Skip to main content

Built for trust

AI agents only earn a place in your workflow if admins can see what they’re doing and step in when it matters. Lightdash agents are designed around three principles: every interaction is visible to admins, risky actions need a human decision before they happen, and wrong answers get found and fixed rather than just logged. That matters because the usual alternative, broad warehouse access and ad hoc SQL, tends to leave little trace of what was queried, by whom, or whether anyone checked the result. Lightdash agents keep that same flexibility while making every question, generated query, and external tool call attributable, reviewable, and improvable. These principles come down to three pillars:
PillarWhat it meansWhere it lives
TransparencyEvery interaction is visible to admins, not just the person who ran itThread activity, MCP activity, Autopilot activity
ControlRisky actions require a human decision before they happen, and access is scoped by defaultSQL mode approval, data access control, MCP tool curation
GovernanceWrong answers get found and fixed, not just loggedReviews, Evaluations, Verified answers
Admins manage all of this from Settings → Ask AI, which groups thread history, MCP activity, and Reviews in one place, scoped to the projects each admin manages.

Thread activity

Every agent conversation, in the Lightdash app or Slack, is visible to admins under Threads. It’s the same record the person who asked the question sees: their question, the agent’s answer, and the query behind it. Admins use it to understand how agents are actually being used, and to pull real conversations into Evaluations as test cases.
Threads tab in Ask AI settings showing a list of agent conversations across projects

MCP activity

Agents don’t only answer questions about your data. Once you connect an MCP server, they can act in other tools too, filing a Linear issue or searching Notion, for example. The MCP tab extends the same visibility admins have into threads to those actions: what was called, by whom, and whether it succeeded.
MCP activity feed showing a list of tool calls with tool name, agent, status, and duration columns
Activity is retained for 90 days.
Which tools an agent is allowed to call is decided separately, per MCP server, in project settings. See choosing which tools are exposed.

Closing the loop: Reviews & Evaluations

Visibility on its own is a log. Paired with Reviews and Evaluations, it becomes a feedback loop: Reviews scans agent turns for likely-wrong answers and proposes a fix, and Evaluations turns any thread into a regression test so a fixed issue stays fixed.

Agents vs. raw SQL access

Raw warehouse SQL accessLightdash AI agents
Visibility into queriesOnly if you’ve built your own loggingEvery question and query, in Threads
Visibility into external actionsUntrackedEvery MCP call logged, with outcome
Review before executionNone, the query already ranSQL mode requires approval first
Row and column securityOnly as strong as your warehouse grantsInherits your existing user attributes
Catching a wrong answerYou find out when someone noticesReviews surfaces it proactively