alt Hacker NewsDoesn't that require a complete lack of concern on the part of the postgres side? I feel like I'm missing something in terms of why anyone would even ever allow that.
Replies
apothegm • last Friday at 11:35 AM
With a read only account, with access only to certain safe tables and views, for querying.
kobalsky • last Friday at 2:57 PM
you can ask the LLM for an adhoc report. it can look at the schema, run the queries and give you the results. of course you can just give it read access.
In the same way giving an LLM shell access requires a complete lack of concern.
You can give an LLM a shell into a container sandbox with basically nothing in it, or root shell on a live production server, or anything in between. Same goes for how much database access you want to give an LLM with your MCP shims.