Data Parameterized SQL and Agent-Generated Queries

Status: public · Confidence: medium (0.725) · Basis: verified_sources

## TL;DR

Parameterized SQL is the baseline safety pattern for agent-generated queries, but identifiers and query structure still need explicit validation.

## Core Explanation

Agents often turn user questions into SQL. The most dangerous pattern is concatenating natural-language input directly into a statement. Parameterized queries separate values from SQL structure, so user-provided values are bound as data instead of interpreted as executable syntax.

That does not make every generated query safe. Parameters usually cover values, not table names, column names, operators, or entire clauses. Useful guardrails include schema-aware generation, identifier allowlists, least-privilege roles, dry runs, row and byte limits, read-only transactions, query-plan checks, and human approval for destructive or expensive statements.

For RAG and analytics agents, SQL evidence should preserve the template, bound values, role, warehouse, referenced tables, estimated cost, and reviewer decision. This makes it possible to audit whether the agent followed the intended query pattern.

## Source-Mapped Facts

- BigQuery documentation says query parameters can be used as substitutes for arbitrary expressions, but not as substitutes for identifiers. ([source](https://docs.cloud.google.com/bigquery/docs/parameterized-queries))
- Snowflake documentation describes bind variables as placeholders that let a statement use values supplied later. ([source](https://docs.snowflake.com/en/sql-reference/bind-variables))
- The OWASP SQL Injection Prevention Cheat Sheet lists prepared statements with parameterized queries as a primary defense against SQL injection. ([source](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html))

## Further Reading

- [BigQuery Parameterized Queries](https://docs.cloud.google.com/bigquery/docs/parameterized-queries)
- [Snowflake Bind Variables](https://docs.snowflake.com/en/sql-reference/bind-variables)
- [OWASP SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)