If an attacker gains access to your SQL database, they steal rows. If they gain access to your Vector Database, they steal *meaning*. They can reconstruct your documents from embeddings.
Vector Injection Attacks
Similar to SQL Injection, attackers can inject "poisoned vectors" into your RAG pipeline. By embedding hidden instructions in white text within a PDF resume, they can force the retrieval system to surface that resume for every query.
RBAC at the Chunk Level
We implement Row-Level Security (RLS) for vectors. When a user queries the AI, their access token is passed to the Vector DB (e.g., Qdrant). The database filters results *before* semantic search happens. If the user isn't allowed to see "Project X," the AI will genuinely not know Project X exists.