rag-cag-security

Security patterns for RAG and CAG systems with multi-tenant isolation. Use when building retrieval-augmented or cache-augmented generation systems that require tenant isolation, access control, and secure data handling.

9 stars

Best use case

rag-cag-security is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Security patterns for RAG and CAG systems with multi-tenant isolation. Use when building retrieval-augmented or cache-augmented generation systems that require tenant isolation, access control, and secure data handling.

Teams using rag-cag-security should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/rag-cag-security/SKILL.md --create-dirs "https://raw.githubusercontent.com/jpoutrin/product-forge/main/plugins/rag-cag/skills/rag-cag-security/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/rag-cag-security/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How rag-cag-security Compares

Feature / Agentrag-cag-securityStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Security patterns for RAG and CAG systems with multi-tenant isolation. Use when building retrieval-augmented or cache-augmented generation systems that require tenant isolation, access control, and secure data handling.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# RAG/CAG Security Skill

This skill provides security patterns for RAG and CAG systems.

## Multi-Tenant Architecture

### Tenant Isolation Strategies

1. **Namespace Isolation** - Separate vector namespaces per tenant
2. **Metadata Filtering** - Filter by tenant_id at query time
3. **Separate Collections** - Isolated collections per tenant

```python
# Metadata filtering approach
results = vector_store.similarity_search(
    query,
    filter={"tenant_id": current_user.tenant_id}
)
```

## Access Control

### Document-Level Permissions
```python
@dataclass
class Document:
    id: str
    content: str
    tenant_id: str
    access_groups: list[str]
    classification: str  # public, internal, confidential

def can_access(user: User, doc: Document) -> bool:
    return (
        user.tenant_id == doc.tenant_id
        and any(g in doc.access_groups for g in user.groups)
        and user.clearance >= doc.classification
    )
```

## Prompt Injection Prevention

```python
def sanitize_retrieved_context(chunks: list[str]) -> str:
    """Sanitize retrieved chunks before including in prompt."""
    sanitized = []
    for chunk in chunks:
        # Remove potential instruction patterns
        cleaned = remove_instruction_patterns(chunk)
        # Escape special characters
        escaped = escape_prompt_chars(cleaned)
        sanitized.append(escaped)
    return "\n".join(sanitized)
```

## Data Classification

| Level | Description | Handling |
|-------|-------------|----------|
| Public | Open information | No restrictions |
| Internal | Company-only | Tenant isolation |
| Confidential | Sensitive | Encryption + audit |
| Restricted | Highly sensitive | Need-to-know basis |

## Security Checklist

- [ ] Tenant isolation implemented
- [ ] Document-level access control
- [ ] Retrieved content sanitized
- [ ] Audit logging enabled
- [ ] Data encryption at rest
- [ ] Secure API authentication

Related Skills

mcp-security

9
from jpoutrin/product-forge

Use when securing MCP servers, preventing prompt injection, implementing authorization, validating user input, or building secure multi-agent pipelines. Provides 5-layer defense architecture patterns.

zod

9
from jpoutrin/product-forge

Zod schema validation patterns and type inference. Auto-loads when validating schemas, parsing data, validating forms, checking types at runtime, or using z.object/z.string/z.infer in TypeScript.

typescript-import-style

9
from jpoutrin/product-forge

Merge-friendly import formatting (one-per-line, alphabetical). Auto-loads when writing TypeScript/JavaScript imports to minimize merge conflicts in parallel development. Enforces consistent grouping and sorting.

setup-mcp-auth

9
from jpoutrin/product-forge

Configure authentication for an existing FastMCP server

fastmcp

9
from jpoutrin/product-forge

FastMCP TypeScript framework patterns for MCP servers. Auto-loads when building MCP servers, creating tools/resources/prompts, implementing authentication, configuring transports, or working with FastMCP in TypeScript.

add-mcp-tool

9
from jpoutrin/product-forge

Add a new tool to an existing FastMCP server with guided configuration

add-mcp-resource

9
from jpoutrin/product-forge

Add a new resource or resource template to an existing FastMCP server

plan-with-team

9
from jpoutrin/product-forge

Validate plan file ownership

privacy-compliance

9
from jpoutrin/product-forge

GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.

oauth

9
from jpoutrin/product-forge

OAuth 2.0 and OpenID Connect implementation patterns. Use when implementing authentication, authorization flows, or integrating with OAuth providers like Google, GitHub, or custom identity providers.

chunking-strategies

9
from jpoutrin/product-forge

Document chunking strategies for RAG systems. Use when implementing document processing pipelines to determine optimal chunking approaches based on document type and retrieval requirements.

review-django-commands

9
from jpoutrin/product-forge

Review Django management commands for proper structure and refactor if needed