AI integration for data-heavy B2B teams
Natural-language-to-SQL with safety rails, anomaly detection on metrics, and insight generation that cites the rows it came from.
Domain context
AI surfaces in data products are deceptively easy to demo and hard to make trustworthy. A natural-language-to-SQL feature that works on a whiteboard demo will, in production, write a query that joins the wrong tables, returns numbers that look reasonable, and quietly costs the customer their trust the first time someone notices the answer is wrong. Anomaly detection that fires on every Black Friday and every product launch becomes alert noise the team mutes. Auto-generated "insights" that don't link back to the underlying rows are unverifiable, and therefore unusable. We design AI features for data products assuming the analyst will verify the model's output against the underlying data, and that every assertion needs to be traceable back to source rows the user can click through to. The bar isn't "the model usually gets it right." It's "the customer can prove the answer."
Why this combination
Generic LLM integration work is mostly plumbing. Vector store, RAG, chat surface, ship. For a data product, that's the easy part. The hard part is the rails. A NL-to-SQL surface that runs the generated query in a read-only sandbox first to catch joins on the wrong cardinality before the user ever sees the result. An anomaly-detection layer that learns the customer's seasonality before it starts paging anyone. An insight-generation flow that returns "no significant change" as often as it returns a finding, because that's the honest answer most of the time. None of this is framework code. It's the difference between an AI feature the customer turns off after a week and one that becomes a habit.
“Shipped a NL-to-SQL surface with a 1,800-query eval harness. 94% of generated queries pass the eval and execute against a sandboxed read-replica before any result is shown to the user.”
Frequently asked
- Three layers. First, retrieval over schema documentation and query history, so the model has the right context, not just the table names. Second, an EXPLAIN-plan dry-run that catches join cardinality blow-ups, missing indexes, and runaway costs before the query ever executes. Third, a sandbox read-replica with a query timeout and a row-count cap, so a bad query is bounded in damage. The model never touches a primary database directly.
- Citations on every claim, pointing to the source rows the user can click through to verify. If the model can't cite, the answer isn't shown. It's returned as 'insufficient evidence' rather than fabricated. We treat the citation requirement as a hard guardrail in the output schema, not as a prompt instruction the model is free to ignore. The bias is toward refusing to answer rather than answering confidently with the wrong number.
- Learn the customer's baseline before alerting on it. We use seasonality-aware models (Prophet, STL, or a custom decomposition depending on the metric shape) with a configurable sensitivity threshold per metric, not a global one. Alerts include the historical context: 'this is 3.2x the rolling 30-day average, last comparable spike was Diwali 2025', so the on-call engineer can decide quickly. False-positive rate is tracked as a product KPI.
- Honest negative results. Most days, on most metrics, nothing significant has happened, and the right output is to say so. The insights surface ranks findings by statistical significance and business impact, returns 'no significant change' when that's true, and links every finding back to the source rows. We don't generate prose summaries that look smart on the surface. Analysts see through that fast.
- Hard isolation at the retrieval layer. Each customer's schema, query history, and source data lives in a tenant-scoped index that the LLM never sees outside the active session, with row-level security enforced at the query layer. We don't fine-tune cross-customer; the model is shared, the context is not. Every model call is logged with the tenant ID for the customer's compliance team to audit.