Stop AI Agents From SQL Injecting Your Database

Averi Kitsch, Staff Software Engineer at Google, outlines a four-step evolution for securing AI agents that access databases, moving from dangerous, model-controlled tools to a zero-trust architecture. Drawing on insights from over 20 million monthly tool calls, the talk provides a practical roadmap for preventing data leaks by separating identities, constraining actions, and removing credentials and PII from the agent's control.