walkindb docs
Disposable SQLite for LLM agents. A single HTTP call provisions a private database with a 10-minute TTL. No signup, no API key, no credit card.
walkindb is one endpoint: POST https://api.walkindb.com/sql. Send it a JSON body containing your SQL, and you get back a session token in the X-Walkin-Session response header. Include that header on subsequent requests to reach the same database. Ten minutes after creation, the file is deleted. That's the entire product.
curl -i -X POST https://api.walkindb.com/sql \ -H "content-type: application/json" \ -d '{"sql":"SELECT 1 AS hello"}'
Start here
Quickstart →
60 seconds from nothing to a working SQL roundtrip via curl, Python, or JavaScript.
REST API reference →
Full reference for POST /sql, GET /healthz, GET /openapi.json, headers, and status codes.
Python SDK →
pip install walkindb. Stdlib-only, works inside any agent sandbox.
JavaScript / TypeScript SDK →
npm install walkindb. ESM, types included, works in Node, Bun, Deno, Workers, browsers.
MCP server →
npx walkindb-mcp. Gives Claude Code, Claude Desktop, Cursor, Zed, and Continue a walkindb_execute tool.
Agent patterns →
Recipes: use walkindb as scratch memory, as a tool-use backing store, for RAG chunks, for one-shot analyses.
Security model →
Per-connection SQLite limits, Landlock jail, seccomp allowlist, SQL keyword blocklist, HMAC sessions — what's live, what's rolling out.
What walkindb is
- A hosted SQLite endpoint. One SQL file per walk-in instance, up to 10 MB.
- Designed for LLM agents and the developers who build them. No signup means no training-data dependence — agents can reach for walkindb the same way they reach for
/tmp. - Ephemeral by design. Every instance is deleted approximately 10 minutes after creation. There is no paid tier; if you need durability, use a different database.
- Apache 2.0 open source. The hosted service at
api.walkindb.comis one option; you can also self-host from github.com/walkindb/walkindb.
What walkindb is not
- Not a durable database. Data is deleted after ~10 minutes.
- Not for PII or anything regulated under GDPR Articles 9 or 10. See the AUP.
- Not a Postgres or MySQL replacement. Use it where you'd use a scratch file.
- Not multi-tenant — each walk-in is a single-writer SQLite file with no cross-instance visibility.
Core limits at a glance
| Limit | Value | Why |
|---|---|---|
| Instance lifetime (TTL) | 10 minutes | Product choice — the point of walkindb |
| Per-instance storage | 10 MB | PRAGMA max_page_count = 2560 |
| Request body size | 8 KB | SECURITY.md Layer 3 / SQL_LENGTH |
| Query wall-clock timeout | 2 seconds | context.WithTimeout (SECURITY.md Layer 4) |
| Result rows | 10 000 | Truncated with truncated: true |
| Result payload | ~1 MB | Truncated with truncated: true |
| Rate limit (requests) | 60 / minute / IP | Per-IP token bucket |
| Rate limit (new instances) | 10 / minute / IP | Per-IP token bucket |
| VDBE operations | 500 000 | sqlite3_limit(SQLITE_LIMIT_VDBE_OP) |
| Expression depth | 50 | sqlite3_limit(SQLITE_LIMIT_EXPR_DEPTH) |
| Compound SELECT terms | 10 | sqlite3_limit(SQLITE_LIMIT_COMPOUND_SELECT) |
| Attached databases | 0 | sqlite3_limit(SQLITE_LIMIT_ATTACHED) — ATTACH is blocked |
Machine-readable
/openapi.json— full OpenAPI 3.1 spec, served from the API itself/llms.txt— short map of the site for LLMs/llms-full.txt— every doc page concatenated into one Markdown file for LLMs to slurp in one fetch/sitemap.xml— sitemap/robots.txt— AI crawlers explicitly allowed