Description
going through the project-tutor route i noticed it checks auth but has zero rate limiting on the groq call, unlike other AI endpoints in the repo.
The Problem
src/app/api/project-tutor/route.ts:57-59 only does getServerSession and 401s if missing. no upstash / memory limiter, no cache check, no daily cap. every POST triggers callGroq(prompt) at line 7-28 which hits https://api.groq.com/openai/v1/chat/completions with max_tokens: 1024.
concrete abuse: any logged-in devtrack user can loop POSTs with different repoUrl values and pump thousands of groq requests. action=analyze, action=questions, and action=chat each call groq. the repoUrl also has no length cap on line 62, so long junk URLs still pass through the regex on line 66 as long as they contain github.com/x/y.
compare to /api/ai-insights (src/app/api/ai-insights/route.ts:18-26, 119-145) and /api/personality (src/app/api/personality/route.ts:20-29, 138-164) which both use upstashRateLimitFixedWindow with a memory fallback and cache results in ai_insights.
Proposed Fix
- add the same upstash fixed-window limiter used in ai-insights, keyed as
project-tutor:${user.id}, something like 10 requests / hour
- cap
repoUrl length (200 chars) before regex matching
- cap
question length for the chat action (say 500 chars) so the prompt cannot be inflated
- optionally cache
analyze and questions results per owner/repo for a few hours since repo metadata rarely changes
I would like to work on this under GSSoC 26. please assign!
for labels i think gssoc + level2 + type:security fits here.
Description
going through the project-tutor route i noticed it checks auth but has zero rate limiting on the groq call, unlike other AI endpoints in the repo.
The Problem
src/app/api/project-tutor/route.ts:57-59 only does
getServerSessionand 401s if missing. no upstash / memory limiter, no cache check, no daily cap. every POST triggerscallGroq(prompt)at line 7-28 which hitshttps://api.groq.com/openai/v1/chat/completionswithmax_tokens: 1024.concrete abuse: any logged-in devtrack user can loop POSTs with different
repoUrlvalues and pump thousands of groq requests.action=analyze,action=questions, andaction=chateach call groq. therepoUrlalso has no length cap on line 62, so long junk URLs still pass through the regex on line 66 as long as they containgithub.com/x/y.compare to /api/ai-insights (src/app/api/ai-insights/route.ts:18-26, 119-145) and /api/personality (src/app/api/personality/route.ts:20-29, 138-164) which both use
upstashRateLimitFixedWindowwith a memory fallback and cache results inai_insights.Proposed Fix
project-tutor:${user.id}, something like 10 requests / hourrepoUrllength (200 chars) before regex matchingquestionlength for the chat action (say 500 chars) so the prompt cannot be inflatedanalyzeandquestionsresults per owner/repo for a few hours since repo metadata rarely changesI would like to work on this under GSSoC 26. please assign!
for labels i think gssoc + level2 + type:security fits here.