Docker-first local demo

Run the database MCP safety demo locally with one command.

No Synapsor Cloud account, API key, billing, or browser login. The local runner starts disposable Postgres and MySQL fixtures, exposes semantic MCP tools, creates evidence-backed proposals, and proves guarded writeback, idempotency, stale-row conflict, and replay.

Run local Docker demo Read quickstartExample link hidden until repo is public

No Cloud account

Disposable containers

Source DB unchanged until approval

First run

The local path should feel like trying a library, not provisioning Cloud infrastructure.

The Docker-only demo command owns the setup. It builds the local runner image, creates the disposable databases, seeds fixtures, runs the MCP smoke path, exports replay artifacts, and tears down the local resources.

Docker is the only host dependency for the primary path.
The model never receives database credentials.
The MCP tool is semantic, not raw SQL.
Approval is separate from proposal creation.
A changed source row returns conflict instead of a silent overwrite.

bash

# After cloning the Synapsor Runner repository:
./scripts/demo-docker.sh

# Optional contributor path if Node/Corepack is already installed:
corepack pnpm demo:local

What the command proves

The local demo shows the exact database-commit boundary, end to end.

Tool discovery

The MCP client sees semantic tools such as billing.propose_late_fee_waiver, not a generic SQL escape hatch.

Trusted context

Tenant, principal, and object scope are bound by the runner config and request context, not invented by the model.

Evidence and diff

The request produces evidence rows plus an exact before/after change set. Nothing has touched the source database yet.

Approval boundary

Approval is a separate local CLI action. The model cannot approve or commit its own proposal.

Guarded writeback

The trusted runner applies a single-row parameterized update with tenant, primary-key, allowed-column, version, and idempotency checks.

Replay

The demo exports the run, evidence, proposal, approval, writeback receipt, idempotent retry, and stale-row conflict receipt.

Proposal first

The agent request becomes a reviewable change set, not an immediate write.

The demo asks for a late-fee waiver. Synapsor Runner records the evidence, target row, expected row version, and proposed patch. The source database still says the original invoice is overdue until a separate approval and runner execution happen.

diff

Invoice INV-1021
Tenant: acme

late_fee_cents
- 5500
+ 0

status
- overdue
+ waiver_pending_review

Trusted runner

Writeback is parameterized and conflict checked.

The runner builds the SQL from a reviewed writeback mapping. It checks tenant, primary key, allowed columns, expected version, idempotency, and affected row count before returning an applied, conflict, failed, or canceled receipt.

sql

UPDATE invoices
SET late_fee_cents = $1,
    status = $2,
    updated_at = NOW()
WHERE id = $3
  AND tenant_id = $4
  AND updated_at = $5; -- conflict guard from the proposal snapshot

Docker workspace

Everything needed for the demo is local and disposable.

The local demo is designed for the first 10 minutes of evaluation. It does not require hosted Synapsor, and it does not upload your database URLs, passwords, prompts, table data, or write credentials.

Cloud mode is optional after the local proof.

When teams need shared approvals, RBAC, hosted replay search, or runner fleet status, the same runner can register with Synapsor Cloud using a scoped runner token.

Postgres fixture

Seeded invoices, customers, support evidence, and policy rows for the main demo path.

MySQL fixture

Seeded order workflow fixture to prove the same runner shape works outside Postgres.

MCP server

Local stdio server exposing semantic database tools from runner config.

Local store

SQLite proposal/evidence/replay store inside the demo workspace.

Trusted runner

Applies approved jobs only after approval and guard validation.

Teardown

The script removes disposable containers, volumes, and temp files after the run.

Expected output

A successful run should show source unchanged, applied receipt, idempotent retry, stale conflict, and replay.

Proposal created while source is unchanged

Approved writeback is applied by trusted runner

Second apply returns idempotent receipt

Stale proposal returns conflict, not overwrite

Replay export links evidence, proposal, receipt, and conflict

text

1. Docker starts disposable Postgres and MySQL fixtures.
2. The MCP server exposes semantic tools, not execute_sql.
3. The agent request creates a Synapsor proposal with evidence and an exact diff.
4. The source database remains unchanged before approval.
5. Approval creates a guarded writeback job for the trusted runner.
6. The runner applies a parameterized UPDATE with tenant, primary-key, allowed-column, version, and idempotency checks.
7. A retry returns the same idempotent receipt.
8. A stale proposal returns conflict and applies no write.
9. Replay exports the evidence, proposal, approval, writeback receipt, and conflict receipt.

