The LLM never writes the query: declarative search layer over sensitive records
An internal assistant tool allows staff to search sensitive records using plain language requests. The tool translates these requests into specific search criteria while ensuring data security and access permissions. This system prevents unauthorized data access by using a fixed vocabulary for search parameters instead of a free-form query language.
- ▪The assistant tool enables staff to find sensitive records by typing requests in plain language.
- ▪It uses a fixed vocabulary to ensure that only authorized fields are searchable by each user.
- ▪The system is designed to prevent unauthorized access to sensitive data by validating search criteria against a registry.
Opening excerpt (first ~120 words) tap to expand
← All writing The LLM never writes the query: a declarative search layer over sensitive records May 21, 2026 14 min read ai · architecture · engineering We have an internal assistant. One of the things it does is find people. By people I mean records in a system of record — names, contacts, home addresses, current assignments, and other personal details that exist in exactly one place and actually matter. This is the most sensitive data we hold. Staff can search it by typing a request in plain language, such as “find translators in France who speak Spanish,” and getting an answer back. The model handles the request itself without much trouble. This post is about what happens between the request and the answer. The setup First, some background on what the assistant is.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Alec Jude Wilson.
Discussion
0 commentsMore from Alec Jude Wilson
