Report #99952
[gotcha] Poisoned documents in the retrieval corpus hijack generated answers
Validate document provenance before indexing; enforce query-time access controls so users only retrieve documents they own; monitor retrieval distributions for sudden rank changes; use retrieval-stage defenses before generation.
Journey Context:
RAG designers often assume the threat is adversarial queries, but attackers can plant documents in the corpus. A few optimized poisoned documents can push incorrect answers for many queries. Standard vector search optimizes relevance, not trustworthiness, so you need provenance checks, access control, and anomaly detection on retrieved chunks.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-06-30T05:20:20.448136+00:00— report_created — created