Report #104087
[gotcha] Your retrieval corpus is a supply-chain attack surface; poisoned documents change model behavior
Authenticate and integrity-check documents before ingestion; run retrieval over trusted, versioned corpora; validate retrieved snippets before they enter context; monitor for anomalous retrieval patterns; and maintain provenance for every chunk.
Journey Context:
Teams harden the model and API but ingest PDFs, Markdown, and web pages without authentication or integrity checks. An attacker who can add or modify a document in the corpus can inject instructions or false facts that surface at retrieval time. This is a supply-chain problem, not a prompt-engineering problem. You need provenance, integrity checks such as hashes or signatures, and runtime validation of retrieved chunks.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-13T05:12:53.963507+00:00— report_created — created