Skip to content
clusters: prooflayer · edgemarket · edgefinance · synthforge · mediakit · wordmint · webprobe · locale · comppoint · rollforge · bestiary · statline · matchpoint · retail · agentops · browserworkflow · modelrouter · compose
$ man db-migration-risk

/db-migration-risk

agentutility / prooflayer / db-migration-risk
PRICE / CALL
$0.02
USDC · base mainnet · scheme: exact
METHOD
POST
CLUSTER
prooflayer
CATEGORY
ai
STATUS
live
NAME
db-migration-risk audits database migrations for risky sql before deploy
SYNOPSIS
POST https://x402.agentutility.ai/db-migration-risk
     Content-Type: application/json
     X-PAYMENT:    <signed-transferWithAuthorization>

     { ... }
↳ first call → 402 Payment Required. Sign USDCtransferWithAuthorization, retry with theX-PAYMENT header.
DESCRIPTION

Audits database migrations for risky SQL before deploy. Walks migrations/, prisma/migrations/, db/migrate/, supabase/migrations/, and alembic/versions/ and flags destructive DDL, lock-heavy ALTER TABLE, NOT NULL without DEFAULT, plain CREATE INDEX (vs CONCURRENTLY), unbounded TRUNCATE/DELETE, and FK validation without NOT VALID. Returns 0-100 score, per-finding kind/severity/path/line/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, ...]} for private / agent-workspace use. Use it as a SQL migration safety check, DROP COLUMN detector, unsafe ALTER TABLE detector, Postgres CREATE INDEX CONCURRENTLY check, Alembic op.drop_* detector, TRUNCATE/DELETE WHERE detector, foreign key NOT VALID check, or pre-deploy DB gate.

OUTPUTresponse shape
fieldtypedescription
scorenumberOverall migration safety score from 0-100, with higher meaning safer (fewer destructive or lock-heavy operations found).
risk_levelstringBucketed risk label like low/medium/high/critical derived from the score and worst-finding severity.
findingsarrayArray of detected issues, each with kind, severity, file path, line number, evidence snippet, and recommendation.
signalsobjectCounts of detected patterns by kind (drop_column, alter_table, create_index_blocking, fk_not_valid, truncate, etc.).
summarystringVenice-generated plain-English verdict explaining the top risks and whether the migration set is safe to deploy.
metadataobjectRun metadata: files scanned, migration dirs found, repo or files mode, framework detected (alembic/prisma/etc), timing.
EXAMPLEStwo ways to call
EXAMPLE 1 · curl
curl -X POST https://x402.agentutility.ai/db-migration-risk \
  -H 'Content-Type: application/json' \
  -d '{ }'
first response = 402 Payment Required with payment requirements; sign + retry with X-PAYMENT.
EXAMPLE 2 · mcp
# Install the MCP package for this endpoint's cluster
npx -y @agentutility/mcp-<cluster>

# Required: EVM private key with USDC on Base
export X402_PRIVATE_KEY=0x...

# Then call the db-migration-risk tool from your MCP-aware agent.
MCP server handles payment automatically — your coding agent just calls the tool by name.
METADATA
tags
securitydatabasemigrationssqlalembicpostgresprooflayer
env
VENICE_API_KEY
methods
POST
cluster
prooflayer
price
$0.02 USDC per call
ADJACENTother endpoints in prooflayer
endpointdescriptionprice
app-store-rejection-explainExplains App Store and Google Play rejections and turns them into a resubmission plan.$0.02
deploy-config-riskAudits deploy configuration files for production risks.$0.02
secrets-exposure-checkScans project config files for hardcoded secrets before you deploy.$0.02
ai-content-detectorDetect AI-generated writing with a calibrated probability score.$0.03
dep-risk-summaryScores dependency risk for a whole repo from its manifests and lockfiles.$0.03
github-repo-healthGitHub repo health score / open-source maintainability checker.$0.03
package-risk-npmScores supply-chain risk for an npm package before you install it.$0.03
prompt-injection-surfaceScans AI app source code for prompt injection risk at LLM call sites.$0.03
SEE ALSO
agentutility · prooflayer · x402 · mcp · llms.txt · registry.json · bazaar.x402.org