Felipe Cardoso
|
4f8ae2624c
|
security(memory): escape SQL ILIKE patterns to prevent injection
- Add _escape_like_pattern() helper to escape SQL wildcards (%, _, \)
- Apply escaping in SemanticMemory.search_facts and get_by_entity
- Apply escaping in ProceduralMemory.search and find_best_for_task
Prevents attackers from injecting SQL wildcard patterns through
user-controlled search terms.
|
2026-01-05 17:39:47 +01:00 |
|