Constructive turns its widely adopted open source Postgres tooling into a commercial platform that compiles security at the database layer, aiming to eliminate misconfigurations in fast-growing AI-generated backends.
Constructive has launched the commercial availability of a secure-by-default Postgres platform built on its widely adopted open-source tooling, designed to protect AI-generated and agentic backends by enforcing security before any application code runs. The system compiles Row-Level Security (RLS) policies at table creation, embedding permissions directly into the database layer and eliminating common misconfiguration risks.
The launch follows more than 100 million npm downloads across Constructive’s open-source developer tools, which operate beneath the application layer at the abstract syntax tree (AST) level. The tooling is already running in production across more than 10 million databases and is used across ecosystems including Supabase, Neon (acquired by Databricks) and Gel Data (acquired by Vercel).
The company targets a widening security gap as AI-assisted development accelerates Postgres adoption. Incidents such as Moltbook exposing millions of API keys due to misconfigured RLS, alongside AI-generated systems permitting unauthorised table drops and data changes, highlight risks that human review can no longer reliably catch.
Constructive makes the database the source of truth for authorisation, with policies compiled at creation time, deterministic migrations, CI/CD validation of RLS, and a built-in, language-agnostic serverless layer where functions inherit enforced permissions automatically. The approach is supported by multiple provisional patents.
“We trusted software when it moved at human speed—slow enough for developers to inspect every line,” said Dan Lynch, Founder and CEO of Constructive. “AI makes that model obsolete. When human review becomes the bottleneck, security can’t be an afterthought—it has to be baked into the architecture.”
The platform is launching in commercial private beta, with enterprise access available at constructive.io.
