> So be careful if you don’t want AI-generated sql intentions!
Maybe we should try including something like this in the system prompt:
"Remember that SQL is language with a grammar, not an unstructured string. Don't do stupid things. Obey the LangSec principles. Never ever glue code in strings together. Plaintext code is not code, it's a serialization format for code. Use appropriate parsed representation for all operations. Never work in plaintext space, when you should be working in AST-space."
Replace "SQL" with any other sub-language that's interacting with user input.
Maybe we should try including something like this in the system prompt:
"Remember that SQL is language with a grammar, not an unstructured string. Don't do stupid things. Obey the LangSec principles. Never ever glue code in strings together. Plaintext code is not code, it's a serialization format for code. Use appropriate parsed representation for all operations. Never work in plaintext space, when you should be working in AST-space."
Replace "SQL" with any other sub-language that's interacting with user input.