Vanna 2.0 turns natural language questions into SQL and answers, with enterprise security and user-aware permissions.
Vanna 2.0 is a tool that converts natural language questions into SQL queries and returns data insights, including streaming progress updates, SQL code blocks, interactive data tables, Plotly charts, and natural language summaries. It is user-aware at every layer, automatically filtering queries per user permissions, and includes enterprise security features such as row-level security, audit logs, and rate limiting. It ships with a pre-built `<vanna-chat>` web component and supports FastAPI/Flask integration, observability, and lifecycle hooks. Vanna works with any LLM, any database, and your existing authentication system.
Designed for natural language to SQL data analytics with user-aware permissions and production deployments, including a pre-built web chat component and backend that integrate with existing authentication systems.
Despite no autonomy signals in the entrypoint code, the README clearly describes an agentic workflow where the agent receives a natural-language question and autonomously executes SQL tools against a live database without per-step human confirmation. The sequence diagram shows User → Agent → Tool → "Execute SQL tool (user-aware)" → results streamed back, with no confirmation step. The framework provides a `Tool` base class, user-aware tool execution, and lifecycle hooks, indicating the agent invokes tools and runs queries autonomously as part of a multi-step chat loop. This is not merely advisory output — the agent actually runs queries against connected databases.
Side effects
• Executes SQL queries against connected production databases
• Reads and returns user-permission-filtered data (row-level security)
• Streams tables, charts, and summaries to a web UI
• Writes audit logs per query
• Consumes per-user rate-limit quotas