Why it matters
SQL injection via LLM affects text-to-SQL apps. Understanding shapes DB agent safety.
Advertisement
The architecture
LLM generates SQL from NL.
Attacker crafts input to inject.
Malicious SQL executed.
Advertisement
How it works end to end
Read-only DB user.
Row-level security.
Query validator: no DDL, no writes.
Parameterize where possible.