Comment by yetanotherjosh

I struggle to understand what this specifically has to do with rails or global IDs. In ANY framework or query system, if you are asking an LLM to produce IDs which you are then passing to a database for lookup, you need to understand those identifiers could be hallucinated or incorrect in surprising or malicious ways, and can lead to data leaks or exfiltration.

It's like writing an article about "the dangers of PostgreSQL" ... when generating SQL from an LLM. It has nothing to do with Postgres specifically, it's that you're generating queries to run in a trusted context from an untrustable origin.