AI Finance Agent

AI orchestration backend powering the WealthNudge ecosystem, routing financial requests across tools and analytics using a LangGraph state machine, secure Text-to-SQL validation, and dynamic MCP tool execution.

Business Context

This system extends WealthNudge by adding an intelligent AI layer that actively guides users through their financial decisions. Instead of only exposing dashboards and CRUD endpoints, the platform enables users to interact conversationally with their data.

The objective is to create a secure financial environment where users can

  • Log and modify financial data through natural language
  • Query analytics without writing SQL
  • Receive structured guidance while preserving strict data isolation

The AI layer is designed to enhance usability without compromising safety, performance, or tenant separation.

Engineering Architecture

Agent Orchestration (LangGraph)

Implemented an event-driven state machine with specialized nodes and conditional routing across four intent categories (domain action, analytics read, general inquiry, other). A shared AgentState model preserves session context across multi-step flows.

Secure Text-to-SQL Pipeline

Built a multi-stage validation system: Deterministic LLM SQL generation, Security validation enforcing SELECT-only queries and mandatory user filters, and Execution with automatic fallback to a safe query builder. This guarantees zero unsafe write operations while enabling flexible financial analytics.

MCP Tool Execution Layer

Designed a dynamic tool registry supporting seven financial domains (wallets, transactions, budgets, bills, goals, income, debts), allowing the agent to trigger structured backend operations.

CRUD Factory Pattern

Implemented a configurable factory that generates domain tools dynamically, significantly reducing duplication while maintaining strict schema validation and type safety.

Key Trade-offs

Flexibility vs. Security

Enabled natural language analytics while enforcing strict SQL validation and database-level Row-Level Security.

Scalability vs. Simplicity

Adopted a registry-based tool architecture to support multi-domain expansion at the cost of increased orchestration complexity.

Latency vs. Correctness

Accepted additional validation and routing layers to ensure financial correctness and tenant isolation.

Tech Stack & Tools

Languages

Python

Frameworks

FastAPILangGraphMCP

Database

PostgreSQLSupabase

Tools

Pydantic

Other

OpenAI GPT-4o-miniText-to-SQLRow-Level SecurityIntent classificationRate limiting