Recently, many teams are working on Text-to-SQL, ChatBI, or data analysis Agents. One underestimated issue is that SQL generated by LLMs should not directly enter production databases. This article discusses: addressing the common misconception that "prompt rules can control generated SQL," and explaining why pre-execution validation is still necessary. Key points: Prompts can guide the model, but cannot enforce database security. Generated SQL requires deterministic pre-execution validation. The correct pattern is prompt guidance + parser/catalog/policy/audit checks. Original link: dpriver.com/blog/prompt-engineering-cannot-secure…