andrei/maternal-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36 Commits 2 Branches 1 Tag
4b8828fdad9a1ab2cb21d001c10a4fbbff3b53af
Commit Graph

2 Commits

Author SHA1 Message Date
Andrei
f640e091ce Add prompt injection protection for AI endpoints
Some checks failed
CI/CD Pipeline / Build Application (push) Has been cancelled
Details
CI/CD Pipeline / Lint and Test (push) Has been cancelled
Details
CI/CD Pipeline / E2E Tests (push) Has been cancelled
Details 
Implemented comprehensive security against prompt injection attacks:

**Detection Patterns:**
- System prompt manipulation (ignore/disregard/forget instructions)
- Role manipulation (pretend to be, act as)
- Data exfiltration (show system prompt, list users)
- Command injection (execute code, run command)
- Jailbreak attempts (DAN mode, developer mode, admin mode)

**Input Validation:**
- Maximum length: 2,000 characters
- Maximum line length: 500 characters
- Maximum repeated characters: 20 consecutive
- Special character ratio limit: 30%
- HTML/JavaScript injection blocking

**Sanitization:**
- HTML tag removal
- Zero-width character stripping
- Control character removal
- Whitespace normalization

**Rate Limiting:**
- 5 suspicious attempts per minute per user
- Automatic clearing on successful validation
- Per-user tracking with session storage

**Context Awareness:**
- Parenting keyword validation
- Domain-appropriate scope checking
- Lenient validation for short prompts

**Implementation:**
- lib/security/promptSecurity.ts - Core validation logic
- app/api/ai/chat/route.ts - Integrated validation
- scripts/test-prompt-injection.mjs - 19 test cases (all passing)
- lib/security/README.md - Documentation

**Test Coverage:**
 Valid parenting questions (2 tests)
 System manipulation attempts (4 tests)
 Role manipulation (1 test)
 Data exfiltration (3 tests)
 Command injection (2 tests)
 Jailbreak techniques (2 tests)
 Length attacks (2 tests)
 Character encoding attacks (2 tests)
 Edge cases (1 test)

All suspicious attempts are logged with user ID, reason, risk level,
and timestamp for security monitoring.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-01 20:15:11 +00:00
Andrei
8e3567e3d6 Add rate limiting to API endpoints
Some checks failed
CI/CD Pipeline / Lint and Test (push) Has been cancelled
Details
CI/CD Pipeline / E2E Tests (push) Has been cancelled
Details
CI/CD Pipeline / Build Application (push) Has been cancelled
Details 
Implemented comprehensive rate limiting for API security:

- Created custom Next.js-native rate limiter using in-memory store
- Added 5 rate limit configurations:
  - authLimiter: 5 requests/15min for login/register/password-reset
  - aiLimiter: 10 requests/hour for AI assistant queries
  - trackingLimiter: 30 requests/min for activity tracking
  - readLimiter: 100 requests/min for read-only endpoints
  - sensitiveLimiter: 3 requests/hour for sensitive operations

- Applied rate limiting to endpoints:
  - /api/auth/login, /api/auth/register, /api/auth/password-reset
  - /api/ai/chat
  - /api/tracking/feeding (GET and POST)

- Rate limit responses include standard headers:
  - RateLimit-Limit, RateLimit-Remaining, RateLimit-Reset
  - Retry-After header with seconds until reset

- Tested with 7 sequential requests - first 5 passed, last 2 blocked with 429

Note: Current implementation uses in-memory store. For production with
multiple instances, migrate to Redis-backed storage for distributed
rate limiting.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-01 20:08:28 +00:00