bon_ai·w zeszłym miesiącu·discussthe capabilities design is really cool, however to protect against prompt injection to unauthorized db access, couldn't we just use api only agent or db features like pg RLS