RAG Exposure Assessment

Preliminary risk evaluation for enterprise RAG systems

This is not a demo.

This is not a vulnerability scan.

This is not a technical test.

This assessment determines whether your RAG system is exposed to retrieval poisoning attacks that:

Estimated time: 3 minutes

> PHASE_1: CONTEXT_CHECK

1. Do you operate a production RAG system?

Yes, serving internal users Yes, serving external customers Pilot / PoC phase No (planning only)

2. Who can insert documents into your retrieval corpus?

Automated pipelines only Internal teams External partners / third parties Unknown / mixed sources

3. Is document ingestion audited or cryptographically signed?

Yes (cryptographic signatures) Partially (logs only) No Don't know

> PHASE_2: RISK_BLIND_SPOTS

4. Can your system detect semantically consistent but factually false documents?

Yes, we have detection mechanisms No Not sure

5. If 5 coordinated documents reinforce the same false policy, what happens?

System detects coordinated insertion System retrieves them normally Unknown

6. Do you monitor semantic drift in your vector space over time?

Yes, actively monitored No What is semantic drift?

> PHASE_3: ADVERSARIAL_AWARENESS

7. Assume an attacker knows your embedding model but not detection thresholds. Are you protected?

Yes, we have countermeasures Partially protected No countermeasures

8. Have you tested poisoning scenarios post-deployment?

Yes (red team / adversarial testing) Informal testing only Never tested