Vector DB expansion (Milvus + pgvector) — task checklist¶
Source: HANDOFF-aipostex-v020-expansion.md (repository root), Task 1.
Use this as a verification and completion list. Much of this is already implemented in-tree; unchecked items are optional follow-ups or manual validation.
Code map: pkg/exploit/vectordb/ · cmd/aipostex/vectordb.go · cmd/aipostex/vectordb_test.go · pkg/fingerprint/fingerprint.go (Milvus probe) · internal/config/config.go (ports 19530, 5432) · docs/modules/vectordb.md
1a. Milvus provider (pkg/exploit/vectordb/)¶
- Implement REST client (collections list, describe, query/search, sensitive scan) — see milvus.go
-
NewProviderClient/Providerregistration for--type milvus— providers.go - Unit tests with
httptest— milvus_test.go - Manual / lab: run
vectordb enum|extract|search-sensitiveagainst a real Milvus 2.4+ instance; capture findings JSON for regression fixtures if useful
1b. pgvector provider¶
-
pgx/v5client, table/column introspection, vector column detection — pgvector.go - CLI flags
--db-user,--db-password,--db-name,--db-sslmode(see vectordb.go) - Validation: pgvector flags only when type is pgvector (confirm in CLI init /
newVDBClient) - Tests: extend integration-style coverage if CI can run ephemeral Postgres (optional build tag); otherwise document lab-only validation
1c. Subcommand: inject (gated)¶
- Shared inject helpers per provider — inject.go
-
--collection,--payload,--metadata,--count;requireForceExploitat CLI - Findings: High / exploited proof metadata (verify in
runVDBInjectpaths) - CLI tests: vectordb_test.go covers gate +
--collection; add Milvus/pgvector-specific httptest or mock success paths if gaps appear in review
1d. Subcommand: metadata-inject (gated)¶
- Flags
--key,--payload; force-exploit gate — see vectordb.go - Per-provider retrieve-and-verify behavior (code review inject.go / provider methods)
- CLI tests for
--force-exploitrequirement — vectordb_test.go
1e. Fingerprint + default ports¶
- Milvus HTTP probes in fingerprint.go
- Default scan list includes
19530and5432in internal/config/config.go -
scan_networktag mapping includesmilvus— scan_network.go
1f. Vulnerability templates¶
-
milvus-detect-001-unauth-access.yamlunder pkg/vulncheck/templates/vectordb/ - Optional (handoff): pgvector has no HTTP surface — either skip vulncheck template or add a narrow template for a known HTTP admin (pgAdmin, etc.) with clear false-positive controls
1g. Tests (summary)¶
-
pkg/exploit/vectordb/milvus_test.go -
pkg/exploit/vectordb/providers_test.go(provider factory) -
cmd/aipostex/vectordb_test.go(gates, required flags) -
main_testregistersvectordb— main_test.go - Add
pgvector_test.gowith docker-less mocks where feasible, or document “lab only”
1h. Documentation¶
- docs/modules/vectordb.md — providers table, flags, inject/metadata-inject, examples
Sign-off¶
When all manual / lab and optional rows you care about are done, mark HANDOFF Task 1 complete in your release notes and move embedding-poisoning roadmap items (v0.8.0) that depend on stable inject behavior.