Skip to content

Vector DB expansion (Milvus + pgvector) — task checklist

Source: HANDOFF-aipostex-v020-expansion.md (repository root), Task 1.
Use this as a verification and completion list. Much of this is already implemented in-tree; unchecked items are optional follow-ups or manual validation.

Code map: pkg/exploit/vectordb/ · cmd/aipostex/vectordb.go · cmd/aipostex/vectordb_test.go · pkg/fingerprint/fingerprint.go (Milvus probe) · internal/config/config.go (ports 19530, 5432) · docs/modules/vectordb.md


1a. Milvus provider (pkg/exploit/vectordb/)

  • Implement REST client (collections list, describe, query/search, sensitive scan) — see milvus.go
  • NewProviderClient / Provider registration for --type milvusproviders.go
  • Unit tests with httptestmilvus_test.go
  • Manual / lab: run vectordb enum|extract|search-sensitive against a real Milvus 2.4+ instance; capture findings JSON for regression fixtures if useful

1b. pgvector provider

  • pgx/v5 client, table/column introspection, vector column detection — pgvector.go
  • CLI flags --db-user, --db-password, --db-name, --db-sslmode (see vectordb.go)
  • Validation: pgvector flags only when type is pgvector (confirm in CLI init / newVDBClient)
  • Tests: extend integration-style coverage if CI can run ephemeral Postgres (optional build tag); otherwise document lab-only validation

1c. Subcommand: inject (gated)

  • Shared inject helpers per provider — inject.go
  • --collection, --payload, --metadata, --count; requireForceExploit at CLI
  • Findings: High / exploited proof metadata (verify in runVDBInject paths)
  • CLI tests: vectordb_test.go covers gate + --collection; add Milvus/pgvector-specific httptest or mock success paths if gaps appear in review

1d. Subcommand: metadata-inject (gated)

  • Flags --key, --payload; force-exploit gate — see vectordb.go
  • Per-provider retrieve-and-verify behavior (code review inject.go / provider methods)
  • CLI tests for --force-exploit requirement — vectordb_test.go

1e. Fingerprint + default ports


1f. Vulnerability templates

  • milvus-detect-001-unauth-access.yaml under pkg/vulncheck/templates/vectordb/
  • Optional (handoff): pgvector has no HTTP surface — either skip vulncheck template or add a narrow template for a known HTTP admin (pgAdmin, etc.) with clear false-positive controls

1g. Tests (summary)

  • pkg/exploit/vectordb/milvus_test.go
  • pkg/exploit/vectordb/providers_test.go (provider factory)
  • cmd/aipostex/vectordb_test.go (gates, required flags)
  • main_test registers vectordbmain_test.go
  • Add pgvector_test.go with docker-less mocks where feasible, or document “lab only”

1h. Documentation


Sign-off

When all manual / lab and optional rows you care about are done, mark HANDOFF Task 1 complete in your release notes and move embedding-poisoning roadmap items (v0.8.0) that depend on stable inject behavior.