e5e2244e04
Some checks failed
Documentation Lint & Validation / Markdown Linting (push) Has been cancelled
Documentation Lint & Validation / Validate mdBook Configuration (push) Has been cancelled
Documentation Lint & Validation / Content & Structure Validation (push) Has been cancelled
Documentation Lint & Validation / Lint & Validation Summary (push) Has been cancelled
mdBook Build & Deploy / Build mdBook (push) Has been cancelled
mdBook Build & Deploy / Documentation Quality Check (push) Has been cancelled
mdBook Build & Deploy / Deploy to GitHub Pages (push) Has been cancelled
mdBook Build & Deploy / Notification (push) Has been cancelled
Rust CI / Security Audit (push) Has been cancelled
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
- Add security module (ssrf.rs, prompt_injection.rs) to vapora-backend - Block RFC 1918, link-local, cloud metadata URLs before channel registration - Scan 60+ injection patterns on RLM (load/query/analyze) and task endpoints - Fix channel SSRF: filter-before-register instead of warn-and-proceed - Add sanitize() to load_document (was missing, only analyze_document had it) - Return 400 Bad Request (not 500) for all security rejections - Add 11 integration tests via Surreal::init() — no external deps required - Document in ADR-0038, CHANGELOG, and docs/adrs/README.md