This happened because AI agents are directly talking to databases or equivalent infrastructure, so it was bound to happen.

I've built something to fix it.

https://github.com/fazhq/faz

Faz sits between your AI agent and your database, so every query passes through a safety pipeline before it ever touches your data.