If you discover a security vulnerability in this project, please report it responsibly:
- Do NOT open a public GitHub issue.
- Contact the development team directly or create a private security advisory on this repository.
- Include steps to reproduce, impact assessment, and any suggested fixes.
We aim to acknowledge reports within 2 business days and provide a remediation timeline within 5 business days.
This system retrieves organizational policy documents and does not store electronic Protected Health Information (ePHI). However, user-submitted chat queries may inadvertently contain patient information. See the full security documentation for mitigations (truncation, 90-day retention, no user identifiers).
- Authentication: Azure AD (JWT) with tenant/audience verification
- Input Validation: OData injection prevention, prompt injection defense (unicode normalization, homoglyph mapping), query length limits
- XSS Protection: DOMPurify sanitization on all rendered content
- Rate Limiting: Per-IP rate limiting via slowapi (30 req/min default)
- Resilience: Circuit breaker pattern for Azure OpenAI outages
- Static Analysis: Semgrep (10 custom rules), Bandit (pre-commit), CodeQL (CI), pip-audit, npm audit
- Security Headers: CSP, HSTS, X-Frame-Options, X-Content-Type-Options
For complete security architecture, see docs/SECURITY.md.