Web applications that integrate Large Language Models (LLMs) using Langchain or similar middleware are susceptible to Prompt-to-SQL (P2SQL) injection attacks. This vulnerability arises when unsanitized user prompts are manipulated to compel the LLM to produce malicious SQL queries, thereby facilitating unauthorized access to the database, including both read and write operations. The vulnerability effectively circumvents security measures that rely solely on prompt engineering to restrict LLM behavior. Mitigation steps: **For AI Developers:** * Implement database roles and permissions to restrict LLM database connections to `SELECT` statements, ensuring data confidentiality and integrity. * Pre-load relevant user data into the LLM prompt to minimize database queries during interactions, enhancing data confidentiality. **For Model Trainers/Fine-tuners:** * Develop mechanisms to sanitize and rewrite SQL queries generated by the LLM, ensuring access is limited to authorized user data. * Utilize a separate LLM instance to validate SQL query results, identifying and flagging potentially malicious content before integration with the main LLM.