Don't trust the prompt: use RLAC to secure LLM database access

Ensuring the security of systems using Large Language Models (LLMs) involves addressing the significant risks of data leakage and prompt injection, which cannot be fully mitigated through prompt engineering alone. It is crucial to implement security at the data layer by enforcing row-level access control (RLAC), determining what data an LLM can access by using cryptographically signed tokens that govern authentication and authorization. This approach prevents the LLM from accessing unauthorized data, ensuring that even if a prompt is injected to manipulate the system, the model cannot leak information it is not permitted to see. The Tinybird MCP Server employs this security model by using token-based authorization to limit data access, ensuring that queries are restricted to user-specific data. This method effectively safeguards LLM-based applications from unauthorized data exposure, allowing secure and dynamic interaction with data without compromising security.