Knowledge File Vulnerabilities & Data Protection
What Are Knowledge File Risks?
These risks arise from sensitive information stored in files that unauthorized users may access.
Personally Identifiable Information (PII)
Sensitive data includes:
Names, addresses, phone numbers Social security, passport, driver’s license Home address, IP address Bank account and credit card numbers Date of birth Biometric data (fingerprints, facial recognition) Medical records and health information
3 Types of Knowledge Leakage
1. API Data Leak
Occurs when your agent sends knowledge file data to third-party providers.
Examples of providers:
OpenAI Anthropic Google
Risk Factors:
Direct use of LLM providers Free-tier services (often use data for training) Different legal jurisdictions Weak data retention guarantees
Why It’s Risky
All data passed to external providers is subject to their policies. It may be:
Logged Stored Used for training
Prevention:
Avoid storing sensitive data in knowledge files Use business-tier LLM providers with retention guarantees
2. Accidental Data Exposure
High Risk When:
Knowledge files contain PII Instructions don’t restrict data sharing No authentication or access control is implemented
3. Memory Injection
What It Is
Attackers insert malicious instructions into knowledge files that the agent treats as legitimate.
High Risk When:
Files are stored in shared locations Multiple editors have access Changes are not tracked Files include examples of agent reasoning/actions
Prevention:
Restrict file access Implement content review processes Use read-only file formats