Jk, The real reason has always been to enforce access policy, do easy CRUD interfaces and so on.
Now with all these agents being built, I figured they should not be making SQL calls directly (just like junior eng :P).
So i present ormAI, this is the official blurb.
OrmAI wraps your existing ORM models in a policy-enforced runtime. Your agents get typed tools for querying and writing data — while you keep control over what they can see and do. No raw SQL. No prompt injection into your database. Just safe, auditable, tenant-scoped database tools.
I did benchmark it with Text to SQL tools, and for obvious reasons this did not do badly at all.
Check it out, write more AI agents.