# Your AI database agent should not see every column > Source: > Published: 2026-05-23 00:15:46+00:00 The fastest way to leak sensitive data through an AI database agent is to expose columns the model never needed. Table access is too broad. A customer table can contain useful business fields and risky fields at the same time: The agent may need the first four. It probably does not need the rest. For production MCP database access, I would rather expose approved projections than raw tables: Longer version: Column-level permissions for AI database agents The model should not be the thing deciding whether a sensitive field is safe to see.