Preciso instalar algo ou criar conta?

Não. O Insight é grátis, sem cadastro e roda no navegador. Você abre, cola o CREATE TABLE e na hora aparece o diagrama, a auditoria e o código.

Meu SQL é enviado para algum servidor?

Não. Todo o processamento — parsing, diagrama, auditoria, estimativa e geração de código — acontece dentro do seu navegador. O schema não sai da sua máquina; o único lugar onde algo é guardado é o localStorage do seu próprio navegador, para você não perder o trabalho.

Funciona com MySQL e PostgreSQL?

Sim. O parser entende o CREATE TABLE dos dois, incluindo opções de tabela (ENGINE, charset), tipos com tamanho (VARCHAR(150), DECIMAL(10,2)) e chaves estrangeiras explícitas.

A auditoria de LGPD substitui um especialista?

Não. Ela é um primeiro raio-x automático que pega os erros mais comuns: senha em campo curto demais para hash forte, dado pessoal (CPF, e-mail, telefone) sem cuidado, cartão/CVV exposto e tabela sem chave primária. Casos sensíveis ainda pedem a análise de um profissional.

Development June 16, 2026 6 min read 683

How to generate an ER diagram from SQL (no install, no account, with security audit)

I inherited a database with zero documentation: raw schema, no diagram, no idea if there were security flaws or LGPD issues. Insight solves this in the browser — paste the SQL, get the diagram, the security audit, and the ready-made model code.

A few months ago I took over a project for maintenance. The client sent me a .sql file with the "system database" and a "check if everything's alright". I opened it: forty-something tables, thousands of lines of CREATE TABLE, zero documentation, zero diagram. To understand how users connected to orders and payments, I'd have to read it line by line. And reading is how I found the scare: CPF and card numbers stored in plain text fields, a password in a VARCHAR(32) (meaning MD5 or plain text). That database was a privacy-law fine waiting to happen — and nobody had noticed. That day I stopped reading schemas by hand and built Insight.

The problem: the database is the most important and least visible part of the system

Almost every serious software bug starts in a poorly planned data structure. But the database is exactly the part you don't see — it's text. And when you really need to understand a schema, you hit four walls:

Seeing the drawing. You have the SQL but not the blueprint. The tools that draw diagrams are either heavy (install the whole Workbench), or ask you to upload your schema to a third-party site — and the schema is literally your product's blueprint, sensitive info — or lock everything behind a signup and a paid plan.
Knowing it's safe (and legal). A password in a field too short for a strong hash, CPF/email/phone thrown in without care, a card number or CVV stored, a table with no primary key. None of this shows up on its own — you only find out when it becomes an incident, a leak or a fine.
Estimating the cost. Before renting a server, how much will your database actually take up? Without that, you either overpay "to be safe" or find out too late that you ran out of space.
Writing the boilerplate. After understanding the database, you still have to hand-type dozens of migrations and models — mechanical work nobody enjoys.

The common thread: you need to talk to a database that only speaks raw SQL, and the tools for it are either too much, or want your data, or want your card.

The solution: Insight, free and with nothing uploaded

Insight does one thing well: you paste the CREATE TABLE and it hands you, instantly, your database blueprint. Nothing to install, no signup, free — and the detail that's non-negotiable for me: 100% in the browser. The SQL you paste isn't sent to any server, doesn't go through an API, isn't saved anywhere but your own machine. It makes sense: the schema describes how your product works inside; that shouldn't have to leave your computer just so you can see a drawing.

What it gives you, all at once

An instant ER diagram. Each table becomes a visual, draggable block. Relationships are linked automatically — both declared foreign keys (FOREIGN KEY ... REFERENCES) and the user_id → users convention everyone uses.
A security & privacy audit. A security score and a list of risks in plain language: "this password fits a field too short for a strong hash", "this field is a CPF and needs privacy care", "this is a card number, mind PCI-DSS", "this table has no primary key". It's the X-ray that would have saved me on that project.
A size estimate. Tell it how many rows each table should hold and it estimates the space — so you size the server before renting it, not after.
Ready-to-use code. One click generates the migrations in Laravel or the models in Sequelize, with mapped types and the right nullable fields. You leave the diagram already holding the back-end skeleton.

Map my database now

FAQ

Do I need to install anything or create an account? No. It's free, no signup, runs in the browser — open it, paste the CREATE TABLE and that's it.
Is my SQL sent to any server? No. All processing happens in your browser; the schema never leaves your machine. The only place anything is stored is your own browser's localStorage, so you don't lose your work.
Does it work with MySQL and PostgreSQL? Yes. The parser understands the CREATE TABLE of both, including table options (ENGINE, charset), sized types and foreign keys.
Does the privacy audit replace an expert? No — it's a first automatic X-ray that catches the common mistakes (weak password storage, exposed personal data, no primary key). Sensitive cases still call for dedicated analysis.