Stardew-Sage

Critical security vulnerabilities detected: - **SQL Injection**: The `DatabaseMapper` directly injects `tableName` into SQL queries (e.g., `SELECT * FROM ${tableName}`) in `getTableInfo` and `getSampleData` methods, which are exposed via `RagLoadController`. While `getTableInfo` performs a whitelist check, `getSampleData` called by `getRAGDataInfo` does not, creating a severe SQL injection risk. This allows arbitrary table data access or potential database manipulation. - **Hardcoded Sensitive Credentials**: AI API keys (`spring.ai.openai.api-key`), Redis credentials (`spring.data.redis.password`, `host`), MySQL database credentials (`spring.datasource.password`, `username`, `url`), and even Druid monitoring credentials (`login-password`) are hardcoded directly in `application.yml` and `application-druid.yml` within the source code. This is a major security flaw, exposing sensitive access tokens and database access information. - **Wide-Open CORS Policy**: The `CorsConfig` allows `*` for `allowedOrigins`, `allowedMethods`, and `allowedHeaders`, making the API vulnerable to cross-origin attacks in a production environment. - **Hardcoded RSA Keys**: `jsencrypt.js` in the frontend hardcodes public and private RSA keys, which could be a risk if used for sensitive server-side operations or if client-side code is easily tampered with to bypass protections. While likely used for client-side password encryption, it's generally best practice to avoid hardcoding keys.