hjess/fil
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f0300b586b0d14f38d1bda185e9ab621ff7b1abf
fil/.ai-rulez/domains/document-extraction/rules/extraction-safety.md
Henrik Jess Nielsen b4c07d3693
All checks were successful
Deploy fil (kreuzberg) / deploy (push) Successful in 49s
Details
Nomad changes
2026-06-01 23:40:55 +02:00

620 B
Raw Blame History

priority
priority
critical
  • Always use SecurityLimits to cap archive size, compression ratio, file count, and nesting depth for user content. Use ZipBombValidator for archive extraction.
  • Validate MIME type before extraction — never trust file extensions alone
  • Implement fallback chains: if primary extractor fails, try next-priority extractor
  • Preserve partial results on failure — return what was extracted with error context
  • All errors must include: operation name, input description, root cause, and suggestion
  • Never expose internal file paths or system details in error messages returned to users
Reference in New Issue View Git Blame Copy Permalink