I liked the new approach but I don't like the pseudo security framing. I don't see how an LLM rewritten query is secure than just sending my raw query, in both cases I don't feel secure at all