Class: Rails::Guarddog::Checkers::AiInjectionChecker

Inherits:

BaseChecker

• Object
• BaseChecker
• Rails::Guarddog::Checkers::AiInjectionChecker

Defined in:

lib/rails/guarddog/checkers/ai_injection_checker.rb

Constant Summary

AI_GEMS =

%w[ruby-openai anthropic langchainrb openai]

Instance Attribute Summary

Attributes inherited from BaseChecker

#findings

Instance Method Summary

• #run ⇒ Object

Methods inherited from BaseChecker

#initialize

Constructor Details

This class inherits a constructor from Rails::Guarddog::Checkers::BaseChecker

Instance Method Details

#run ⇒ Object

# File 'lib/rails/guarddog/checkers/ai_injection_checker.rb', line 7

def run
  glob_files('app/**/*.rb').each do |file|
    content = File.read(file)
    content.each_line.with_index do |line, idx|
      # Check for AI gem calls with user input
      if line.match?(/\.create.*messages/) || line.match?(/\.chat\.completions/)
        if line.include?('params') || line.include?('user_input')
          add_finding(
            severity: :critical,
            message: "AI prompt injection risk: user input passed to LLM without sanitization",
            file: file,
            line: idx + 1,
            snippet: line.strip,
            remediation: "Sanitize user input before passing to LLM; use system prompts safely"
          )
        end
      end
    end
  end
  findings
end