Skip to main content
The Scoring Gate adds semantic security analysis that detects attack patterns beyond what static AST validation can catch. It analyzes code intent and behavior patterns to identify potential threats.

What It Detects

  • Data exfiltration - List followed by send, or query followed by export sequences
  • Excessive access - High limits, wildcard queries
  • Fan-out attacks - Tool calls inside loops
  • Sensitive data access - Passwords, tokens, PII fields

Basic Configuration

Scorer Types

Rule-Based Scorer

Fast, zero-dependency scoring using predefined rules:

External API Scorer

Best detection using an external scoring service:

Local LLM Scorer

Balance between speed and detection using a local model:

Similarity Mode with VectoriaDB

For pattern-matching against known malicious code patterns, use similarity mode with VectoriaDB:
VectoriaDB Configuration Options:
Similarity mode requires the optional vectoriadb peer dependency:
Similarity mode can operate without the Hugging Face transformers pipeline - it will use VectoriaDB for similarity search and fall back to heuristics when needed.

Detection Rules

The rule-based scorer evaluates these patterns: Scores are additive - a script triggering multiple rules accumulates points.

Thresholds

Configure how scores translate to actions:

Custom Analyzer

Add custom analysis logic:

Feature Extraction

The scorer extracts these features for analysis:
  • Tool names - All callTool() targets
  • Arguments - Numeric values, field names, patterns
  • Control flow - Loops containing tool calls
  • Data flow - Variables passed between tool calls
  • Sequences - Order of operations

Handling Scoring Results

Logging and Monitoring

Best Practices

  1. Start with warnings - Use warnThreshold to monitor before blocking
  2. Tune thresholds - Adjust based on your false positive rate
  3. Use fail-open cautiously - Only in non-critical paths
  4. Monitor signals - Track which rules trigger most often
  5. Layer with other defenses - Scoring complements AST validation

Breaking Changes

v2.x: VectoriaConfigForScoring API Changes

Removed: indexPath option The indexPath option has been removed from VectoriaConfigForScoring. This option was intended to load pre-built malicious pattern indexes, but VectoriaDB v2.x handles persistence differently using storage adapters. Migration:
If you were using indexPath to load pre-built indexes, you’ll need to handle persistence externally using VectoriaDB’s storage adapter APIs (saveToStorage(), MemoryStorageAdapter, FileStorageAdapter, or RedisStorageAdapter). New options in v2.x:
  • topK - Control how many similar patterns to consider (default: 5)
  • modelName - Override the embedding model (defaults to localLlm.modelId)