Context
The RAG MCP server search_knowledge tool accepts a limit parameter passed directly to Qdrant. A large limit value could cause excessive memory usage or slow responses.
Required Change
Add a maximum cap to the limit parameter:
const maxSearchLimit = 20
if limit > maxSearchLimit {
limit = maxSearchLimit
}Apply in both:
cmd/rag-mcp/main.go (MCP server search tool)internal/rag/qdrant.go (Qdrant client Search method)
Security Context
Identified during security audit of the RAG feature (MED-3). Prevents abuse via excessively large search requests.
Acceptance Criteria
Context
The RAG MCP server search_knowledge tool accepts a limit parameter passed directly to Qdrant. A large limit value could cause excessive memory usage or slow responses.
Required Change
Add a maximum cap to the limit parameter:
Apply in both:
cmd/rag-mcp/main.go(MCP server search tool)internal/rag/qdrant.go(Qdrant client Search method)Security Context
Identified during security audit of the RAG feature (MED-3). Prevents abuse via excessively large search requests.
Acceptance Criteria