New Cheat Sheet: RAG Security

[razashariff]

Addresses #2126.

Thanks @mackowski for approving and assigning this one — here it is.

RAG is now standard architecture for enterprise AI but introduces a unique attack surface distinct from both traditional web vulnerabilities and standalone LLM risks. This covers the topic practically with a first-approach focus that I hope will help our community immensely.

14 sections covering the complete pipeline from document ingestion through to output validation:

1. Document Poisoning and Integrity
2. Embedding Security
3. Context Window Protection
4. Access Control Inheritance
5. Source Attribution and Verification
6. Chunk Isolation and Multi-Tenancy
7. Vector Index Integrity
8. Query Security
9. Output Validation
10. Tool and Agent Integration Safety
11. Response Caching Security
12. Pipeline Observability
13. Supply Chain and Connector Security
14. Fail-Closed Design

Each section has practical Do/Don't guidance. Happy to iterate on feedback.

I have also built DVRAG (Damn Vulnerable RAG Pipeline) as a companion training tool — a deliberately insecure RAG system with 25 vulnerabilities mapped to each section of this cheat sheet. Practitioners can use it to understand and test each attack vector hands-on. Happy to share details if useful for the community.

Thanks again — Raza Sharif :)

[razashariff]

Hi @mackowski -- just checking if this is ready for review or if there's anything you'd like changed before looking at it. Happy to adjust. Thanks

[mackowski]

@razashariff it is ready for review but we need some time to review it ;)

[razashariff]

Thanks @mackowski. Just wanted to make sure nothing was blocking on my side. The Secure Coding with AI one (#2132) was also revised based on Jim's feedback. Cheers, Raza