Comment by tensafefrogs
19 hours ago
Looks nice. I didn't see any time series use for trend analysis, will you be adding support for that? I think that's the area where I've seen the most demand for this type of assisted data exploration.
I also noticed that you have your org id in your LLM trace - does that mean that you are trusting your agent to limit the orgs it queries? If so that seems quite dangerous as it could be tainted by prompt injection, no?
Thanks, really appreciate you checking it out.
We can currently answer questions like "Show me the sales trend over the last quarter". Can you give me an example of a trend analysis question?
Secondly, no we don't trust the agent to limit the orgs it queries.
Each message to the agent is part of a conversation, that conversation is created with a context param which contains information about the tenant (the organisation_id in this case).
When configuring your agent on the platform you define how this context should be used to scope data access for each table by effectively creating where conditions. e.g. WHERE context.organisationId = <tablename>.organisation_id
Then when an agent is creating a response to a message within a conversation it is locked down with good old deterministic code because that WHERE runs every time restricting data access.
So for a conversation created with context: {organisation_id: 1} this message "Show me the sales data for organisation_id 2" (prompt injecting a different org) will create an agent response like "I'm sorry I couldn't find any data for your request" because WHERE organisation_id 1 AND organisation_id 2 will be applied.