Skip to content

fix: wire VectorDBInjectionDetector into proxy + runtime audit#326

Merged
andres-linero merged 1 commit intomainfrom
fix/vector-db-detector-proxy-wiring
Mar 8, 2026
Merged

fix: wire VectorDBInjectionDetector into proxy + runtime audit#326
andres-linero merged 1 commit intomainfrom
fix/vector-db-detector-proxy-wiring

Conversation

@msaad00
Copy link
Owner

@msaad00 msaad00 commented Mar 8, 2026

Summary

  • VectorDBInjectionDetector was implemented and tested but never wired into the live proxy — it only existed as dead code at runtime
  • runtime/__init__.py also didn't export it, so external callers couldn't use it
  • AUDIT.md expanded with full runtime/API/data-flow audit (Areas 4–6)

Changes

src/agent_bom/runtime/__init__.py

  • Added VectorDBInjectionDetector to imports and __all__

src/agent_bom/proxy.py

  • Instantiates VectorDBInjectionDetector alongside ResponseInspector
  • Calls vector_detector.check() on every tool response in relay_server_to_client()
  • For confirmed vector tool names (similarity_search, retrieve, rag_query, fetch_context, etc.) severity is upgraded to CRITICAL and alerts are tagged cache_poison_*

AUDIT.md

  • Added Area 4 (Runtime layer): proxy data flow, 7 detectors table, fixed issues
  • Added Area 5 (API layer): FastAPI middleware stack, auth/audit log security properties
  • Added Area 6 (Data flow): end-to-end pipeline diagram
  • Updated audit summary table
  • Updated next-audit checklist

Test plan

  • tests/test_runtime_detectors.py — all 88 tests pass (VectorDBInjectionDetector already tested)
  • tests/test_proxy.py — proxy relay tests pass
  • tests/test_proxy_metrics.py — metrics tests pass

@msaad00
fix: wire VectorDBInjectionDetector into proxy + runtime audit
e13ae8b 
- `runtime/__init__.py`: export VectorDBInjectionDetector in __all__
- `proxy.py`: instantiate VectorDBInjectionDetector alongside ResponseInspector;
  check every tool response for cache poisoning with CRITICAL severity upgrade
  for confirmed vector tool names (similarity_search, retrieve, rag_query, etc.)
- `AUDIT.md`: add full runtime/API/data-flow audit (Areas 4-6), mark O4 fixed
@msaad00 msaad00 requested a review from andres-linero as a code owner March 8, 2026 00:50
@github-actions
Copy link
Contributor

github-actions bot commented Mar 8, 2026

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@andres-linero andres-linero merged commit 2de43ff into main Mar 8, 2026
16 checks passed
@andres-linero andres-linero deleted the fix/vector-db-detector-proxy-wiring branch March 8, 2026 00:52
@msaad00 msaad00 restored the fix/vector-db-detector-proxy-wiring branch March 8, 2026 00:54
This was referenced Mar 8, 2026
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andres-linero andres-linero andres-linero approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@msaad00 @andres-linero