From 888297d65a2df0da8130bc7090f4723eea6dad81 Mon Sep 17 00:00:00 2001 From: AGI-Corporation <186229839+AGI-Corporation@users.noreply.github.com> Date: Tue, 14 Apr 2026 16:52:48 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=9B=A1=EF=B8=8F=20Sentinel:=20[MEDIUM]=20?= =?UTF-8?q?Fix=20Exception=20Details=20Exposure=20in=20Mistral=20Agent?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com> --- .jules/sentinel.md | 5 +++++ agents/mistral_agent/agent.py | 10 +++++++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.jules/sentinel.md b/.jules/sentinel.md index f07ab16..8da6ac7 100644 --- a/.jules/sentinel.md +++ b/.jules/sentinel.md @@ -7,3 +7,8 @@ **Vulnerability:** Not a direct security vulnerability, but an environmental instability. The `requirements.txt` allowed `mistralai>=1.1.0`, which pulled in version 2.x. **Learning:** MistralAI 2.x introduces breaking changes in the client import structure (`from mistralai import Mistral` fails if not using the new client correctly or if expecting the old one). This caused the entire application (including security tests) to fail on startup. **Prevention:** Pin critical dependencies like `mistralai==1.1.0` in `requirements.txt` to ensure consistent behavior across development and CI environments, especially when using agents that rely on specific API structures. + +## 2026-04-14 - Information Leakage in API Exception Handling +**Vulnerability:** FastAPIs `HTTPException` endpoints (`/gap-analysis`, `/code-review`, `/ask`) were exposing raw internal exception details (`str(e)`) directly to clients on HTTP 500 errors. +**Learning:** Exposing raw exceptions (`str(e)`) in API responses is an information leakage risk because it can reveal sensitive system details, internal paths, configurations, or downstream dependencies (e.g., Mistral client errors) to external users. The application needs to securely log the internal stack trace without exposing it. +**Prevention:** Always log exceptions server-side using the `logging` module (`logging.error()`) and raise an `HTTPException` with a generic `detail` message (e.g., "An internal server error occurred.") to avoid leaking implementation details. diff --git a/agents/mistral_agent/agent.py b/agents/mistral_agent/agent.py index e09878d..961b522 100644 --- a/agents/mistral_agent/agent.py +++ b/agents/mistral_agent/agent.py @@ -8,6 +8,7 @@ """ import json +import logging import os import uuid from datetime import UTC, datetime @@ -318,7 +319,8 @@ async def gap_analysis(req: GapAnalysisRequest, db: AsyncSession = Depends(get_d "model": MISTRAL_MODEL, } except Exception as e: - raise HTTPException(status_code=500, detail=str(e)) + logging.error(f"Error in /gap-analysis: {e}") + raise HTTPException(status_code=500, detail="An internal server error occurred") @router.post("/code-review", summary="DevSecOps code security analysis with Codestral") @@ -333,7 +335,8 @@ async def code_review(req: CodeReviewRequest, db: AsyncSession = Depends(get_db) ) return {"analysis": result, "model": MISTRAL_CODE_MODEL} except Exception as e: - raise HTTPException(status_code=500, detail=str(e)) + logging.error(f"Error in /code-review: {e}") + raise HTTPException(status_code=500, detail="An internal server error occurred") @router.post("/ask", summary="Ask a CMMC/ZT compliance question") @@ -343,4 +346,5 @@ async def ask_question(req: QuestionRequest): answer = await agent.answer_compliance_question(req.question, req.context) return {"question": req.question, "answer": answer, "model": MISTRAL_MODEL} except Exception as e: - raise HTTPException(status_code=500, detail=str(e)) + logging.error(f"Error in /ask: {e}") + raise HTTPException(status_code=500, detail="An internal server error occurred")