That sounds like the right way to handle it. What about the Python code that is run? That seems harder to lock down than the read-only data permissions.
Very cool! Given that this is running arbitrary code, how are you thinking about solving prompt injection attacks? Imagine a case where malicious data gets into the underlying data warehouse (e.g. a malicious user…
That sounds like the right way to handle it. What about the Python code that is run? That seems harder to lock down than the read-only data permissions.
Very cool! Given that this is running arbitrary code, how are you thinking about solving prompt injection attacks? Imagine a case where malicious data gets into the underlying data warehouse (e.g. a malicious user…