Next step

Use Docker locally first. Add Cloud only when shared control matters.

MCP quickstart Runner architecture

Synapsor

Public demoGet access

Public demo

Preparing safe database demo...

Loading the agent timeline, policy checks, and approval workflow.

Synapsor

Local MCP demoGet access

Docker-first local demo

Run the database MCP safety demo locally with one command.

Run local Docker demo Read quickstartExample link hidden until repo is public

No Cloud account

Disposable containers

Source DB unchanged until approval

First run

The local path should feel like trying a library, not provisioning Cloud infrastructure.

Docker is the only host dependency for the primary path.
The model never receives database credentials.
The MCP tool is semantic, not raw SQL.
Approval is separate from proposal creation.
A changed source row returns conflict instead of a silent overwrite.

bash

# After cloning the Synapsor Runner repository:
./scripts/demo-docker.sh

# Optional contributor path if Node/Corepack is already installed:
corepack pnpm demo:local

What the command proves

The local demo shows the exact database-commit boundary, end to end.

Tool discovery

The MCP client sees semantic tools such as billing.propose_late_fee_waiver, not a generic SQL escape hatch.

Trusted context

Tenant, principal, and object scope are bound by the runner config and request context, not invented by the model.

Evidence and diff

The request produces evidence rows plus an exact before/after change set. Nothing has touched the source database yet.

Approval boundary

Approval is a separate local CLI action. The model cannot approve or commit its own proposal.

Guarded writeback

The trusted runner applies a single-row parameterized update with tenant, primary-key, allowed-column, version, and idempotency checks.

Replay

The demo exports the run, evidence, proposal, approval, writeback receipt, idempotent retry, and stale-row conflict receipt.

Proposal first

The agent request becomes a reviewable change set, not an immediate write.

diff

Invoice INV-1021
Tenant: acme

late_fee_cents
- 5500
+ 0

status
- overdue
+ waiver_pending_review

Trusted runner

Writeback is parameterized and conflict checked.

sql

UPDATE invoices
SET late_fee_cents = $1,
    status = $2,
    updated_at = NOW()
WHERE id = $3
  AND tenant_id = $4
  AND updated_at = $5; -- conflict guard from the proposal snapshot

Docker workspace

Everything needed for the demo is local and disposable.

Cloud mode is optional after the local proof.

When teams need shared approvals, RBAC, hosted replay search, or runner fleet status, the same runner can register with Synapsor Cloud using a scoped runner token.

Postgres fixture

Seeded invoices, customers, support evidence, and policy rows for the main demo path.

MySQL fixture

Seeded order workflow fixture to prove the same runner shape works outside Postgres.

MCP server

Local stdio server exposing semantic database tools from runner config.

Local store

SQLite proposal/evidence/replay store inside the demo workspace.

Trusted runner

Applies approved jobs only after approval and guard validation.

Teardown

The script removes disposable containers, volumes, and temp files after the run.

Expected output

A successful run should show source unchanged, applied receipt, idempotent retry, stale conflict, and replay.

Proposal created while source is unchanged

Approved writeback is applied by trusted runner

Second apply returns idempotent receipt

Stale proposal returns conflict, not overwrite

Replay export links evidence, proposal, receipt, and conflict

text

1. Docker starts disposable Postgres and MySQL fixtures.
2. The MCP server exposes semantic tools, not execute_sql.
3. The agent request creates a Synapsor proposal with evidence and an exact diff.
4. The source database remains unchanged before approval.
5. Approval creates a guarded writeback job for the trusted runner.
6. The runner applies a parameterized UPDATE with tenant, primary-key, allowed-column, version, and idempotency checks.
7. A retry returns the same idempotent receipt.
8. A stale proposal returns conflict and applies no write.
9. Replay exports the evidence, proposal, approval, writeback receipt, and conflict receipt.

Next step

Use Docker locally first. Add Cloud only when shared control matters.

MCP quickstart Runner architecture