Add Bandit configuration file and implement poisoned document creation in RAG poisoning attack

Author: davida-ps

.bandit

@@ -0,0 +1,10 @@
+# Bandit configuration file
+# Exclude directories that should not be scanned
+exclude_dirs:
+  - './.venv'
+  - './.git'
+  - './build'
+  - './dist'
+  - './prompt_security_fuzzer.egg-info'
+  - './.env'
+  - './tests'  # Exclude test files - pytest uses assertions which trigger B101 warnings

ps_fuzz/attacks/rag_poisoning.py

@@ -251,6 +251,7 @@ def _setup_poisoned_vector_database(self):
             self.vectorstore.add_documents(benign_docs)
 
         # Add poisoned document
+        poisoned_doc = self._create_poisoned_document()
         with _suppress_loggers(suppress_names):
             self.vectorstore.add_documents([poisoned_doc])