Notifications
Clear all
Topic starter
07/06/2026 8:36 pm
TL;DR: Datadog's MCP demo showed that agents complete observability investigations faster with SQL than with freeform tool chains, because structured queries reduce context-window bloat and keep aggregation at the data layer, according to WorkOS. The broader lesson is that AI agent interfaces need precision and scoping, not just more tool access.
NHIMG editorial — based on content published by WorkOS: Datadog: SQL Is the New Bash for AI Agents
Questions worth separating out
Q: How should security teams govern AI agents that query observability data through MCP?
A: They should treat the query interface as an access control boundary, not just an application feature.
Q: Why do structured queries reduce risk for non-human identities and AI agents?
A: Structured queries reduce risk because they replace multi-step tool improvisation with a single, reviewable request.
Q: What breaks when AI agents rely on freeform tools for investigation tasks?
A: What breaks is the chain of custody around intent, state, and result.
Practitioner guidance
- Prioritise structured query surfaces for agent workflows Use SQL or similarly declarative interfaces for investigations, aggregation, and reporting tasks so agents are not forced to improvise across multiple tool calls.
- Scope agent permissions to task-specific datasets Limit what an agent can query by environment, tenant, and data class before exposing observability or log platforms through MCP.
- Log the full query and result path Capture the exact structured statement, the returned dataset, and the follow-up calls so investigations are auditable after the fact.
What's in the full article
WorkOS' full post covers the operational detail this post intentionally leaves for the source:
- The side-by-side demo mechanics showing how the SQL agent and freeform agent behaved differently during the same investigation.
- The Datadog execution architecture choices behind indexed SQL queries and agent-friendly aggregation.
- The exact MCP tool patterns used for metrics, incidents, and monitors in the session.
- The practical workflow implications for teams already exposing observability data to AI assistants.
👉 Read WorkOS' recap of Datadog's SQL-first MCP agent demo →
SQL as an MCP interface for agents: what it changes for teams?
Explore further
08/06/2026 8:13 am
SQL for MCP is really a control boundary, not just a query preference. The article shows that structured queries reduce improvisation, which matters because every unconstrained tool call expands the amount of behaviour identity teams must account for. In practice, SQL narrows the space of permissible actions and creates a cleaner audit trail for non-human access. Practitioners should treat interface design as part of identity governance, not just application ergonomics.
A few things that frame the scale:
- 96% of technology professionals identify AI agents as a growing security threat, and 66% believe this risk is immediate, according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to AI Agents: The New Attack Surface report.
A question worth separating out:
Q: How can teams decide whether to use SQL or natural-language-style tools for agents?
A: Use SQL when the task requires repeatable filtering, counting, joining, or aggregation against governed data. Use natural-language-style tools only when flexibility matters more than precision and the blast radius is small. For production investigations, structured queries usually provide the safer operating model.
👉 Read our full editorial: SQL for MCP agents: why structured queries beat freeform tools
