Disagreement · d9ae4fa5-anthropic-9

deterministicSelect can include secret-bearing message content in a hash that is not security-sensitive but leaks length-based stability

solo Opus

repo 56f59a0d·PR #3·reviewed 4 days ago

Opus finding

deterministicSelect can include secret-bearing message content in a hash that is not security-sensitive but leaks length-based stability

lowmaintainabilitymedium

src/providers/orchestrator.ts:109-118

Joining role:content with '|' is ambiguous if a message contains '|' or if a role string contains ':' — different message arrays could collide in payload. Not a security issue (sha256 still ok) but the determinism guarantee is weaker than it appears: e.g. messages [{role:'user', content:'a|user:b'}] vs [{role:'user', content:'a'},{role:'user', content:'b'}] hash to the same payload. For a 'deterministic' router this is a subtle correctness issue if callers depend on per-message identity.

Recommendation

Use JSON.stringify(messages) or a length-prefixed encoding so collisions are impossible.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