Skip to content

🛡️ Sentinel: Fix potential DoS and sanitize error messages#66

Merged
amrabed merged 2 commits into
mainfrom
sentinel-security-fixes-and-enhancements-10589248670957421433
Jun 7, 2026
Merged

🛡️ Sentinel: Fix potential DoS and sanitize error messages#66
amrabed merged 2 commits into
mainfrom
sentinel-security-fixes-and-enhancements-10589248670957421433

Conversation

@google-labs-jules

@google-labs-jules google-labs-jules Bot commented Jun 7, 2026

Copy link
Copy Markdown
Contributor

🛡️ Sentinel has completed a security review and implemented critical fixes and enhancements to protect the codebase from information leakage and potential Denial of Service (DoS) scenarios.

🚨 Severity: HIGH (DoS) / MEDIUM (Information Leakage)

💡 Vulnerabilities & Fixes:

  1. Information Leakage via Exception Chaining (GraphQL):

    • Vulnerability: Using raise ... from error in GraphQL resolvers exposed internal tracebacks via the __cause__ attribute.
    • Fix: Switched to raise ... from None to suppress the exception chain while still logging full details internally.

  2. Information Leakage to LLM (Bedrock Agent):

    • Vulnerability: Raw exceptions in agent tools could be passed to the LLM and subsequently to the user.
    • Fix: Added explicit try-except blocks to tools, returning sanitized error messages.

  3. Stream Processing "Poison Pill" (DynamoDB Stream):

    • Vulnerability: Passing a dictionary instead of a string to delete_item caused a crash. In stream processing, failing on the same record repeatedly can block data synchronization (DoS).
    • Fix: Correctly extracted the string id from the model before deletion.

✅ Verification:

  • Updated tests/graphql/test_handler.py to assert __cause__ is None.
  • Added test_error_handling_sanitization to tests/agent/test_handler.py.
  • Updated tests/stream/test_handler.py to match the corrected API call.
  • Ran full test suite: 66 passed.

PR created automatically by Jules for task 10589248670957421433 started by @amrabed

@google-labs-jules
🛡️ Sentinel: Fix potential DoS and sanitize error messages
86b86ed 
This commit addresses several security-related issues and improvements across the template handlers:

1.  **Information Leakage Prevention**: Updated GraphQL and Bedrock Agent handlers to sanitize error responses and suppress exception chaining (`raise ... from None`). This prevents internal implementation details and tracebacks from leaking to end-users or LLMs.
2.  **Denial of Service (DoS) Fix**: Resolved a "poison pill" bug in the DynamoDB Stream handler where incorrect argument types passed to `repository.delete_item` during `REMOVE` events would cause repeated failures, potentially blocking the stream.
3.  **Enhanced Error Handling**: Added `try-except` blocks to Bedrock Agent tools to ensure failures are handled gracefully and securely.
4.  **Verification**: Updated unit tests in `tests/graphql/test_handler.py` and `tests/agent/test_handler.py` to verify sanitization and ensure no internal details are exposed.

All 66 tests pass. 🛡️
@google-labs-jules

google-labs-jules Bot commented Jun 7, 2026

Copy link
Copy Markdown
Contributor Author

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

For security, I will only act on instructions from the user who triggered this task.

amrabed
amrabed reviewed Jun 7, 2026
View reviewed changes
Comment thread templates/agent/handler.py Outdated
@google-labs-jules
🛡️ Sentinel: Fix potential DoS and sanitize error messages (Address P…
f2d7d2b 
…R feedback)

- Address PR feedback in Bedrock Agent handler: use a more concise `create_item` implementation.
- Sanitize error messages in GraphQL and Bedrock Agent handlers.
- Suppress exception chaining with `raise ... from None`.
- Fix argument type in DynamoDB Stream `delete_item` call.
- Update tests to verify sanitization.
@amrabed amrabed marked this pull request as ready for review June 7, 2026 10:14
@amrabed amrabed merged commit f503202 into main Jun 7, 2026
1 check passed
@amrabed amrabed deleted the sentinel-security-fixes-and-enhancements-10589248670957421433 branch June 7, 2026 10:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amrabed amrabed amrabed approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@amrabed