| Threat | Mitigation |
|---|---|
| Prompt Injection | Regex scan on CSV headers + string values |
| Data Poisoning | Schema validation, dtype checks, row limits |
| Audit Trail | Every file logged to audit.log with timestamp |
INJECTION_PATTERNS = [
r"ignore previous", r"system prompt", r"<script",
r"DROP TABLE", r"__import__", r"os\.system", r"eval\(", r"exec\("
]- Minimum 2 columns required
- No empty DataFrames
- File size limit: 50MB
If SecurityValidatorAgent returns BLOCKED → orchestrator halts entire pipeline. No data reaches LLM.