Back to browse
GitHub Repository

A deterministic SQL access guard for LLM text-to-SQL agents: enforce each user's real data-access rules on generated queries, keep the agent aware of the full catalog, and answer honestly about what it can't see.

1 starsJupyter Notebook

Access-aware text-to-SQL – stop LLM agents overfetching data

by dimitarst·Jul 7, 2026·1 point·1 comment

AI Analysis

●●SolidBig BrainNiche Gem

Deterministic guard prevents overfetching when 121 adversarial tests pass.

Strengths
  • Enforcement happens outside the model so prompts can't bypass access rules
  • Full catalog visibility lets agents know what tables exist without accessing them
  • 74 adversarial tests specifically probe for authorization bypass vulnerabilities
Weaknesses
  • Requires Python 3.14+ which limits adoption to bleeding-edge environments
  • Text-to-SQL security is emerging space with few established patterns to compare
Category
Target Audience

Developers building text-to-SQL agents with multi-user access control

Similar To

LangChain SQL agents · LlamaIndex SQL tools · Vanna AI

Similar Projects

AI/ML●●Solid

Routiium – self-hosted LLM gateway with a tool-result guard

Guards tool outputs against injection attacks, unlike LiteLLM or Helicone.

Solve My ProblemBig Brain
deadpixel
202mo ago