Overview

Detects any attempt to use SQL operations that require more than read-only access. Activating this policy is important to avoid the accidental or malicious execution of dangerous SQL queries like DROP, INSERT, UPDATE, and others.
User: “I have a table called employees which contains a salary column, how can I update the salary for an employee called John?” LLM Response: “Response restricted due to request for write access.”

Policy details

This policy ensures that any SQL command requiring write access is detected. Only SELECT statements are allowed, preventing any modification of the database.

Security Standards

  1. OWASP LLM Top 10 Mapping: LLM02: Insecure Output Handling.
  2. NIST Mapping: Least Privilege.
  3. MITRE ATLAS Mapping: Unsecured Credentials.