposure of millions of API keys due to misconfigured RLS, alongside AI-generated systems allowing unauthorized table drops and data alterations, underscore the risks that traditional human review processes can no longer adequately manage.
In this context, Constructive positions the database as the definitive source of truth for authorization. The platform ensures that policies are compiled at creation time, supports deterministic migrations, and validates RLS through CI/CD processes. Additionally, it features a built-in, language-agnostic serverless layer where functions automatically inherit enforced permissions. This comprehensive approach is underpinned by multiple provisional patents.
“We trusted software when it moved at human speed—slow enough for developers to inspect every line,” remarked Dan Lynch, Founder and CEO of Constructive. “AI makes that model obsolete. When human review becomes the bottleneck, security can’t be an afterthought—it has to be baked into the architecture.”
The platform is currently in a commercial private beta phase, with enterprise access available through constructive.io.
