You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
policyengine-api-v2-alpha exposes public, compute-heavy endpoints without authentication or rate limiting.
Severity
High
Impact
Unauthenticated callers can create database rows and trigger expensive Modal jobs or LLM-backed runs on demand. This is a direct cost-exhaustion and abuse surface.
Summary
policyengine-api-v2-alphaexposes public, compute-heavy endpoints without authentication or rate limiting.Severity
High
Impact
Unauthenticated callers can create database rows and trigger expensive Modal jobs or LLM-backed runs on demand. This is a direct cost-exhaustion and abuse surface.
Affected code
src/policyengine_api/main.py:61-88src/policyengine_api/api/analysis.py:563-618src/policyengine_api/api/household.py:828-1095src/policyengine_api/api/outputs.py:85-137src/policyengine_api/api/change_aggregates.py:86-144src/policyengine_api/api/agent.py:105-230src/policyengine_api/agent_sandbox.py:424-446,515-541Details
The app mounts routers with no auth middleware, and endpoints such as:
POST /analysis/economic-impactPOST /household/calculatePOST /household/impactPOST /outputsPOST /change-aggregatesPOST /agent/runcreate rows and/or trigger background compute.
agent_sandbox.pyshows the agent path reaching Anthropic-backed execution with Modal secrets attached.Expected behavior
These endpoints should require authenticated callers and should have abuse controls.
Suggested remediation