▲ | ljm 3 days ago | |||||||
> agents query production systems How do you handle PII or other sensitive data that the LLM shouldn’t know or care about? | ||||||||
▲ | traverseda 3 days ago | parent | next [-] | |||||||
That's an odd question. If you have a regular ORM how do you handle sensitive data that your user shouldn't know about? You add some logic or filters so that the user can only query their own data, or other data they have permission to access. It's also addressed directly in the README. https://github.com/featureform/enrichmcp?tab=readme-ov-file#... I know LLMs can be scary, but this is the same problem that any ORM or program that handles user data would deal with. | ||||||||
| ||||||||
▲ | ethan_smith 3 days ago | parent | prev [-] | |||||||
You could implement field-level access controls with attribute decorators that mask PII during serialization, similar to how SQLAlchemy's hybrid_property can transform data before it reaches the agent context. |