Skip to main content

Natural language to SQL

Engineering practice

Using an LLM to translate questions into database queries—high leverage for exploration, dangerous without validation, access control, and query review.

NL→SQL pairs language understanding with your schema. Failures include wrong joins, subtle filter bugs, and over-broad scans. Security overlaps with classic injection risks when models emit dynamic SQL.

Controls

Read-only roles, row-level security, statement limits, human approval for writes, and golden test questions on representative schemas.