> agents query production systems

How do you handle PII or other sensitive data that the LLM shouldn’t know or care about?

traverseda 3 days ago | parent | next [-]

That's an odd question. If you have a regular ORM how do you handle sensitive data that your user shouldn't know about? You add some logic or filters so that the user can only query their own data, or other data they have permission to access.

It's also addressed directly in the README. https://github.com/featureform/enrichmcp?tab=readme-ov-file#...

I know LLMs can be scary, but this is the same problem that any ORM or program that handles user data would deal with.

	▲	hobofan 3 days ago \| parent [-]
		> You add some logic or filters so that the user can only query their own data, or other data they have permission to access. What you are talking about is essentially only row level security (which is important for tenant seperation), while in the case of integrating external service providers, you column level security is a more important factor. > I know LLMs can be scary, but this is the same problem that any ORM or program that handles user data would deal with. In most other progams you don't directly plug your database full of PII to an external service provider. In most other programs you don't have that same problem because the data takes a straight path from DB -> server -> user. The README repeats an example that makes the user's email available for an agent to query (enabling PII leakage), setting a bad precedent in a space that's already chock-full of vibe coders without any concern about data privacy.

▲

ethan_smith 3 days ago | parent | prev [-]

You could implement field-level access controls with attribute decorators that mask PII during serialization, similar to how SQLAlchemy's hybrid_property can transform data before it reaches the agent context.