[ilaksh]

I think rather than just throwing this type of amazing ability out entirely due to potential malicious users, you can consider things like:

- using for internal tools with relatively small userbases such as employees in your department.

- using it with GPT-4 instead of 3.5 which can do a much better job of detecting malicious use.

- make a read-only copy of just the data that you want to expose.

- use a similar strategy but with something like PostgreSQL that has row-level-security.

[segfaltnh]

I like the part where the solution to LLMs being fundamentally the wrong interface is more LLMs.

[ilaksh]

LLMs are fundamentally the right interface. The dream of SQL was always to enable more people to query their data with something closer to natural language. Having an LLM in front finally makes this use case feasible. Current LLM capabilities are actually perfect for translating natural language to SQL.