Developer Abhinav, founder of Plain, presented a collection of internal tools built by an AI agent in a Hacker News “Show HN” post. The project, available at plain.so, emphasizes “security by default” in its AI-driven development process. The stated goal is to enable users to easily build secure internal tools based on their database schemas.
The showcased tools on the Plain.so website include a “Customer 360” dashboard, a “Team Directory”, a “Sales Dashboard”, and managers for inventory, bugs, and projects. The AI agent reportedly builds these applications based on a user-provided database schema and a prompt describing the desired tool. Abhinav announced that a waitlist is available for those interested in using the AI agent directly.
How the AI Agent Implements Security
The core security claim centers on the AI agent’s process for generating code. According to the author, the agent is designed to prevent common vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), and command injection. This is achieved by generating code that uses parameterized queries and context-aware escaping. The author specified that the agent utilizes a query builder, like Drizzle ORM, to ensure database queries are handled securely.
The generated code is TypeScript intended to be run on the Deno Deploy platform. The development process requires the user to provide the database schema, but the AI agent itself does not receive direct access to the user’s database. The security measures are integrated into the agent’s code generation logic, rather than relying on a human developer to implement them manually.
Project Status and Development Details
In the Hacker News discussion, Abhinav confirmed the project is being built in public and that he is actively seeking user feedback. He clarified that the AI model used is a fine-tuned open-source model, not GPT. The generated code is not open source at this time. When asked about the business model, the founder stated it is a “work in progress” as the immediate focus is on building a useful product.
Concise Cyber 